Switch certbot to the Ubuntu packages instead of the Git repo

site-cookbooks/kosmos-base/recipes/letsencrypt.rb

@@ -7,14 +7,18 @@
 # All rights reserved - Do Not Redistribute
 #
 
-git "/usr/local/certbot" do
-  repository "https://github.com/certbot/certbot"
-  action     :sync
-  revision   "v0.26.1"
-  user       "root"
-  group      "root"
+# Install certbot and set up hooks
+
+apt_repository "certbot" do
+  uri "http://ppa.launchpad.net/certbot/certbot/ubuntu"
+  distribution node["lsb"]["codename"]
+  components ["main"]
+  keyserver "keyserver.ubuntu.com"
+  key "7BF576066ADA65728FC7E70A8C47BE8E75BCA694"
 end
 
+package "certbot"
+
 letsencrypt_renew_hook = <<-EOF
 #!/usr/bin/env bash
 
@@ -50,10 +54,12 @@ file "/usr/local/bin/letsencrypt_renew_hook" do
   group "root"
 end
 
-cron "renew Let's Encrypt certificates" do
-  minute "0"
-  hour "4"
-  mailto "logs@5apps.com"
-  # The hook is only executed if a cert has been renewed
-  command "/usr/local/certbot/certbot-auto renew --deploy-hook letsencrypt_renew_hook -n 1> /dev/null"
+unless node.chef_environment == "development"
+  cron "renew Let's Encrypt certificates" do
+    minute "0"
+    hour "4"
+    mailto "ops@5apps.com"
+    # The post hook is only executed if a cert has been renewed
+    command "certbot renew --renew-hook letsencrypt_renew_hook -n 1> /dev/null"
+  end
 end