Enhance certbot role to support configurable renewal hooks

- Added variables for pre, post, and deploy renewal hooks in defaults/main.yml.
- Created a new task file tasks/setup-hooks.yml to manage the hooks setup.
- Included setup-hooks.yml in tasks/main.yml to ensure hooks are created if specified.

tasks/main.yml

@@ -29,5 +29,7 @@
   loop_control:
     loop_var: cert_item
 
+- import_tasks: setup-hooks.yml
+
 - import_tasks: renew-cron.yml
   when: certbot_auto_renew

tasks/setup-hooks.yml

@@ -0,0 +1,30 @@
+---
+- name: Ensure renewal hook directories exist
+  file:
+    path: "/etc/letsencrypt/renewal-hooks/{{ item }}"
+    state: directory
+  with_items:
+    - post
+    - pre
+    - deploy
+
+- name: Create post-renewal hook
+  copy:
+    content: "{{ certbot_renewal_hook_post }}"
+    dest: "/etc/letsencrypt/renewal-hooks/post/{{ certbot_renewal_hook_post_filename }}"
+    mode: "0755"
+  when: certbot_renewal_hook_post != ""
+
+- name: Create pre-renewal hook
+  copy:
+    content: "{{ certbot_renewal_hook_pre }}"
+    dest: "/etc/letsencrypt/renewal-hooks/pre/{{ certbot_renewal_hook_pre_filename }}"
+    mode: "0755"
+  when: certbot_renewal_hook_pre != ""
+
+- name: Create deploy-renewal hook
+  copy:
+    content: "{{ certbot_renewal_hook_deploy }}"
+    dest: "/etc/letsencrypt/renewal-hooks/deploy/{{ certbot_renewal_hook_deploy_filename }}"
+    mode: "0755"
+  when: certbot_renewal_hook_deploy != ""