diff --git a/roles/mastodon-nginx/files/letsencrypt-renew.sh b/roles/mastodon-nginx/files/letsencrypt-renew.sh
new file mode 100644
index 0000000..a5a0079
--- /dev/null
+++ b/roles/mastodon-nginx/files/letsencrypt-renew.sh
@@ -0,0 +1,4 @@
+#!/usr/bin/env bash
+service nginx stop
+letsencrypt renew
+service nginx start
diff --git a/roles/mastodon-nginx/tasks/main.yml b/roles/mastodon-nginx/tasks/main.yml
index 23cbcef..e28cf73 100644
--- a/roles/mastodon-nginx/tasks/main.yml
+++ b/roles/mastodon-nginx/tasks/main.yml
@@ -26,3 +26,8 @@
     state: link
 - name: Start nginx
   service: name=nginx state=started
+- name: Copy and enable Let's Encrypt renew script
+  copy:
+    src: letsencrypt-renew.sh
+    dest: /etc/cron.daily/letsencryt-renew.sh
+    mode: 0700