From da2572ddb144086034eba1989ae909763e95c680 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sun, 20 Dec 2015 14:13:08 +0100
Subject: Use the Let's Encrypt CA for our public certs.

---
 roles/common/handlers/main.yml | 3 +++
 roles/common/tasks/main.yml    | 3 +++
 2 files changed, 6 insertions(+)

(limited to 'roles/common')

diff --git a/roles/common/handlers/main.yml b/roles/common/handlers/main.yml
index a852c4d..07047c7 100644
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -52,3 +52,6 @@
 
 - name: Restart freshclam
   service: name=clamav-freshclam state=restarted
+
+- name: Install LetsEncrypt's ACME client
+  apt: deb=/tmp/letsencrypt-tiny_0.1-1_all.deb
diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml
index 470a6b2..955493a 100644
--- a/roles/common/tasks/main.yml
+++ b/roles/common/tasks/main.yml
@@ -45,6 +45,9 @@
     - rsync
     - screen
     - telnet-ssl
+    # for letencrypt
+    - liblwp-protocol-https-perl
+    - socat
 
 # XXX: this is a workaround the CAcert root CAs not being present in
 # Jessie.  In stretch, we would merely install the 'ca-cacert' package.
-- 
cgit v1.2.3