Well, setup a cron job using the Let’s Encrypt certbot utility.
I created a file on my CentOS 7 box in
16 3,15 * * * root /usr/bin/certbot renew --pre-hook "systemctl stop nginx" --post-hook "systemctl start nginx"
This will run a renewal check every day at 3AM and 3PM using the standalone method described in the certbot docs. This does mean nginx stops briefly twice a day, but that’s fine on my personal server!