letsencrypt: implement role using acmetool
Implement a letsencrypt role based on the current acmetool installation at asta.ac
This should allow for other roles to request these certs on webserver setup. Note, that in the future we might want to deploy these also for non-web applications, e.g. mail server.