From 0587841476dad9b809156802e12d326e2a194455 Mon Sep 17 00:00:00 2001
From: Alan Orth <alan.orth@gmail.com>
Date: Tue, 19 May 2020 16:41:43 +0300
Subject: [PATCH] roles/nginx: Adjust certbot tasks

It seems that it is no longer recommended/supported to install the
standalone certbot-auto client on Ubuntu 20.04. We apparently need
to use the one provided by Ubuntu, which luckily includes a service
and timer to renew the certs.
---
 roles/nginx/tasks/letsencrypt.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/nginx/tasks/letsencrypt.yml b/roles/nginx/tasks/letsencrypt.yml
index e9ff2d4..f3f1c5d 100644
--- a/roles/nginx/tasks/letsencrypt.yml
+++ b/roles/nginx/tasks/letsencrypt.yml
@@ -210,6 +210,15 @@
 
   - name: Install certbot dependencies
     apt: name={{ certbot_dependencies }} state=present update_cache=yes
+
+  when: ansible_distribution != 'Ubuntu' and ansible_distribution_major_version is version('20.04', '!=')
+  tags: letsencrypt
+
+# On Ubuntu 20.04 it is no longer recommended/supported to use the standalone
+# certbot-auto so I guess we need to use the one from the repositories.
+- name: Install certbot (Ubuntu 20.04)
+  apt: name=certbot state=present update_cache=yes
+  when: ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '==')
   tags: letsencrypt
 
 # vim: set ts=2 sw=2: