Deprecate SSL in core (to be re-integrated later)

This broke a jenkins build: http://ci.aegirproject.org/job/P_Aegir_Puppet_Module_functional_test_Aeg...

PHP Fatal error:  Call to undefined function _hosting_ip_save() in /var/aegir/hostmaster-7.x-3.x/profiles/hostmaster/modules/aegir/hosting/server/hosting_server.module on line 513

Fatal error: Call to undefined function _hosting_ip_save() in /var/aegir/hostmaster-7.x-3.x/profiles/hostmaster/modules/aegir/hosting/server/hosting_server.module on line 513
Drush command terminated abnormally due to an unrecoverable error.       [error]
Error: Call to undefined function _hosting_ip_save() in
/var/aegir/hostmaster-7.x-3.x/profiles/hostmaster/modules/aegir/hosting/server/hosting_server.module,
line 513 [32.96 sec, 9.45 MB]

Adding this to server/hosting_server.module didn't help :(

include_once "../web_server/ssl/hosting.ip.inc";

So i reverted the three commits.

A lot of thoughts, now that I've had time to digest.

• I think adding hosting_https in contrib as "experimental" is a good idea. It's the best way to test it. Hosting Pack and Cluster have been in there together for a while.
• We need at least a few rounds of releases with hosting_https in "experimental" status before we can bump it up to be considered "recommended".
• As a drupal module, it should have a project node page. We should do our best to keep it updated with the same code and documentation from gitlab.
• I think starting to host stuff on gitlab is a good idea, as long as all drupal modules get pushed back to drupal.org. Does gitlab offer pushing out to other git remotes, so we could keep hosting_https on drupal.org updated?
• Lastly, but most important: I don't think we should mark Hosting SSL module as "deprecated" right now, in a minor Aegir release. This would be quite confusing and scary to our users. The perception that we are just dropping support for a security module that's been in use for years would be bad for the project. I see no problem leaving Hosting SSL alone for now, as long as we have some decent documentation that it exists so people can enable it if they want to.

I forgot one more thing...

IP Addresses are important to some people, please don't remove this. I personally use the server node's IP addresses for automating DNS, and simply keeping track of servers.

We need the servers to have more metadata, not less.

Thanks!

I've just committed a '(DEPRECATED, see hosting_https)' addition to the submodule descriptions in http://cgit.drupalcode.org/hosting/commit/?id=745d39b
And added a note to the release notes.

Would it be better to say "Aegir HTTPS" instead of "hosting_https"? Not sure if folks can easily translate between machine names & human-readable names.

Does hosting_https still not allow manual certificate setup? If so I don't think we should deprecate Hosting SSL just yet.

I currently use Hosting Https but have to use the template hack to inject real certificates for some sites, because I've hit the rate limit on letsencrypt.

Maybe a bit too quick :(

I'll leave it out of the release notes ... but the code has already been tagged :(

For reference, the two 'blockers' here are #2936037: Add a 'manual' Certificate implementation and #2936039: Per site certificate service on a server

I've now marked them as 'LEGACY'

Folks are still getting confused by the official documentation as we haven't updated it.

Changed the branch name to 2751801-ssl-remove to get auto-detected by drupal.org.

Restoring tag.