add opt out for ssl

defaults/main.yml

@@ -1,4 +1,8 @@
 ---
+ssl: true
+ssl_port: 443
+web_port: 80
+apache_modules: []
 vhosts: []
   # - vhostname: default.host.example.org
   #   weight: 25

tasks/configure.yml

@@ -2,12 +2,13 @@
 - name: Allow HTTP traffic
   ufw:
     rule: allow
-    port: 80
+    port: "{{ web_port }}"
 
 - name: Allow HTTPS traffic
   ufw:
     rule: allow
-    port: 443
+    port: "{{ ssl_port | default(443) }}"
+  when: ssl
 
 - name: Ensure MPM Worker module is disabled
   shell: a2dismod mpm_worker
@@ -60,7 +61,7 @@
     state: present
     force: True
     name: "{{ item }}"
-  with_items: "{{ apache_modules }}"
+  loop: "{{ apache_modules }}"
   register: enabled_mods
   when: apache_modules is defined
 
@@ -99,6 +100,3 @@
   with_items: "{{ vhosts }}"
   notify:
     - Restart Apache
-# notfound.php
-# error500.php
-# error503.php

tasks/main.yml

@@ -10,15 +10,19 @@
     path: "/etc/letsencrypt/archive/{{ item.vhostname }}"
   register: certificate_folder
   loop: "{{ vhosts }}"
+  when: ssl
 
 - name: Initialize need_certificate
   set_fact:
     need_certificate: false
+  when: ssl
 
 - name: Evaluate if need certificate
   set_fact:
     need_certificate: true
-  when: not item.stat.exists
+  when:
+    - not item.stat.exists
+    - ssl
   loop: "{{ certificate_folder.results }}"
 
 - name: Ensure certificate is created if needed