encryptbot 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 120d3113425408842a8291c2bfd9e6dcc9111835
4
- data.tar.gz: 75dd6eac6066e637675f8b4eadf7f30e7efd59ba
3
+ metadata.gz: b0a9f893513d61a64f0e9fd85fc4fb76caba5727
4
+ data.tar.gz: 6db386732ad8535b01cb59ea4548137d7359c087
5
5
  SHA512:
6
- metadata.gz: 5b82fa59488ad68ad7debe96cfbc6e705ebeb4df1a930d5fde61c037afe4c77811380ac3a198c734f0cfd6f29dbb40970ca1c01e7218f6481d29720b95b6e37f
7
- data.tar.gz: 193d5bd943f3870a520eb46ee0ecace9d79112bc1fcc2c7cce4427e75c9b45caf0771b1f56c04c7a5573623af643b300d5217c0c9864e2de7630ec4a376c4e82
6
+ metadata.gz: d2cc083be332bdc1c57b2be181763704d34158ad0d10f68e285abd9926cf5f09c005f99d37ca86d069abf0433849ac79d3448184e37f8fab8a95c1b18521ee25
7
+ data.tar.gz: 0a31ac1f915522e9da4cbb55ee669e7bd7443f6c17b3a573dab00a0ae753ea3db8e6d36009f1c8d0811e09924f8e56c343a829560710c6be5dc993efc3606269
data/Gemfile.lock CHANGED
@@ -1,8 +1,9 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- encryptbot (0.1.0)
4
+ encryptbot (0.1.1)
5
5
  acme-client
6
+ aws-sdk-route53
6
7
  faraday
7
8
  platform-api
8
9
  slack-notifier
@@ -12,6 +13,17 @@ GEM
12
13
  specs:
13
14
  acme-client (2.0.0)
14
15
  faraday (~> 0.9, >= 0.9.1)
16
+ aws-eventstream (1.0.1)
17
+ aws-partitions (1.94.0)
18
+ aws-sdk-core (3.21.3)
19
+ aws-eventstream (~> 1.0)
20
+ aws-partitions (~> 1.0)
21
+ aws-sigv4 (~> 1.0)
22
+ jmespath (~> 1.0)
23
+ aws-sdk-route53 (1.9.0)
24
+ aws-sdk-core (~> 3)
25
+ aws-sigv4 (~> 1.0)
26
+ aws-sigv4 (1.0.2)
15
27
  erubis (2.7.0)
16
28
  excon (0.62.0)
17
29
  faraday (0.15.2)
@@ -21,6 +33,7 @@ GEM
21
33
  excon
22
34
  moneta
23
35
  multi_json (>= 1.9.2)
36
+ jmespath (1.4.0)
24
37
  moneta (0.8.1)
25
38
  multi_json (1.13.1)
26
39
  multipart-post (2.0.0)
data/README.md CHANGED
@@ -1,11 +1,11 @@
1
1
  # Encryptbot
2
2
 
3
- Encryptbot creates and renews your Lets Encrypt SSL certificate on Heroku allowing for multiple wildcards.
3
+ Encryptbot creates and renews your Let's Encrypt SSL certificate on Heroku allowing for multiple wildcards.
4
4
 
5
5
  The gem will:
6
6
 
7
- - Create Lets Encrypt
8
- - Add Lets Encrypt DNS Challenge TXT records to your DNS provider (cloudflare and Dyn supported)
7
+ - Create Let's Encrypt
8
+ - Add Let's Encrypt DNS Challenge TXT records to your DNS provider (Cloudflare and Dyn supported)
9
9
  - Add certificate to your Heroku SNI endpoint
10
10
  - Send Slack notifications if the process fails.
11
11
 
