Renewing Let's Encrypt certificates using a systemd timer