apartment_acme_client 0.0.5 → 0.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +0 -3
  3. data/Rakefile +1 -1
  4. data/lib/apartment_acme_client/acme_client/real_client.rb +1 -0
  5. data/lib/apartment_acme_client/certificate_storage/s3.rb +1 -2
  6. data/lib/apartment_acme_client/dns_api/check_dns.rb +1 -1
  7. data/lib/apartment_acme_client/dns_api/route53.rb +2 -3
  8. data/lib/apartment_acme_client/encryption.rb +19 -8
  9. data/lib/apartment_acme_client/renewal_service.rb +4 -0
  10. data/lib/apartment_acme_client/version.rb +1 -1
  11. metadata +5 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 66eaebf9ae761526e149a5bedd237deee499a95107edb9ce3c1e3916e29c058b
4
- data.tar.gz: 4ab90728f136c38b453a24f54b760c84539c4333ae0cb24ba4122dcb54c124b6
3
+ metadata.gz: b3d126738e9200783bf929ef8f8e6dd406a9aec36e6e2cfab24e4791a7807e79
4
+ data.tar.gz: 89d4ba2e18df6deb075c0c6648f8eb08b6daae092b6d9809a4a34ecab0b1f7a4
5
5
  SHA512:
6
- metadata.gz: ff22698eadfef2b8b2e6d0c25793ad5bb1228ff66262c039ef01b969aabb42458caf4d3e6f0f8485a4eca5273b878328661437fe4591f6d809317a44811f1ae1
7
- data.tar.gz: 870ed58bb9befb87b788fa1976f4fd73b052982cc1b57be889c2783a1ec55372ce24d155b286fd5937c24bb910bbb69ece5cf101b3e7e298d8117adc51d7f100
6
+ metadata.gz: 6817464fa2b8b43627c511c5b81182d2da6ded01e0ec0a207dc0f4008b7e677d914a3a7e0b7c10cf29d4dd93114d160f07f38e8fdc50109bd31d3b0c251f874a
7
+ data.tar.gz: d197fc06dd5b544b44ef575c73140e364ebbe1a50852df103f8e828c220bc2beb6bc97233dee0ab5d7a2c619700d1003ef919f6b6c022a514bb5aae7b3fd7e60
data/README.md CHANGED
@@ -314,6 +314,3 @@ Aws.config.update(
314
314
  )
315
315
  )
316
316
  ```
317
-
318
- TODO
319
- - Get CI running
data/Rakefile CHANGED
@@ -8,7 +8,7 @@ require 'rdoc/task'
8
8
 
9
9
  RDoc::Task.new(:rdoc) do |rdoc|
10
10
  rdoc.rdoc_dir = 'rdoc'
11
- rdoc.title = 'ApartmentAcmeClien'
11
+ rdoc.title = 'ApartmentAcmeClient'
12
12
  rdoc.options << '--line-numbers'
13
13
  rdoc.rdoc_files.include('README.md')
14
14
  rdoc.rdoc_files.include('lib/**/*.rb')
data/lib/apartment_acme_client/acme_client/real_client.rb CHANGED
@@ -6,6 +6,7 @@ module ApartmentAcmeClient
6
6
  module AcmeClient
7
7
  class RealClient
8
8
  attr_reader :csr_private_key
9
+
9
10
  def initialize(acme_client_private_key:, csr_private_key:)
10
11
  @client = Acme::Client.new(
11
12
  private_key: acme_client_private_key,
data/lib/apartment_acme_client/certificate_storage/s3.rb CHANGED
@@ -81,8 +81,7 @@ module ApartmentAcmeClient
81
81
 
82
82
  def s3_file(filename)
83
83
  s3 = Aws::S3::Resource.new(region: ApartmentAcmeClient.aws_region)
84
- object = s3.bucket(ApartmentAcmeClient.aws_bucket).object(filename)
85
- object
84
+ s3.bucket(ApartmentAcmeClient.aws_bucket).object(filename)
86
85
  end
87
86
  end
88
87
  end
data/lib/apartment_acme_client/dns_api/check_dns.rb CHANGED
@@ -51,7 +51,7 @@ module ApartmentAcmeClient
51
51
  @nameservers
52
52
  end
53
53
 
54
- def wait_for_present(value, timeout_seconds: 60)
54
+ def wait_for_present(value, timeout_seconds: 120)
55
55
  time = 1
56
56
  until check_dns(value)
57
57
  puts "Waiting for DNS to update"
data/lib/apartment_acme_client/dns_api/route53.rb CHANGED
@@ -26,8 +26,7 @@ module ApartmentAcmeClient
26
26
  @values = values
27
27
  end
28
28
 
29
- # NOTE:
30
- # if you get error like:
29
+ # NOTE: If you get error like:
31
30
  #
32
31
  # "Invalid Resource Record: FATAL problem:
33
32
  # InvalidCharacterString
@@ -71,7 +70,7 @@ module ApartmentAcmeClient
71
70
  end
72
71
 
73
72
  def route53
74
- # Note: The `region` doesn't matter, because Route53 is global.
73
+ # NOTE: The `region` doesn't matter, because Route53 is global.
