Removed unnecessary logic for certbot standalone

README.md

@@ -51,15 +51,6 @@ A list of domains (and other data) for which certs should be generated. You can
 
 The `certbot_create_command` defines the command used to generate the cert.
 
-#### Standalone Certificate Generation
-
-    certbot_create_standalone_stop_services:
-      - nginx
-
-Services that should be stopped while `certbot` runs it's own standalone server on ports 80 and 443. If you're running Apache, set this to `apache2` (Ubuntu), or `httpd` (RHEL), or if you have Nginx on port 443 and something else on port 80 (e.g. Varnish, a Java app, or something else), add it to the list so it is stopped when the certificate is generated.
-
-These services will only be stopped the first time a new cert is generated.
-
 ### Source Installation from Git
 
 You can install Certbot from it's Git source repository if desired. This might be useful in several cases, but especially when older distributions don't have Certbot packages available (e.g. CentOS < 7, Ubuntu < 16.10 and Debian < 8).

defaults/main.yml

@@ -2,14 +2,14 @@
 # Certbot auto-renew cron job configuration (for certificate renewals).
 certbot_test: false
 certbot_auto_renew: true
-certbot_auto_renew_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
+certbot_auto_renew_user: root
 certbot_auto_renew_hour: "3"
 certbot_auto_renew_minute: "30"
 certbot_auto_renew_options: >-
   --quiet --no-self-upgrade --dns-route53 {%if certbot_test%}--test{%endif%}
 
 # Parameters used when creating new Certbot certs.
-certbot_create_if_missing: false
+certbot_create_if_missing: true
 certbot_create_method: certonly
 certbot_admin_email: email@example.com
 certbot_certs: []
@@ -24,11 +24,6 @@ certbot_create_command: >-
   --email {{ cert_item.email | default(certbot_admin_email) }} --dns-route53
   -d {{ cert_item.domains | join(",") }} {%if certbot_test%}--test{%endif%}
 
-certbot_create_standalone_stop_services:
-  - nginx
-  # - apache
-  # - varnish
-
 # To install from source (on older OSes or if you need a specific or newer
 # version of Certbot), set this variable to `yes` and configure other options.
 certbot_install_from_source: false

molecule/default/playbook-standalone-nginx-aws.yml

@@ -89,7 +89,6 @@
   vars:
     certbot_admin_email: https@servercheck.in
     certbot_create_if_missing: true
-    certbot_create_standalone_stop_services: []
     certbot_certs:
       - domains:
           - certbot-test.servercheck.in

tasks/create-cert-standalone.yml

@@ -4,20 +4,6 @@
     path: /etc/letsencrypt/live/{{ cert_item.domains | first | replace('*.', '') }}/cert.pem
   register: letsencrypt_cert
 
-- name: Stop services to allow certbot to generate a cert.
-  service:
-    name: "{{ item }}"
-    state: stopped
-  when: not letsencrypt_cert.stat.exists
-  with_items: "{{ certbot_create_standalone_stop_services }}"
-
 - name: Generate new certificate if one doesn't exist.
   command: "{{ certbot_create_command }}"
   when: not letsencrypt_cert.stat.exists
-
-- name: Start services after cert has been generated.
-  service:
-    name: "{{ item }}"
-    state: started
-  when: not letsencrypt_cert.stat.exists
-  with_items: "{{ certbot_create_standalone_stop_services }}"