@@ -42,6 +42,10 @@ Encryptbot.configure do |config|
42
42
  config.dyn_password = "dyn_password"
43
43
  config.slack_webhook = "slack_webhook_url"
44
44
  config.slack_bot_username = "name_for_slack_bot"
45
+ config.route53_hosted_zone_id = "Z123456"
46
+ config.route53_acme_record_name = "_acme-challenge.acme.domain.com"
47
+ config.route53_access_key_id = "aws_api_key"
48
+ config.route53_secret_access_key = "aws_api_secret"
45
49
  config.domains = [
46
50
  {domain: "*.domain1.com", service: "cloudflare"},
47
51
  {domain: "*.domain2.com", service: "dyn"},
data/encryptbot.gemspec CHANGED
@@ -9,9 +9,9 @@ Gem::Specification.new do |spec|
9
9
  spec.authors = ["danlewis"]
10
10
  spec.email = [""]
11
11
 
12
- spec.summary = %q{Manage Lets Encrypt Wildcard certs to heroku}
13
- spec.description = %q{Manage Lets Encrypt Wildcard certs to heroku}
14
- spec.homepage = ""
12
+ spec.summary = %q{Manage Let's Encrypt wildcard certificates on Heroku}
13
+ spec.description = %q{Manage Let's Encrypt wildcard certificates on Heroku}
14
+ spec.homepage = "https://github.com/danlewis/encryptbot"
15
15
  spec.license = "MIT"
16
16
 
17
17
  spec.files = `git ls-files -z`.split("\x0").reject do |f|
@@ -25,6 +25,7 @@ Gem::Specification.new do |spec|
25
25
  spec.add_dependency "platform-api"
26
26
  spec.add_dependency "faraday"
27
27
  spec.add_dependency "slack-notifier"
28
+ spec.add_dependency "aws-sdk-route53"
28
29
  spec.add_development_dependency "bundler", "~> 1.16"
29
30
  spec.add_development_dependency "rake", "~> 10.0"
30
31
  end
@@ -47,6 +47,8 @@ module Encryptbot
47
47
  content: dns_challenge.record_content
48
48
  }
49
49
  case @domain_list.detect{|t| t[:domain].gsub("*.", "") == domain }[:service]
50
+ when "route53"
51
+ Encryptbot::Services::Route53.new(domain, dns_entry).add_challenge
50
52
  when "cloudflare"
51
53
  Encryptbot::Services::Cloudflare.new(domain, dns_entry).add_challenge
52
54
  when "dyn"
@@ -14,6 +14,10 @@ module Encryptbot
14
14
  @dyn_customer_name = nil
15
15
  @dyn_username = nil
16
16
  @dyn_password = nil
17
+ @route53_hosted_zone_id = nil
18
+ @route53_acme_record_name = nil
19
+ @route53_access_key_id = nil
20
+ @route53_secret_access_key = nil
17
21
  @acme_email = nil
18
22
  @slack_webhook = nil
19
23
  @slack_bot_username = "encryptbot"
@@ -23,7 +27,7 @@ module Encryptbot
23
27
 
24
28
  def valid?
25
29
  heroku_app && heroku_token && acme_email && domains.any? &&
26
- (cloudflare_api_key || dyn_customer_name)
30
+ (cloudflare_api_key || dyn_customer_name || route53_api_key)
27
31
  end
28
32
 
