Cleanup RHEL/CentOS support

defaults/main.yaml

@@ -6,3 +6,13 @@ certbot_plugin_arguments:
   digitalocean: --dns-digitalocean --dns-digitalocean-credentials /root/do_secrets.ini
   godaddy: --authenticator dns-godaddy --dns-godaddy-credentials /root/gd_secrets.ini
   default: "--webroot -w /var/www/acme-challenge"
+
+certbot_packages:
+  - certbot
+
+certbot_extension_packages:
+  - python3-certbot-dns-digitalocean
+
+certbot_extension_pypi_packages: []
+
+certbot_timer_service: certbot.timer

tasks/config.yaml

@@ -9,13 +9,3 @@
   when:
     - certbot_digitalocean_token is defined
 
-- name: Write out GoDaddy auth key
-  ansible.builtin.template:
-    src: do_secrets.j2
-    dest: /root/gd_secrets.ini
-    mode: "0600"
-    owner: root
-    group: root
-  when:
-    - certbot_godaddy_secret is defined
-    - certbot_godaddy_key is defined

tasks/install.yaml

@@ -1,35 +1,21 @@
 ---
 - name: Install certbot
   ansible.builtin.package:
-    name: "{{ packages }}"
+    name: "{{ certbot_packages }}"
     state: present
-  vars:
-    packages:
-      - certbot
 
-- name: Install DigitalOcean certbot extension
+- name: Install certbot extensions (package manager)
   ansible.builtin.package:
-    name: "{{ packages }}"
+    name: "{{ certbot_extension_packages }}"
     state: present
-  vars:
-    packages:
-      - python3-certbot-dns-digitalocean
-  when:
-    - certbot_digitalocean_token is defined
 
-- name: Install GoDaddy certbot extension from PyPi
+- name: Install certbot extensions (pypi)
   ansible.builtin.pip:
-    name: "{{ packages }}"
+    name: "{{ certbot_extension_pypi_packages }}"
     state: present
-  vars:
-    packages:
-      - certbot-dns-godaddy
-  when:
-    - certbot_godaddy_key is defined
-    - certbot_godaddy_secret is defined
 
 - name: Enable certbot renewal timer
   ansible.builtin.systemd:
-    name: certbot.timer
+    name: "{{ certbot_timer_service }}"
     state: started
     enabled: true

tasks/install_el.yaml

@@ -1,37 +0,0 @@
----
-- name: When on EL 8
-  when:
-    - ansible_os_family == 'RedHat'
-    - ansible_distribution_major_version != '9'
-  block:
-    - name: Install certbot
-      ansible.builtin.package:
-        name: "{{ certbot_el_packages }}"
-        state: present
-      vars:
-        certbot_el_packages:
-          - certbot
-          - python3-certbot-dns-digitalocean
-
-- name: When on EL 9
-  when:
-    - ansible_os_family == 'RedHat'
-    - ansible_distribution_major_version == '9'
-  block:
-    - name: Install certbot
-      ansible.builtin.package:
-        name: "{{ certbot_el9_packages }}"
-        state: present
-      vars:
-        certbot_el9_packages:
-          - certbot
-    - name: Install certbot-dns-digitalocean from pip
-      ansible.builtin.pip:
-        name: certbot-dns-digitalocean
-        state: present
-
-- name: Enable certbot renewal timer
-  ansible.builtin.systemd:
-    name: certbot-renew.timer
-    state: started
-    enabled: true

tasks/main.yaml

@@ -1,4 +1,10 @@
 ---
+- name: Get OS specific vars
+  include_vars: "{{ item }}"
+  with_first_found:
+    - "os/{{ ansible_os_family }}/{{ ansible_distribution_major_version }}.yaml"
+    - "os/{{ ansible_os_family }}.yaml"
+
 - name: Install Certbot
   ansible.builtin.import_tasks: install.yaml
 

vars/os/RedHat.yaml

@@ -0,0 +1,8 @@
+---
+certbot_packages:
+  - certbot
+
+certbot_extension_packages:
+  - python3-certbot-dns-digitalocean
+
+certbot_timer_service: certbot-renew.timer

vars/os/RedHat/9.yml

@@ -0,0 +1,10 @@
+---
+certbot_packages:
+  - certbot
+
+certbot_extension_packages: []
+
+certbot_extension_pypi_packages:
+  - certbot-dns-digitalocean
+
+certbot_timer_service: certbot-renew.timer