Merge pull request #1 from erasche/ssl

Permit deploying without local key copies

README.md

@@ -62,6 +62,7 @@ Role Variables
 These variables control the use of TLS. If unset, TLS will not be enabled. See [mod_tls documentation][proftpd-mod-tls]
 and Example Playbook for usage.
 
+- `proftpd_deploy_ssl`: Enable/disable copying local SSL keys to the remote host
 - `proftpd_ssl_src_dir`: Where to copy SSL certificates from.
 - `proftpd_conf_ssl_certificate`: Path on the remote host where the SSL certificate file should be placed.
 - `proftpd_conf_ssl_certificate_key`: Path on the remote host where the SSL private key file should be placed.
@@ -184,4 +185,4 @@ License
 Author Information
 ------------------
 
-[Nate Coraor](https://github.com/natefoo)  
+[Nate Coraor](https://github.com/natefoo)

defaults/main.yml

@@ -23,3 +23,5 @@ proftpd_galaxy_auth_context: 'server'
 
 proftpd_tls_sesscache_timeout: 300
 proftpd_tls_renegotiate: null
+
+proftpd_deploy_ssl: false

tasks/tls.yml

@@ -17,19 +17,21 @@
   with_items:
     - "{{ proftpd_conf_ssl_certificate | default('') }}"
     - "{{ proftpd_conf_ssl_certificate_key | default('') }}"
+  when: proftpd_deploy_ssl
 
 - name: Install TLS CA certificate chain
   copy:
     src: "{{ proftpd_ssl_src_dir }}/{{ proftpd_conf_ssl_ca_certificate | basename }}"
     dest: "{{ proftpd_conf_ssl_ca_certificate }}"
-  when: proftpd_conf_ssl_ca_certificate is defined
+  when: proftpd_deploy_ssl and proftpd_conf_ssl_ca_certificate is defined
   notify:
     - reload proftpd
 
 - name: Install TLS certificate
   copy:
     src: "{{ proftpd_ssl_src_dir }}/{{ proftpd_conf_ssl_certificate | basename }}"
     dest: "{{ proftpd_conf_ssl_certificate }}"
+  when: proftpd_deploy_ssl
   notify:
     - reload proftpd
 
@@ -38,5 +40,6 @@
     content: "{{ sslkeys[proftpd_conf_ssl_certificate_key | basename] }}"
     dest: "{{ proftpd_conf_ssl_certificate_key }}"
     mode: 0400
+  when: proftpd_deploy_ssl
   notify:
     - reload proftpd