Remove certificate renewal steps from playbook

I would like certificate renewal to be handled centrally across all of my
deployed services. Therefore, responsibility for certificate renewal no longer
belongs in this playbook.

1 files changed, 0 insertions, 18 deletions

diff --git a/playbook.yaml b/playbook.yaml
index 583bf79..3b9561a 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -17,13 +17,11 @@
      ansible.builtin.apt:
       name:
        - borgmatic  # Backups
-       - certbot  # SSL certificates
        - coturn  # Audio / video calling server
        - lua-dbi-postgresql  # Prosody postgres connection
        - postgresql  # Database
        - prosody  # XMPP server
        - prosody-modules  # Extra addons
-       - python3-certbot-apache  # Web server to issue challenge responses
        - python3-psycopg2  # Used by ansible postgres role
        - ufw  # Firewall
       state: present
@@ -65,22 +63,6 @@
       - 5280  # XEP-0363
       - 5281  # XEP-0363
      become: true
-   - name: Ensure certbot on-renew hook is installed
-     ansible.builtin.copy:
-      src: "{{ playbook_dir }}/files/on_renew.sh"
-      dest: /etc/letsencrypt/renewal-hooks/deploy/prosody.sh
-      owner: root
-      group: root
-      mode: "0755"
-     become: true
-   - name: Ensure certificates are installed
-     ansible.builtin.command: >-
-      certbot --non-interactive --agree-tos --post-hook "/bin/true"
-      --email {{ certbot_email }} --no-eff-email --expand --apache --keep
-      -d {{ virtual_host }},upload.{{ virtual_host }},turn.{{ virtual_host }}
-     become: true
-     register: certbot
-     changed_when: "'Running post-hook command' in certbot.stdout"
    - name: Ensure turn is configured
      ansible.builtin.template:
       src: "{{ playbook_dir }}/files/turnserver.conf.j2"