diff --git a/lemur_cron.service b/lemur_cron.service
new file mode 100644
index 0000000..e271b23
--- /dev/null
+++ b/lemur_cron.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Lemur
+After=lemur.service
+
+[Service]
+Environment="LEMUR_CONF=/etc/lemur/lemur.conf.py"
+ExecStart=/usr/bin/lemur certificate reissue
+User=lemur
+Group=lemur
+
+[Install]
+WantedBy=basic.target
diff --git a/lemur_cron.timer b/lemur_cron.timer
new file mode 100644
index 0000000..8fd0a90
--- /dev/null
+++ b/lemur_cron.timer
@@ -0,0 +1,9 @@
+[Unit]
+Description=Crontab for Lemur
+
+[Timer]
+OnCalendar=daily
+Unit=lemur_cron.service
+
+[Install]
+WantedBy=timers.target
diff --git a/tmpl/lemur.conf.py b/tmpl/lemur.conf.py
index f1c8135..10a5583 100644
--- a/tmpl/lemur.conf.py
+++ b/tmpl/lemur.conf.py
@@ -26,6 +26,7 @@ LEMUR_ALLOWED_DOMAINS = []
 
 LEMUR_EMAIL = '%%lemur_admin_email'
 LEMUR_SECURITY_TEAM_EMAIL = []
+LEMUR_EMAIL_SENDER = 'smtp'
 
 # Certificate Defaults
 
diff --git a/tmpl/lemur.yml b/tmpl/lemur.yml
index 5c31460..4dec150 100644
--- a/tmpl/lemur.yml
+++ b/tmpl/lemur.yml
@@ -16,3 +16,7 @@ sqlscripts:
   - /usr/share/eole/db/lemur/gen/lemur.sql
 pwd_files:
   - {'file': '/etc/lemur/lemur.conf.py', 'pattern': "SQLALCHEMY_DATABASE_PASSWORD = '"}
+%set %%var = %%getVar('risotto_main_dbname', None)
+%if not %%is_empty(%%var)
+  - {'file': '/etc/risotto/risotto.conf', 'pattern': "LEMUR_DB_PASSWORD='"}
+%end if