75
74
  @route53 ||= Aws::Route53::Client.new(region: 'us-east-1')
76
75
  end
77
76
 
data/lib/apartment_acme_client/encryption.rb CHANGED
@@ -48,7 +48,7 @@ module ApartmentAcmeClient
48
48
  # params:
49
49
  # - authorizations - a list of authorizations, which may be http or dns based (ignore the non-wildcard ones)
50
50
  # - wildcard_domain - the url of the wildcard's base domain (e.g. "site.example.com")
51
- def authorize_domains_with_dns(authorizations, wildcard_domain:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
51
+ def authorize_domains_with_dns(authorizations, wildcard_domain:) # rubocop:disable Metrics/AbcSize, Metrics/MethodLength, Metrics/PerceivedComplexity, Metrics/CyclomaticComplexity
52
52
  label = nil
53
53
  record_type = nil
54
54
  values = []
@@ -67,7 +67,7 @@ module ApartmentAcmeClient
67
67
  values << value
68
68
  end
69
69
 
70
- return unless values.any?
70
+ return true unless values.any?
71
71
 
72
72
  route53 = ApartmentAcmeClient::DnsApi::Route53.new(
73
73
  requested_domain: wildcard_domain,
@@ -76,18 +76,21 @@ module ApartmentAcmeClient
76
76
  values: values
77
77
  )
78
78
 
79
+ puts "writing #{label} to Route53"
79
80
  route53.write_record
80
81
 
81
82
  check_dns = ApartmentAcmeClient::DnsApi::CheckDns.new(wildcard_domain, label)
82
83
 
83
84
  check_dns.wait_for_present(values.first)
85
+ puts "waiting 60 seconds before requesting DNS check from LetsEncrypt"
86
+ sleep(60)
84
87
 
85
88
  if check_dns.check_dns(values.first)
86
89
  # DNS is updated, proceed with cert request
87
90
  dns_authorizations.each do |domain_authorization|
88
91
  domain_authorization.request_validation
89
92
 
90
- 30.times do
93
+ 60.times do
91
94
  # may be 'pending' initially
92
95
  break if domain_authorization.status == 'valid'
93
96
 
@@ -108,9 +111,10 @@ module ApartmentAcmeClient
108
111
  # returns true on success, false otherwise.
109
112
  #
110
113
  # from https://github.com/unixcharles/acme-client/tree/master#authorize-for-domain
111
- def authorize_domain_with_http(domain_authorization)
114
+ def authorize_domain_with_http(domain_authorization) # rubocop:disable Metrics/MethodLength
112
115
  challenge = domain_authorization.http
113
116
 
117
+ puts "authorizing Domain: #{domain_authorization.domain}"
114
118
  # The http method will require you to respond to a HTTP request.
115
119
 
116
120
  # You can retrieve the challenge token
@@ -148,7 +152,10 @@ module ApartmentAcmeClient
148
152
 
149
153
  30.times do
150
154
  # may be 'pending' initially
151
- break if challenge.status == 'valid'
155
+ if challenge.status == 'valid'
156
+ puts "authorized!"
157
+ break
158
+ end
152
159
 
153
160
  puts "Waiting for letsencrypt to authorize the single domain. Status: #{challenge.status}"
154
161
 
@@ -179,10 +186,14 @@ module ApartmentAcmeClient
179
186
 
180
187
  authorize_domain_with_http(authorization)
181
188
  end
182
- # Do the DNS (wildcard) authorizations
183
- authorize_domains_with_dns(order.authorizations, wildcard_domain: wildcard_domain)
184
189
 
185
- client.request_certificate(common_name: common_name, names: domain_names_requested, order: order)
190
+ # Do the DNS (wildcard) authorizations
191
+ if authorize_domains_with_dns(order.authorizations, wildcard_domain: wildcard_domain)
192
+ client.request_certificate(common_name: common_name, names: domain_names_requested, order: order)
193
+ else # rubocop:disable Style/EmptyElse
194
+ # error, not authorized
195
+ nil
196
+ end
186
197
  end
187
198
 
188
199
  # for use in order to store this on the machine for NGINX use
data/lib/apartment_acme_client/renewal_service.rb CHANGED
@@ -14,6 +14,10 @@ module ApartmentAcmeClient
14
14
  domains: good_domains,
15
15
  wildcard_domain: ApartmentAcmeClient.wildcard_domain
16
16
  )
17
+ if certificate.nil?
18
+ puts "ERROR, no certificate returned aborting"
19
+ return
20
+ end
17
21
 
18
22
  ApartmentAcmeClient::CertificateStorage::Proxy.singleton.store_certificate_string(certificate)
19
23
  ApartmentAcmeClient::CertificateStorage::Proxy.singleton.store_csr_private_key_string(encryptor.csr_private_key_string)
data/lib/apartment_acme_client/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ApartmentAcmeClient
2
- VERSION = '0.0.5'
2
+ VERSION = '0.0.7'
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: apartment_acme_client
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.5
4
+ version: 0.0.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Robin Dunlop
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2020-01-20 00:00:00.000000000 Z
11
+ date: 2022-10-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rails
@@ -19,7 +19,7 @@ dependencies:
19
19
  version: 4.1.0
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
- version: '6'
22
+ version: '7'
23
23
  type: :runtime
24
24
  prerelease: false
25
25
  version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
29
29
  version: 4.1.0
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
- version: '6'
32
+ version: '7'
33
33
  - !ruby/object:Gem::Dependency
34
34
  name: acme-client
35
35
  requirement: !ruby/object:Gem::Requirement
@@ -231,8 +231,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
231
231
  - !ruby/object:Gem::Version
232
232
  version: '0'
233
233
  requirements: []
234
- rubyforge_project:
235
- rubygems_version: 2.7.6
234
+ rubygems_version: 3.0.3.1
236
235
  signing_key:
237
236
  specification_version: 4
238
237
  summary: Let's Encrypt interface for Multi-tenancy applications (like Apartment)