roles/cert: Common role for installing certs

The *cert* role is intended to be a generic, reusable role to copy an
X.509 certificate and/or private key file to managed nodes.  It is
intended to be included in a playbook with at least the `cert_src` and
`cert_dest` variables defined, e.g.:

```
- hosts: whatever
  roles:
  - role: cert
    cert_src: whatever.cer
    cert_dest: /path/to/whatever.cer
```

roles/cert/tasks/main.yml

@@ -0,0 +1,12 @@
+- name: ensure server certificate is installed
+  copy:
+    src: certs/{{ cert_src }}
+    dest: '{{ cert_dest }}'
+    mode: '{{ cert_mode|d("0644") }}'
+- name: ensure server private key is installed
+  copy:
+    src: certs/{{ cert_key_src }}
+    dest: '{{ cert_key_dest }}'
+    mode: '{{ cert_key_mode|d("0600") }}'
+  diff: false
+  when: cert_key_src is defined