jekyll-gitlab-letsencrypt 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: eb4bfb178c062a347cdd00659b5696634d8a62b6
-  data.tar.gz: 3bd34da9de2d0bce437f056e954736d17bbdeedd
+  metadata.gz: 4aa19772ee6eb9fbc74b590baa566f4cfde43db9
+  data.tar.gz: 57f5f353d78eee5a174165adac509ef69ddb1a8a
 SHA512:
-  metadata.gz: c79377df9752b99c20c192d450efe2a7e9485c809e13e42bd35df6553eb5dade98924ed85dc9d35fa5cea28ba9286b9d1997623dcb1efa126840d6bda98dd869
-  data.tar.gz: 8e9039a3e65156d2139bc48c84c8b34886c3860221867c7f7ad6019f93960596e151c16928ebe6d9e806276fa505cbadf71e9cb3577bcf04f45988f4a2b5f6ae
+  metadata.gz: b0b7ca49d5056a76e89530cee2f40913660649054d15294871ffe2e02e80348082103366493630cac0d3236930d597c90017269b650647b5f7d8016e8539ce37
+  data.tar.gz: 124da27fd3bfee7347f7972b84d6112dbe9e86c22ae70eb770b5ae02fcbcd3ef57c7aaeef3f8477363c04e9aa00e493bbf2bc75424e24816d16d83538b6f3b96

data/CHANGELOG.markdown

@@ -1,3 +1,7 @@
+# 0.2.0
+
+- #8 - Fully automated! Use new gitlab API for the last step
+
 # 0.1.0
 
 - #6 - Added option to get secret gitlab token from env var

data/README.md

@@ -4,15 +4,14 @@
 
 ![img](doc/image.png)
 
-This plugin automagically does 90% of the letsencrypt process for your gitlab-hosted jekyll blog.
+This plugin automagically does the entire the letsencrypt process for your gitlab-hosted jekyll blog!
 
 - *(automatic)* It registers your email to the letsencrypt server
 - *(automatic)* It generates a challenge file, and commits it directly via the gitlab API
 - *(automatic)* It sleeps until the challenge file is live on the internet
 - *(automatic)* It asks letsencrypt to verify it
 - *(automatic)* It spits out the certificate chain and private key
-- *(manual)* You have to go to the URL provided and manually copy/paste them
-  - This step must be manual since there is no API through Gitlab for this step
+- *(automatic)* It updates the gitlab pages domain settings to use the certificate
 
