blix-letsencrypt 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +27 -23
- data/lib/blix/letsencrypt.rb +2 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6f1f27590a110528eb5546250efe02efd240b3581d4090d99246e2f37718771d
|
4
|
+
data.tar.gz: a18a64ba2172d079994f336124d8efc0c214ec8b4ae558f37d2cf5063e991660
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b149b0711bd839f8c147d05ac345bf2cd3ee54478416ef2a74a9d83acbfc16f49d86e4571730e8b60ab5be6bc8cc4c060e05ed635f7849396a2929b8f3bb3e2e
|
7
|
+
data.tar.gz: '08414622cb6b29b9ef86d77f5cb1800648d4e025279c95ec909f2c343fcb6ce9d0e41d5b0bd69e474241cfe9cd9f39977db4173b12cb93b082f90fd0fa79c506'
|
data/README.md
CHANGED
@@ -13,18 +13,19 @@ gem install blix-letsencrypt
|
|
13
13
|
|
14
14
|
## command options:
|
15
15
|
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
16
|
+
Usage: letsencrypt [options]
|
17
|
+
|
18
|
+
-c, --create Create ACME private key
|
19
|
+
-k, --key=FILE ACME private key file
|
20
|
+
-e, --email=EMAIL your contact email
|
21
|
+
-d, --domain=DOMAIN domain name for certificate
|
22
|
+
--challenge_dir=CDIR challenge file directory
|
23
|
+
--ssl_dir=SSLDIR ssl certificate file directory
|
24
|
+
--ssl_key=SSLKEY ssl private key file
|
25
|
+
-t, --test enable test mode
|
26
|
+
--force force update even if not expired
|
27
|
+
-l, --logfile=LOGFILE log to file
|
28
|
+
-h, --hook=HOOK script to run on renewal
|
28
29
|
|
29
30
|
|
30
31
|
## conventions used
|
@@ -60,7 +61,7 @@ gem install blix-letsencrypt
|
|
60
61
|
|
61
62
|
* now create your certificate
|
62
63
|
|
63
|
-
letsencrypt --key=/etc/letsencrypt/account/key.pem -d"example.com www.example.com" --challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" --
|
64
|
+
letsencrypt --key=/etc/letsencrypt/account/key.pem -d"example.com www.example.com" --challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" --create
|
64
65
|
|
65
66
|
* hopefully your certificate has be created so update your webserver to use it...
|
66
67
|
|
@@ -83,16 +84,19 @@ run a script every day to check if the certificates are due for renewal.
|
|
83
84
|
|
84
85
|
eg:
|
85
86
|
|
86
|
-
cat /etc/cron.daily/renew_ssl
|
87
87
|
|
88
|
-
!/bin/sh
|
89
|
-
/opt/ruby-2.6.4/bin/letsencrypt --key=/etc/letsencrypt/account/key.pem \
|
90
|
-
-d"example.com www.example.com" \
|
91
|
-
--challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" \
|
92
|
-
--logfile=/var/log/letsencrypt.log \
|
93
|
-
--hook=/root/bin/reload_nginx
|
94
88
|
|
95
|
-
|
89
|
+
cat /etc/cron.daily/renew_ssl
|
90
|
+
|
91
|
+
#!/bin/sh
|
92
|
+
/opt/ruby-2.6.4/bin/letsencrypt --key=/etc/letsencrypt/account/key.pem \
|
93
|
+
-d"example.com www.example.com" \
|
94
|
+
--challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" \
|
95
|
+
--logfile=/var/log/letsencrypt.log \
|
96
|
+
--hook=/root/bin/reload_nginx
|
97
|
+
|
98
|
+
|
99
|
+
cat /root/bin/reload_nginx
|
96
100
|
|
97
|
-
|
98
|
-
|
101
|
+
#!/bin/sh
|
102
|
+
/sbin/nginx -t && /sbin/nginx -sreload
|
data/lib/blix/letsencrypt.rb
CHANGED
@@ -229,8 +229,10 @@ fatal_error 'domain name missing' unless site
|
|
229
229
|
fatal_error 'invalid challenge directory' unless File.directory?(challenge_dir)
|
230
230
|
fatal_error 'invalid ssl certificate directory' unless File.directory?(ssl_dir)
|
231
231
|
fatal_error "ssl private key invalid:#{ssl_key_path}" unless File.file?(ssl_key_path)
|
232
|
+
fatal_error "ACME key missing" unless options[:key]
|
232
233
|
fatal_error "script missing or not executable:#{hook_path}" unless !hook_path || File.executable?(hook_path)
|
233
234
|
|
235
|
+
|
234
236
|
certificate_file = File.join(site, SSL_CERT)
|
235
237
|
acme_key = File.expand_path(options[:key])
|
236
238
|
ssl_key = OpenSSL::PKey::RSA.new(File.read(ssl_key_path))
|
@@ -299,7 +301,6 @@ order.finalize(:csr => csr)
|
|
299
301
|
timeout_time = Time.now + TIMEOUT
|
300
302
|
while order.status == 'processing'
|
301
303
|
fatal_error 'certificate timeout' if Time.now > timeout_time
|
302
|
-
|
303
304
|
sleep(1)
|
304
305
|
order.reload
|
305
306
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: blix-letsencrypt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Clive Andrews
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-05-
|
11
|
+
date: 2021-05-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: acme-client
|