Make SSL renewal time configurable and nginx-proxy reload time adequate

The matrix-nginx-proxy was reloaded on the 3rd day of the month (`15 4 3 * *`),
which makes no sense - it's too infrequently.

It's in line with the renewal time now (+5 minutes).

roles/matrix-server/defaults/main.yml

@@ -73,6 +73,9 @@ matrix_riot_web_enabled: true
 # and take care of proxying by yourself.
 matrix_nginx_proxy_enabled: true
 
+# Specifies when to attempt to retrieve new SSL certificates from Let's Encrypt.
+matrix_ssl_renew_cron_time_definition: "15 4 */5 * *"
+
 # Specifies when to reload the matrix-nginx-proxy service so that
-# a new SSL certificate could go into effect (UTC time).
-matrix_nginx_proxy_reload_cron_time_definition: "15 4 3 * *"
+# a new SSL certificate could go into effect.
+matrix_nginx_proxy_reload_cron_time_definition: "20 4 */5 * *"

roles/matrix-server/templates/cron.d/matrix-ssl-certificate-renewal.j2

@@ -21,4 +21,4 @@ MAILTO="{{ matrix_ssl_support_email }}"
 # When a custom proxy server (not matrix-nginx-proxy provided by this playbook),
 # you'd need to make sure you alias these files correctly or SSL renewal would not work.
 
-15 4 */5 * * root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug
+{{ matrix_ssl_renew_cron_time_definition }} root /usr/bin/docker run --rm --net=host -v {{ matrix_ssl_certs_path }}:/certs -v {{ matrix_ssl_certs_path }}/run:/var/run/acme -e ACME_EMAIL={{ matrix_ssl_support_email }} willwill/acme-docker acmetool --batch reconcile # --xlog.severity=debug