It would be nice adding a Let's Encrypt client in the base image.
This would allow to actually get and update valid certificates for different services, in an automated way (using cron, or any other installed scheduler).
In conjunction with https://phabricator.vyos.net/T3022, we could get a fully automated certificate provisioning, allowing Operator to work on other things than the renewal of certificates.
Doing so would probably imply a new subcommand, such as:
`set letsencrypt host foo aliases foo.bar,www.foo,www.foo.bar
set letsencrypt host foo validation-type [dns|http|....]
set letsencrypt host foo mail-account ...
(and so on for other relevant options of the chosen LE client).