When installing certbot on Ubuntu (20.04) it will automatically run certbot renew via cron or systemd.
If I place hook scripts in /etc/letsencrypt/renewal-hooks/(deploy|post|pre) will certbot also run these, or do I need to add '--deploy-hook' to the certbot command in cron|systemd?
The answer to OP's question is yes. Any scripts in the /etc/letsencrypt/renewal-hooks/{deploy,post,pre} will automatically be run.
However, I don't know if the behaviour of certbot has changed since the original answer but --dry-run will not run hooks.
If you check the logs of a dry-run though it will let you know which scripts would have been executed.
2023-05-20 19:27:23,171:DEBUG:certbot._internal.renewal:Dry run: skipping updating lineage at /etc/letsencrypt/live/my.domain.co.uk
2023-05-20 19:27:23,171:INFO:certbot._internal.hooks:Dry run: skipping deploy hook command: /etc/letsencrypt/renewal-hooks/deploy/generate-pkcs12.sh
Cerbot will run scripts from renewal-hooks. --deploy-hook is not required.
Don't forget to set chmod +x for scripts.
If you run
sudo certbot renew --dry-run
certbot executes the hooks too.
