Fixes #4: Update to use Certbot. Rename from letsencrypt to certbot.

.travis.yml

@@ -40,8 +40,10 @@ script:
   - 'sudo docker exec --tty "$(cat ${container_id})" env TERM=xterm ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml'
 
   # Test role idempotence.
+  - idempotence=$(mktemp)
+  - sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml | tee -a ${idempotence}
   - >
-    sudo docker exec "$(cat ${container_id})" ansible-playbook /etc/ansible/roles/role_under_test/tests/test.yml
+    tail ${idempotence}
     | grep -q 'changed=0.*failed=0'
     && (echo 'Idempotence test: pass' && exit 0)
     || (echo 'Idempotence test: fail' && exit 1)

README.md

@@ -1,8 +1,8 @@
-# Ansible Role: Let's Encrypt
+# Ansible Role: Certbot (for Let's Encrypt)
 
-[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-letsencrypt.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-letsencrypt)
+[![Build Status](https://travis-ci.org/geerlingguy/ansible-role-certbot.svg?branch=master)](https://travis-ci.org/geerlingguy/ansible-role-certbot)
 
-Installs Let's Encrypt for RHEL/CentOS or Debian/Ubuntu.
+Installs Certbot (for Let's Encrypt) for RHEL/CentOS or Debian/Ubuntu.
 
 ## Requirements
 
@@ -22,6 +22,24 @@ None.
       roles:
         - geerlingguy.letsencrypt
 
+After installation, you can create certificates using the `certbot-auto` script, which by default is installed inside the configured `certbot_dir`, so by default, `/opt/certbot/certbot-auto`. Here are some example commands to configure certificates with Certbot:
+
+    # Automatically add certs for all Apache virtualhosts (use with caution!).
+    /opt/certbot/certbot-auto --apache
+    
+    # Generate certs, but don't modify Apache configuration (safer).
+    /opt/certbot/certbot-auto --apache certonly
+
+To set up renewals, you should run the following command periodically (e.g. once or twice per day):
+
+    /opt/certbot/certbot-auto renew --quiet --no-self-upgrade
+
+You can test the auto-renewal (without actually renewing the cert) with the command:
+
+    /opt/certbot/certbot-auto renew --dry-run
+
+See full documentation and options on the [Certbot website](https://certbot.eff.org/).
+
 ## License
 
 MIT / BSD

defaults/main.yml

@@ -1,6 +1,6 @@
 ---
-letsencrypt_repo: https://github.com/letsencrypt/letsencrypt
+certbot_repo: https://github.com/certbot/certbot.git
-letsencrypt_version: master
+certbot_version: master
-letsencrypt_keep_updated: yes
+certbot_keep_updated: yes
 
-letsencrypt_dir: /opt/letsencrypt
+certbot_dir: /opt/certbot

meta/main.yml

@@ -3,7 +3,7 @@ dependencies: []
 
 galaxy_info:
   author: geerlingguy
-  description: "Let's Encrypt for RHEL/CentOS and Debian/Ubuntu."
+  description: "Certbot (for Let's Encrypt) for RHEL/CentOS and Debian/Ubuntu."
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
   min_ansible_version: 1.8

tasks/main.yml

@@ -1,7 +1,7 @@
 ---
-- name: Clone Let's Encrypt into configured directory.
+- name: Clone Certbot into configured directory.
   git:
-    repo: "{{ letsencrypt_repo }}"
+    repo: "{{ certbot_repo }}"
-    dest: "{{ letsencrypt_dir }}"
+    dest: "{{ certbot_dir }}"
-    version: "{{ letsencrypt_version }}"
+    version: "{{ certbot_version }}"
-    update: "{{ letsencrypt_keep_updated }}"
+    update: "{{ certbot_keep_updated }}"

vars/Debian.yml

@@ -1,2 +0,0 @@
----
-samba_daemon: smbd

vars/RedHat.yml

@@ -1,2 +0,0 @@
----
-samba_daemon: smb