Cron job for automatic renewal of SSL certificate: 0 0 1 */1 * certbot renew --renew-hook "systemctl reload nginx". We will see if it works in the coming months.
I found Caddy server more reliable than me at renewing certificates since it is checking it at each request !
I actually thought about switching my web server from nginx to Caddy a couple of times already. Was too afraid of the complications for now though.