roots
diff --git a/‎dev.yml
Lines changed: 1 addition & 0 deletions b/‎dev.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎group_vars/all/helpers.yml
Lines changed: 6 additions & 0 deletions b/‎group_vars/all/helpers.yml
Lines changed: 6 additions & 0 deletions
diff --git a/‎group_vars/development/main.yml
Lines changed: 1 addition & 1 deletion b/‎group_vars/development/main.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎group_vars/development/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion b/‎group_vars/development/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion
diff --git a/‎group_vars/production/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion b/‎group_vars/production/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion
diff --git a/‎group_vars/staging/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion b/‎group_vars/staging/wordpress_sites.yml
Lines changed: 0 additions & 1 deletion
diff --git a/‎roles/letsencrypt/README.md
Lines changed: 0 additions & 9 deletions b/‎roles/letsencrypt/README.md
Lines changed: 0 additions & 9 deletions
diff --git a/‎roles/letsencrypt/defaults/main.yml
Lines changed: 0 additions & 40 deletions b/‎roles/letsencrypt/defaults/main.yml
Lines changed: 0 additions & 40 deletions
diff --git a/‎roles/letsencrypt/library/test_challenges.py
Lines changed: 0 additions & 82 deletions b/‎roles/letsencrypt/library/test_challenges.py
Lines changed: 0 additions & 82 deletions
diff --git a/‎roles/letsencrypt/tasks/certificates.yml
Lines changed: 0 additions & 52 deletions b/‎roles/letsencrypt/tasks/certificates.yml
Lines changed: 0 additions & 52 deletions
diff --git a/‎roles/letsencrypt/tasks/main.yml
Lines changed: 0 additions & 15 deletions b/‎roles/letsencrypt/tasks/main.yml
Lines changed: 0 additions & 15 deletions
diff --git a/‎roles/letsencrypt/tasks/setup.yml
Lines changed: 0 additions & 63 deletions b/‎roles/letsencrypt/tasks/setup.yml
Lines changed: 0 additions & 63 deletions
diff --git a/‎roles/letsencrypt/templates/acme-challenge-location.conf.j2
Lines changed: 0 additions & 4 deletions b/‎roles/letsencrypt/templates/acme-challenge-location.conf.j2
Lines changed: 0 additions & 4 deletions
diff --git a/‎roles/letsencrypt/templates/renew-certs.py
Lines changed: 0 additions & 61 deletions b/‎roles/letsencrypt/templates/renew-certs.py
Lines changed: 0 additions & 61 deletions
diff --git a/‎roles/nginx/tasks/main.yml
Lines changed: 0 additions & 6 deletions b/‎roles/nginx/tasks/main.yml
Lines changed: 0 additions & 6 deletions
@@ -16,6 +16,7 @@
     - { role: xdebug, tags: [php, xdebug] }
     - { role: memcached, tags: [memcached] }
     - { role: nginx, tags: [nginx] }
+    - { role: ssl_certificates, tags: [ssl_certificates, ssl], when: sites_using_ssl | count }
     - { role: logrotate, tags: [logrotate] }
     - { role: composer, tags: [composer] }
     - { role: wp-cli, tags: [wp-cli] }
 
@@ -10,7 +10,13 @@ wordpress_env_defaults:
   domain_current_site: "{{ site_hosts_canonical | first }}"
   wp_debug_log: "{{ www_root }}/{{ item.key }}/logs/debug.log"
 
+ssl_defaults:
+  acme:
+    challenge:
+      type: http-01
+
 site_env: "{{ wordpress_env_defaults | combine(vault_wordpress_env_defaults | default({}), item.value.env | default({}), vault_wordpress_sites[item.key].env) }}"
+site_ssl: "{{ ssl_defaults | combine(item.value.ssl | default({}) ) }}"
 site_hosts_canonical: "{{ item.value.site_hosts | map(attribute='canonical') | list }}"
 site_hosts_redirects: "{{ item.value.site_hosts | selectattr('redirects', 'defined') | sum(attribute='redirects', start=[]) | list }}"
 site_hosts: "{{ site_hosts_canonical | union(site_hosts_redirects) }}"
 
@@ -1,4 +1,4 @@
-acme_tiny_challenges_directory: "{{ www_root }}/letsencrypt"
 env: development
+acme_ca_server: 'https://127.0.0.1:8443/acme/acme/directory'
 mysql_root_password: "{{ vault_mysql_root_password }}" # Define this variable in group_vars/development/vault.yml
 web_user: vagrant
@@ -14,6 +14,5 @@ wordpress_sites:
       enabled: false
     ssl:
       enabled: false
-      provider: self-signed
     cache:
       enabled: false
@@ -16,6 +16,5 @@ wordpress_sites:
       enabled: false
     ssl:
       enabled: false
-      provider: letsencrypt
     cache:
       enabled: false
@@ -16,6 +16,5 @@ wordpress_sites:
       enabled: false
     ssl:
       enabled: false
-      provider: letsencrypt
     cache:
       enabled: false
@@ -24,12 +24,6 @@
     - sites-available
     - sites-enabled
 
-- name: Create SSL directory
-  file:
-    mode: '0700'
-    path: "{{ nginx_path }}/ssl"
-    state: directory
-
 - name: Copy h5bp configs
   copy:
     src: templates/h5bp