certman 0.5.0 → 0.6.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/certman/client.rb +22 -4
- data/lib/certman/resource/acm.rb +2 -2
- data/lib/certman/resource/route53.rb +12 -5
- data/lib/certman/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9ef3fe64e1dce859da78da61b05d16eadea7831f
|
|
4
|
+
data.tar.gz: 49dcc2814216eaac91207f92c504da4a1b7032ec
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: da29279cf87464bf77418c21a3db658c21c95eba43346a6ee34bc117b649ac637c55ac979ef18a79cbc3f600c2a71bc2062d1a1fe6125607c396e43d8b93c869
|
|
7
|
+
data.tar.gz: 0e01313f8299bb3029c3671f4cf20ca669c94994aea35ee030bd9a982331da72f457b2da5a43719f3f5c1a11970adad9639bbd3cb0a99bf3014f91619ec6b849
|
data/lib/certman/client.rb
CHANGED
|
@@ -8,6 +8,7 @@ module Certman
|
|
|
8
8
|
|
|
9
9
|
def initialize(domain)
|
|
10
10
|
@do_rollback = false
|
|
11
|
+
@cname_exists = false
|
|
11
12
|
@domain = domain
|
|
12
13
|
@cert_arn = nil
|
|
13
14
|
@savepoint = []
|
|
@@ -76,21 +77,28 @@ module Certman
|
|
|
76
77
|
|
|
77
78
|
def check_resource
|
|
78
79
|
s = spinner('[ACM] Check Certificate')
|
|
79
|
-
check_certificate
|
|
80
|
+
raise 'Certificate already exist' if check_certificate
|
|
80
81
|
s.success
|
|
81
82
|
|
|
82
83
|
s = spinner('[Route53] Check Hosted Zone')
|
|
83
|
-
check_hosted_zone
|
|
84
|
+
raise "Hosted Zone #{root_domain} does not exist" unless check_hosted_zone
|
|
84
85
|
s.success
|
|
85
86
|
|
|
86
87
|
s = spinner('[Route53] Check TXT Record')
|
|
87
|
-
check_txt_rset
|
|
88
|
+
raise "_amazonses.#{email_domain} TXT already exist" if check_txt_rset
|
|
88
89
|
s.success
|
|
89
90
|
|
|
90
91
|
s = spinner('[Route53] Check MX Record')
|
|
91
|
-
check_mx_rset
|
|
92
|
+
raise "#{email_domain} MX already exist" if check_mx_rset
|
|
92
93
|
s.success
|
|
93
94
|
|
|
95
|
+
if check_cname_rset
|
|
96
|
+
pastel = Pastel.new
|
|
97
|
+
puts pastel.cyan("#{email_domain} CNAME already exist. Use #{root_domain}")
|
|
98
|
+
@cname_exists = true
|
|
99
|
+
check_resource
|
|
100
|
+
end
|
|
101
|
+
|
|
94
102
|
true
|
|
95
103
|
end
|
|
96
104
|
|
|
@@ -185,10 +193,20 @@ module Certman
|
|
|
185
193
|
end
|
|
186
194
|
end
|
|
187
195
|
|
|
196
|
+
def root_domain
|
|
197
|
+
PublicSuffix.domain(@domain)
|
|
198
|
+
end
|
|
199
|
+
|
|
188
200
|
def email_domain
|
|
201
|
+
return root_domain if @cname_exists
|
|
189
202
|
@domain.sub(/\A(www|\*)\./, '')
|
|
190
203
|
end
|
|
191
204
|
|
|
205
|
+
def validation_domain
|
|
206
|
+
return root_domain if @cname_exists
|
|
207
|
+
@domain
|
|
208
|
+
end
|
|
209
|
+
|
|
192
210
|
def rule_name
|
|
193
211
|
@rule_name ||= if "RuleCertman_#{email_domain}".length < 64
|
|
194
212
|
"RuleCertman_#{email_domain}"
|
data/lib/certman/resource/acm.rb
CHANGED
|
@@ -8,7 +8,7 @@ module Certman
|
|
|
8
8
|
domain_validation_options: [
|
|
9
9
|
{
|
|
10
10
|
domain_name: @domain,
|
|
11
|
-
validation_domain:
|
|
11
|
+
validation_domain: validation_domain
|
|
12
12
|
}
|
|
13
13
|
]
|
|
14
14
|
)
|
|
@@ -27,7 +27,7 @@ module Certman
|
|
|
27
27
|
current_cert = acm.list_certificates.certificate_summary_list.find do |cert|
|
|
28
28
|
cert.domain_name == @domain
|
|
29
29
|
end
|
|
30
|
-
|
|
30
|
+
current_cert
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def acm
|
|
@@ -3,7 +3,6 @@ module Certman
|
|
|
3
3
|
# rubocop:disable Metrics/ModuleLength
|
|
4
4
|
module Route53
|
|
5
5
|
def create_txt_rset
|
|
6
|
-
root_domain = PublicSuffix.domain(@domain)
|
|
7
6
|
@hosted_zone = route53.list_hosted_zones.hosted_zones.find do |zone|
|
|
8
7
|
PublicSuffix.domain(zone.name) == root_domain
|
|
9
8
|
end
|
|
@@ -103,7 +102,6 @@ module Certman
|
|
|
103
102
|
end
|
|
104
103
|
|
|
105
104
|
def check_hosted_zone
|
|
106
|
-
root_domain = PublicSuffix.domain(@domain)
|
|
107
105
|
@hosted_zone_id = nil
|
|
108
106
|
hosted_zone = route53.list_hosted_zones.hosted_zones.find do |zone|
|
|
109
107
|
if PublicSuffix.domain(zone.name) == root_domain
|
|
@@ -111,7 +109,7 @@ module Certman
|
|
|
111
109
|
next true
|
|
112
110
|
end
|
|
113
111
|
end
|
|
114
|
-
|
|
112
|
+
hosted_zone
|
|
115
113
|
end
|
|
116
114
|
|
|
117
115
|
def check_txt_rset
|
|
@@ -120,7 +118,7 @@ module Certman
|
|
|
120
118
|
record_name: "_amazonses.#{email_domain}.",
|
|
121
119
|
record_type: 'TXT'
|
|
122
120
|
)
|
|
123
|
-
|
|
121
|
+
!res.record_data.empty?
|
|
124
122
|
end
|
|
125
123
|
|
|
126
124
|
def check_mx_rset
|
|
@@ -129,7 +127,16 @@ module Certman
|
|
|
129
127
|
record_name: "#{email_domain}.",
|
|
130
128
|
record_type: 'MX'
|
|
131
129
|
)
|
|
132
|
-
|
|
130
|
+
!res.record_data.empty?
|
|
131
|
+
end
|
|
132
|
+
|
|
133
|
+
def check_cname_rset
|
|
134
|
+
res = route53.test_dns_answer(
|
|
135
|
+
hosted_zone_id: @hosted_zone_id,
|
|
136
|
+
record_name: "#{email_domain}.",
|
|
137
|
+
record_type: 'CNAME'
|
|
138
|
+
)
|
|
139
|
+
!res.record_data.empty?
|
|
133
140
|
end
|
|
134
141
|
|
|
135
142
|
def route53
|
data/lib/certman/version.rb
CHANGED