blix-letsencrypt 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +27 -23
- data/lib/blix/letsencrypt.rb +2 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 6f1f27590a110528eb5546250efe02efd240b3581d4090d99246e2f37718771d
|
4
|
+
data.tar.gz: a18a64ba2172d079994f336124d8efc0c214ec8b4ae558f37d2cf5063e991660
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b149b0711bd839f8c147d05ac345bf2cd3ee54478416ef2a74a9d83acbfc16f49d86e4571730e8b60ab5be6bc8cc4c060e05ed635f7849396a2929b8f3bb3e2e
|
7
|
+
data.tar.gz: '08414622cb6b29b9ef86d77f5cb1800648d4e025279c95ec909f2c343fcb6ce9d0e41d5b0bd69e474241cfe9cd9f39977db4173b12cb93b082f90fd0fa79c506'
|
data/README.md
CHANGED
@@ -13,18 +13,19 @@ gem install blix-letsencrypt
|
|
13
13
|
|
14
14
|
## command options:
|
15
15
|
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
16
|
+
Usage: letsencrypt [options]
|
17
|
+
|
18
|
+
-c, --create Create ACME private key
|
19
|
+
-k, --key=FILE ACME private key file
|
20
|
+
-e, --email=EMAIL your contact email
|
21
|
+
-d, --domain=DOMAIN domain name for certificate
|
22
|
+
--challenge_dir=CDIR challenge file directory
|
23
|
+
--ssl_dir=SSLDIR ssl certificate file directory
|
24
|
+
--ssl_key=SSLKEY ssl private key file
|
25
|
+
-t, --test enable test mode
|
26
|
+
--force force update even if not expired
|
27
|
+
-l, --logfile=LOGFILE log to file
|
28
|
+
-h, --hook=HOOK script to run on renewal
|
28
29
|
|
29
30
|
|
30
31
|
## conventions used
|
@@ -60,7 +61,7 @@ gem install blix-letsencrypt
|
|
60
61
|
|
61
62
|
* now create your certificate
|
62
63
|
|
63
|
-
letsencrypt --key=/etc/letsencrypt/account/key.pem -d"example.com www.example.com" --challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" --
|
64
|
+
letsencrypt --key=/etc/letsencrypt/account/key.pem -d"example.com www.example.com" --challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" --create
|
64
65
|
|
65
66
|
* hopefully your certificate has be created so update your webserver to use it...
|
66
67
|
|
@@ -83,16 +84,19 @@ run a script every day to check if the certificates are due for renewal.
|
|
83
84
|
|
84
85
|
eg:
|
85
86
|
|
86
|
-
cat /etc/cron.daily/renew_ssl
|
87
87
|
|
88
|
-
!/bin/sh
|
89
|
-
/opt/ruby-2.6.4/bin/letsencrypt --key=/etc/letsencrypt/account/key.pem \
|
90
|
-
-d"example.com www.example.com" \
|
91
|
-
--challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" \
|
92
|
-
--logfile=/var/log/letsencrypt.log \
|
93
|
-
--hook=/root/bin/reload_nginx
|
94
88
|
|
95
|
-
|
89
|
+
cat /etc/cron.daily/renew_ssl
|
90
|
+
|
91
|
+
#!/bin/sh
|
92
|
+
/opt/ruby-2.6.4/bin/letsencrypt --key=/etc/letsencrypt/account/key.pem \
|
93
|
+
-d"example.com www.example.com" \
|
94
|
+
--challenge_dir="/srv/certbot/.well-known" --ssl_dir="/etc/letsencrypt/ssl" \
|
95
|
+
--logfile=/var/log/letsencrypt.log \
|
96
|
+
--hook=/root/bin/reload_nginx
|
97
|
+
|
98
|
+
|
99
|
+
cat /root/bin/reload_nginx
|
96
100
|
|
97
|
-
|
98
|
-
|
101
|
+
#!/bin/sh
|
102
|
+
/sbin/nginx -t && /sbin/nginx -sreload
|
data/lib/blix/letsencrypt.rb
CHANGED
@@ -229,8 +229,10 @@ fatal_error 'domain name missing' unless site
|
|
229
229
|
fatal_error 'invalid challenge directory' unless File.directory?(challenge_dir)
|
230
230
|
fatal_error 'invalid ssl certificate directory' unless File.directory?(ssl_dir)
|
231
231
|
fatal_error "ssl private key invalid:#{ssl_key_path}" unless File.file?(ssl_key_path)
|
232
|
+
fatal_error "ACME key missing" unless options[:key]
|
232
233
|
fatal_error "script missing or not executable:#{hook_path}" unless !hook_path || File.executable?(hook_path)
|
233
234
|
|
235
|
+
|
234
236
|
certificate_file = File.join(site, SSL_CERT)
|
235
237
|
acme_key = File.expand_path(options[:key])
|
236
238
|
ssl_key = OpenSSL::PKey::RSA.new(File.read(ssl_key_path))
|
@@ -299,7 +301,6 @@ order.finalize(:csr => csr)
|
|
299
301
|
timeout_time = Time.now + TIMEOUT
|
300
302
|
while order.status == 'processing'
|
301
303
|
fatal_error 'certificate timeout' if Time.now > timeout_time
|
302
|
-
|
303
304
|
sleep(1)
|
304
305
|
order.reload
|
305
306
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: blix-letsencrypt
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.
|
4
|
+
version: 1.0.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Clive Andrews
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-05-
|
11
|
+
date: 2021-05-05 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: acme-client
|