Support using existing SSL certs on system

Add the additional pvc_api_ssl_cert_path and pvc_api_ssl_key_path
group_vars options, which can be used to set the SSL details to existing
files on the filesystem if desired. If these are empty (or nonexistent),
the original pvc_api_ssl_cert and pvc_api_ssl_key raw format options
will be used as they were.

Allows the administrator to use outside methods (such as Let's Encrypt)
to obtain the certs locally on the system, avoiding changes to the
group_vars and redeployment to manage SSL keys.

roles/pvc/templates/pvc/pvcapid.yaml.j2

@@ -30,9 +30,17 @@ pvc:
             # enabled: Enabled or disable SSL operation (True/False)
             enabled: {{ pvc_api_enable_ssl }}
             # cert_file: SSL certificate file
+{% if pvc_api_ssl_cert_path is defined and pvc_api_ssl_cert_path %}
+            cert_file: "{{ pvc_api_ssl_cert_path }}"
+{% else %}
             cert_file: "/etc/pvc/api-cert.pem"
+{% endif %}
             # key_file: SSL certificate key file
+{% if pvc_api_ssl_key_path is defined and pvc_api_ssl_key_path %}
+            key_file: "{{ pvc_api_ssl_key_path }}"
+{% else %}
             key_file: "/etc/pvc/api-key.pem"
+{% endif %}
     # provisioner: Configuration of the Provisioner API listener
     provisioner:
         # database: Backend database configuration