From 53516b83cc28a1d05ec19bdc6ba789cd97a06df1 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Mon, 28 Oct 2019 12:51:13 +0100
Subject: [PATCH] acme.sh role: make it work on CentOS.

---
 .../letsencrypt-acme-sh-client/tasks/main.yml   | 17 +++++++----------
 .../tasks/old_acmetool_deb.yml                  | 12 ++++++++++++
 .../tasks/old_acmetool_rh.yml                   |  8 ++++++++
 3 files changed, 27 insertions(+), 10 deletions(-)
 create mode 100644 library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_deb.yml
 create mode 100644 library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_rh.yml

diff --git a/library/roles/letsencrypt-acme-sh-client/tasks/main.yml b/library/roles/letsencrypt-acme-sh-client/tasks/main.yml
index 354b7f32..6194ca2a 100644
--- a/library/roles/letsencrypt-acme-sh-client/tasks/main.yml
+++ b/library/roles/letsencrypt-acme-sh-client/tasks/main.yml
@@ -1,14 +1,11 @@
 ---
+- import_tasks: old_acmetool_deb.yml
+  when: ansible_distribution_file_variety == "Debian"
+
+- import_tasks: old_acmetool_rh.yml
+  when: ansible_distribution_file_variety == "RedHat"
+
 - block: 
-  - name: Remove the old acme package because the tool is not supported anymore.
-    apt: pkg=acmetool state=absent purge=yes
-
-  - name: Remove the old letsencrypt acmetool repo on ubuntu
-    apt_repository: repo={{ letsencrypt_acme_ppa_repo }} state=absent update_cache=yes
-
-  - name: Remove the old letsencrypt acmetool repo on debian
-    apt_repository: repo={{ letsencrypt_acme_debian_repo }} state=absent update_cache=yes
-
   - name: Remove the sudoers config needed to run the old acmetool package hooks
     file: dest=/etc/sudoers.d/letsencrypt-acme state=absent
 
@@ -53,7 +50,7 @@
 
   - name: Install the script that will run the services hooks when a certificate is installed
     template: src=acme-services-hook.j2 dest=/usr/local/bin/acme-services-hook owner=root group=acme mode=0750
-    
+
   - name: Install the scripts that will be run as a cron job
     copy: src={{ item }} dest=/usr/local/bin/{{ item }} owner=root group=acme mode=0750
     with_items:
diff --git a/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_deb.yml b/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_deb.yml
new file mode 100644
index 00000000..a188d827
--- /dev/null
+++ b/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_deb.yml
@@ -0,0 +1,12 @@
+---
+- block: 
+  - name: Remove the old acme package because the tool is not supported anymore.
+    apt: pkg=acmetool state=absent purge=yes
+
+  - name: Remove the old letsencrypt acmetool repo on ubuntu
+    apt_repository: repo={{ letsencrypt_acme_ppa_repo }} state=absent update_cache=yes
+
+  - name: Remove the old letsencrypt acmetool repo on debian
+    apt_repository: repo={{ letsencrypt_acme_debian_repo }} state=absent update_cache=yes
+
+  tags: [ 'letsencrypt', 'letsencrypt_acme_sh' ]
diff --git a/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_rh.yml b/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_rh.yml
new file mode 100644
index 00000000..36173c5d
--- /dev/null
+++ b/library/roles/letsencrypt-acme-sh-client/tasks/old_acmetool_rh.yml
@@ -0,0 +1,8 @@
+- block: 
+  - name: Remove the old acme package because the tool is not supported anymore.
+    yum: pkg=acmetool state=absent
+
+  - name: Remove the acmetool repo file
+    file: dest=/etc/yum.repos.d/hlandau-acmetool-epel-7.repo state=absent
+
+  tags: [ 'letsencrypt', 'letsencrypt_acme_sh' ]