29
33
  end
@@ -20,6 +20,9 @@ module Encryptbot
20
20
  class CloudflareDNSError < EncryptbotError; end
21
21
  # Exception raised when adding TXT record to Dyn
22
22
  class DynDNSError < EncryptbotError; end
23
+ # Exception raised when route 53 fails to update
24
+ class Route53DNSError < EncryptbotError; end
25
+ # Exception raised when unknown error
23
26
  class UnknownServiceError < EncryptbotError; end
24
27
  # Exception raised as order was failed - this happens when the DNS Challenge failed
25
28
  class InvalidOrderError < EncryptbotError; end
@@ -0,0 +1,58 @@
1
+ # Route 53 acts a single service for domains to be verified, hence the domain is not used
2
+ require "aws-sdk-route53"
3
+
4
+ module Encryptbot
5
+ module Services
6
+ class Route53
7
+
8
+ attr_accessor :domain, :dns_entry, :client, :hosted_zone_id, :aws_acme_record_name
9
+
10
+ def initialize(domain, dns_entry)
11
+ @dns_entry = dns_entry
12
+ @hosted_zone_id = Encryptbot.configuration.route53_hosted_zone_id
13
+ @acme_name = Encryptbot.configuration.route53_acme_record_name
14
+ @client = Aws::Route53::Client.new({
15
+ region: "global",
16
+ credentials: Aws::Credentials.new(
17
+ Encryptbot.configuration.route53_access_key_id,
18
+ Encryptbot.configuration.route53_secret_access_key
19
+ )})
20
+ end
21
+
22
+ def add_challenge
23
+ begin
24
+ response = @client.change_resource_record_sets({
25
+ change_batch: {
26
+ changes: [
27
+ action: "UPSERT",
28
+ resource_record_set: {
29
+ name: @aws_acme_record_name,
30
+ resource_records: [
31
+ {
32
+ value: "\"#{@dns_entry[:content]}\"",
33
+ },
34
+ ],
35
+ ttl: 0,
36
+ type: "TXT",
37
+ }
38
+ ],
39
+ comment: "ACME Challege update",
40
+ },
41
+ hosted_zone_id: @hosted_zone_id
42
+ })
43
+ change_id = response.change_info.id
44
+ change_status = response.change_info.status
45
+ while change_status == "PENDING"
46
+ sleep(10)
47
+ change_status = @client.get_change({id: change_id}).change_info.status
48
+ end
49
+ change_status == "NSYNC"
50
+
51
+ rescue => e
52
+ raise Encryptbot::Error::Route53DNSError, e
53
+ end
54
+
55
+ end
56
+ end
57
+ end
58
+ end
@@ -1,3 +1,3 @@
1
1
  module Encryptbot
2
- VERSION = "0.1.0"
2
+ VERSION = "0.1.1"
3
3
  end
data/lib/encryptbot.rb CHANGED
@@ -3,6 +3,7 @@ require "encryptbot/cert"
3
3
  require "encryptbot/version"
4
4
  require "encryptbot/services/cloudflare"
5
5
  require "encryptbot/services/dyn"
6
+ require "encryptbot/services/route53"
6
7
 
7
8
  if defined?(Rails)
8
9
  require "encryptbot/railtie"
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: encryptbot
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - danlewis
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2018-05-24 00:00:00.000000000 Z
11
+ date: 2018-06-25 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: acme-client
@@ -66,6 +66,20 @@ dependencies:
66
66
  - - ">="
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: aws-sdk-route53
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
69
83
  - !ruby/object:Gem::Dependency
70
84
  name: bundler
71
85
  requirement: !ruby/object:Gem::Requirement
@@ -94,7 +108,7 @@ dependencies:
94
108
  - - "~>"
95
109
  - !ruby/object:Gem::Version
96
110
  version: '10.0'
97
- description: Manage Lets Encrypt Wildcard certs to heroku
111
+ description: Manage Let's Encrypt wildcard certificates on Heroku
98
112
  email:
99
113
  - ''
100
114
  executables: []
@@ -119,10 +133,11 @@ files:
119
133
  - lib/encryptbot/railtie.rb
120
134
  - lib/encryptbot/services/cloudflare.rb
121
135
  - lib/encryptbot/services/dyn.rb
136
+ - lib/encryptbot/services/route53.rb
122
137
  - lib/encryptbot/slack.rb
123
138
  - lib/encryptbot/version.rb
124
139
  - lib/tasks/encryptbot.rake
125
- homepage: ''
140
+ homepage: https://github.com/danlewis/encryptbot
126
141
  licenses:
127
142
  - MIT
128
143
  metadata: {}
@@ -145,5 +160,5 @@ rubyforge_project:
145
160
  rubygems_version: 2.6.13
146
161
  signing_key:
147
162
  specification_version: 4
148
- summary: Manage Lets Encrypt Wildcard certs to heroku
163
+ summary: Manage Let's Encrypt wildcard certificates on Heroku
149
164
  test_files: []