Remove the role that installed the old letsencrypt client.

letsencrypt-client/defaults/main.yml

@@ -1,33 +0,0 @@
----
-letsencrypt_install: False
-letsencrypt_git_repo: 'https://github.com/letsencrypt/letsencrypt'
-letsencrypt_dest_dir: /opt
-letsencrypt_update_repo: True
-letsencrypt_prerequisites:
-  - git
-  - bc
-
-letsencrypt_auto: '{{ letsencrypt_dest_dir }}/letsencrypt/letsencrypt-auto'
-letsencrypt_install_path: /root/.local/share/letsencrypt
-letsencrypt_config_dir: /etc/letsencrypt
-letsencrypt_certs_dir: '{{ letsencrypt_config_dir }}/live/{{ ansible_fqdn }}'
-# In seconds. Default 7 days
-letsencrypt_renew_before: 604800
-letsencrypt_logdir: /var/log/letsencrypt
-# The various services maintainers need to put the reconfigure/restart scripts there
-letsencrypt_services_scripts_dir: /usr/local/lib/letsencrypt
-
-# cli.ini parameters
-letsencrypt_rsa_key_size: 4096
-letsencrypt_email: sysadmin@example.com  
-letsencrypt_authenticator: standalone
-letsencrypt_standalone_supp_challenges: 'http-01'
-letsencrypt_agree_tos: True
-letsencrypt_verbose: False
-letsencrypt_text_interface: True
-# The first on the list gives the name to the certs live directory.
-# If it is not the machine FQDN, change the letsencrypt_cert_dir definition.
-letsencrypt_domains: '{{ ansible_fqdn }} example.com example.org'
-letsencrypt_renew_by_default: True
-letsencrypt_standalone_port: 9999
-

letsencrypt-client/tasks/main.yml

@@ -1,50 +0,0 @@
----
-- name: Install the letsencrypt package dependencies
-  apt: name={{ item }} state=present
-  with_items: '{{ letsencrypt_prerequisites }}'
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: Get the letsencrypt client
-  git: repo={{ letsencrypt_git_repo }} dest={{ letsencrypt_dest_dir }}/letsencrypt update={{ letsencrypt_update_repo }}
-  with_items: '{{ letsencrypt_prerequisites }}'
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: letsencrypt initializaztion
-  command: '{{ letsencrypt_auto }}'
-  args:
-    creates: '{{ letsencrypt_install_path }}/bin/letsencrypt'
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: Create the letsencrypt config directory
-  file: dest={{ letsencrypt_config_dir }} state=directory owner=root group=root mode=0755
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: Create the letsencrypt services scripts directory
-  file: dest={{ letsencrypt_services_scripts_dir }} state=directory owner=root group=root mode=0755
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: Install the letsencrypt cli.ini file
-  template: src=cli.ini.j2 dest={{ letsencrypt_config_dir }}/cli.ini owner=root group=root mode=0640
-  when: letsencrypt_install
-  tags: letsencrypt
-  
-- name: Install a default file that shell scripts can include
-  template: src=letsencrypt-default.j2 dest=/etc/default/letsencrypt owner=root group=root mode=0644
-  when: letsencrypt_install
-  tags: letsencrypt
-  
-- name: Install the command that asks for the certificates and their renewal
-  template: src=letsencrypt-cert-request.sh.j2 dest=/usr/local/sbin/letsencrypt-cert-request owner=root group=root mode=0550
-  when: letsencrypt_install
-  tags: letsencrypt
-
-- name: Install a daily cron job to renew the certificates when needed
-  cron: name="Letsencrypt certificate renewal" special_time=daily job="/usr/local/sbin/letsencrypt-cert-request > {{ letsencrypt_logdir }}/letsencrypt-cert-cron.log 2>&1"
-  when: letsencrypt_install
-  tags: letsencrypt
-  

letsencrypt-client/templates/cli.ini.j2

@@ -1,10 +0,0 @@
-rsa-key-size = {{ letsencrypt_rsa_key_size }}
-email = {{ letsencrypt_email }}
-authenticator = {{ letsencrypt_authenticator }}
-standalone-supported-challenges = {{ letsencrypt_standalone_supp_challenges }}
-agree-tos = {{ letsencrypt_agree_tos }}
-{% if letsencrypt_verbose %}
-verbose = {{ letsencrypt_verbose }}
-{% endif %}
-text = {{ letsencrypt_text_interface }}
-renew-by-default = {{ letsencrypt_renew_by_default }}

letsencrypt-client/templates/letsencrypt-cert-request.sh.j2

@@ -1,45 +0,0 @@
-#!/bin/bash
-
-RENEW_BEFORE={{ letsencrypt_renew_before }}
-LETSENCRYPT_BIN={{ letsencrypt_auto }}
-LE_CERT_DIR={{ letsencrypt_certs_dir }}
-LE_SERVICES_SCRIPT_DIR={{ letsencrypt_services_scripts_dir }}
-LOG_DIR={{ letsencrypt_logdir }}
-VALIDITY_RETVAL=0
-DOMAINS="{{ letsencrypt_domains }}"
-CERT_DOMAINS_LIST=
-ACTION=certonly
-RETVAL=0
-
-# Check if the cert file exists. If not, it is a certificate request and not a renewal.
-if [ -f $LE_CERT_DIR/cert.pem ] ; then
-    VALIDITY_CHECK=$( openssl x509 -checkend $RENEW_BEFORE -noout -in $LE_CERT_DIR/cert.pem )
-    VALIDITY_RETVAL=$?
-    if [ $VALIDITY_RETVAL -eq 0 ] ; then
-        echo "The certificate is still valid" >> $LOG_DIR/letsencrypt_request.log
-        exit 0
-    else
-        ACTION=renew
-    fi
-fi
-
-if [ "$ACTION" === "certonly" ] ; then
-    for dom in $DOMAINS ; do
-        CERT_DOMAINS_LIST+=" -d $dom"
-    done
-fi
-
-# Ask for a new certificate. First request or renewal are the same. We only support the standalone method right now
-$LETSENCRYPT_BIN $ACTION $CERT_DOMAINS_LIST --http-01-port {{ letsencrypt_standalone_port }} --config /etc/letsencrypt/cli.ini >> $LOG_DIR/letsencrypt_request.log 2>&1
-RETVAL=$?
-
-# Run the reconfiguration scripts to make the involved services load the new certificate
-for f in $( /bin/ls -1 $LE_SERVICES_SCRIPT_DIR ) ; do
-    if [ -x $LE_SERVICES_SCRIPT_DIR/$f ] ; then
-        echo "Running $LE_SERVICES_SCRIPT_DIR/$f" >> $LOG_DIR/letsencrypt_request.log
-        $LE_SERVICES_SCRIPT_DIR/$f >> $LOG_DIR/letsencrypt_request.log 2>&1
-    fi
-done
-
-exit 0
-

letsencrypt-client/templates/letsencrypt-default.j2

@@ -1,8 +0,0 @@
-RSA_KEY_SIZE={{ letsencrypt_rsa_key_size }}
-LE_EMAIL={{ letsencrypt_email }}
-LE_AUTHENTICATOR={{ letsencrypt_authenticator }}
-LE_STANDALONE_SUPPORTED_CHALLENGES={{ letsencrypt_standalone_supp_challenges }}
-LE_SERVICES_SCRIPT_DIR={{ letsencrypt_services_scripts_dir }}
-LE_COMMAND={{ letsencrypt_auto }}
-LE_CERTS_DIR={{ letsencrypt_certs_dir }}
-LE_LOG_DIR={{ letsencrypt_logdir }}