Moving LetsEncrypt to ClouDNS API validation -- some LetsEncrypt queries come from non-US origins.

roles/SSL/templates/certbot.conf.j2

@@ -0,0 +1,2 @@
+dns_cloudns_auth_id={{ secrets.certbot.authid }}
+dns_cloudns_auth_password={{ secrets.certbot.passphrase }}

roles/SSL/templates/certbot.service.j2

@@ -0,0 +1,12 @@
+[Unit]
+Description=Certbot
+
+[Service]
+ExecStart=/bin/bash -c "source /etc/certbot/venv/bin/activate; certbot renew --authenticator dns-cloudns --dns-cloudns-credentials /etc/certbot/certbot.conf --dns-cloudns-nameserver {{ secrets.certbot.nameserver }}"
+ExecStartPost=-/usr/bin/systemctl reload nginx
+ExecStartPost=-/usr/bin/systemctl reload inspircd
+KillMode=process
+Type=oneshot
+RemainAfterExit=no
+User=root
+Group=root