 ## Usage
 
@@ -93,29 +92,8 @@ Requesting verification...
 Challenge status = valid
 Challenge is valid!
 Certificate retrieved!
-Go to https://gitlab.com/gitlab_user/gitlab_repo/pages
- - If you already have an existing entry for example.com, remove it
- - Then click + New Domain and enter the following:
-
-Domain: example.com
-
-Certificate (PEM):
------BEGIN CERTIFICATE-----
-...
------END CERTIFICATE-----
------BEGIN CERTIFICATE-----
-...
------END CERTIFICATE-----
-
-  Key (PEM):
------BEGIN RSA PRIVATE KEY-----
-...
------END RSA PRIVATE KEY-----
-
-
-
-
-... hit save, wait a bit, and your new SSL will be live!
+Updating domain example.com pages setting with new certificates..
+Success!
 ```
 
 ### Alternative token usage

data/jekyll-gitlab-letsencrypt.gemspec

@@ -24,5 +24,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "coveralls"
 
   spec.add_dependency "activesupport", ">= 3.0.0"
-  spec.add_dependency "acme-client",   "~> 0.5.0"
+  spec.add_dependency "acme-client",   "~> 0.6"
 end

data/lib/jekyll/gitlab/letsencrypt.rb

@@ -5,7 +5,7 @@ require 'jekyll/gitlab/letsencrypt/version'
 require 'jekyll/gitlab/letsencrypt/configuration'
 require 'jekyll/gitlab/letsencrypt/acme'
 require 'jekyll/gitlab/letsencrypt/process'
-require 'jekyll/gitlab/letsencrypt/committer'
+require 'jekyll/gitlab/letsencrypt/gitlab_client'
 
 module Jekyll
   module Gitlab

data/lib/jekyll/gitlab/letsencrypt/{committer.rb → gitlab_client.rb}

@@ -3,21 +3,30 @@ require 'faraday'
 module Jekyll
   module Gitlab
     module Letsencrypt
-      class Commiter
+      class GitlabClient
 
         attr_accessor :content
 
-        delegate :filename, :personal_access_token, :gitlab_repo, :branch, to: Configuration
+        delegate :filename, :personal_access_token, :gitlab_repo, :branch, :domain, to: Configuration
 
-        def initialize(content)
+        def commit!(content)
           @content = content
-        end
-
-        def commit!
           create_branch! unless branch_exists?
           commit_file!
         end
 
+        def update_certificate!(certificate, key)
+          Jekyll.logger.info "Updating domain #{domain} pages setting with new certificates.."
+          response = connection.put do |req|
+            req.url "projects/#{repo_id}/pages/domains/#{domain}"
+            req.body = {
+              certificate:  certificate,
+              key:          key
+            }.to_json
+          end
+          response.success?
+        end
+
         def create_branch!
           Jekyll.logger.info "Creating branch #{branch}.."
           connection.post do |req|
@@ -31,7 +40,7 @@ module Jekyll
 
         def commit_file!
           Jekyll.logger.info "Commiting challenge file as #{filename}"
-          connection.run_request(request_method, nil, nil, nil) do |req|
+          connection.run_request(request_method_for_commit, nil, nil, nil) do |req|
             req.url        "projects/#{repo_id}/repository/files"
             req.body = {
               file_path:      filename,
@@ -50,7 +59,7 @@ module Jekyll
           JSON.parse(response.body).any? { |json| json['name'] == branch }
         end
 
-        def request_method
+        def request_method_for_commit
           response = connection.get "projects/#{repo_id}/repository/files?ref=#{branch}&file_path=#{filename}"
           response.status == 404 ? :post : :put
         end

data/lib/jekyll/gitlab/letsencrypt/process.rb

@@ -25,14 +25,19 @@ module Jekyll
           wait_until_challenge_is_present
           request_verification!
           await_verification_confirmation
-          display_certificate
+          if update_gitlab_pages
+            Jekyll.logger.info "Success!"
+          else
+            Jekyll.logger.info "Updating certificate failed... manual steps:"
+            display_certificate
+          end
         end
 
       private
 
         def commit_to_gitlab!
           Jekyll.logger.info "Pushing file to Gitlab"
-          Commiter.new(challenge_content).commit!
+          gitlab_client.commit!(challenge_content)
         end
 
         def wait_until_challenge_is_present
@@ -54,6 +59,9 @@ module Jekyll
         def request_verification!
           Jekyll.logger.info "Requesting verification..."
           challenge.request_verification
+        rescue ::Acme::Client::Error::BadNonce
+          Jekyll.logger.info "bad nonce! trying again.."
+          challenge.request_verification
         end
 
         def await_verification_confirmation
@@ -70,6 +78,10 @@ module Jekyll
           end
         end
 
+        def update_gitlab_pages
+          gitlab_client.update_certificate! certificate.fullchain_to_pem, certificate.request.private_key.to_pem
+        end
+
         def display_certificate
           Jekyll.logger.info "Certifcate retrieved!"
           Jekyll.logger.info "Go to https://gitlab.com/#{gitlab_repo}/pages"
@@ -114,6 +126,10 @@ module Jekyll
           end
         end
 
+        def gitlab_client
+          @gitlab_client ||= GitlabClient.new
+        end
+
         def challenge
           @challenge ||= client.challenge
         end

data/lib/jekyll/gitlab/letsencrypt/version.rb

@@ -1,7 +1,7 @@
 module Jekyll
   module Gitlab
     module Letsencrypt
-      VERSION = "0.1.0"
+      VERSION = "0.2.0"
     end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: jekyll-gitlab-letsencrypt
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Justin Aiken
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-28 00:00:00.000000000 Z
+date: 2018-01-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -114,14 +114,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.5.0
+        version: '0.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.5.0
+        version: '0.6'
 description: Automate letsencrypt renewals for gitlab pages.
 email:
 - 60tonangel@gmail.com
@@ -142,8 +142,8 @@ files:
 - lib/jekyll/commands/gitlab/letsencrypt.rb
 - lib/jekyll/gitlab/letsencrypt.rb
 - lib/jekyll/gitlab/letsencrypt/acme.rb
-- lib/jekyll/gitlab/letsencrypt/committer.rb
 - lib/jekyll/gitlab/letsencrypt/configuration.rb
+- lib/jekyll/gitlab/letsencrypt/gitlab_client.rb
 - lib/jekyll/gitlab/letsencrypt/process.rb
 - lib/jekyll/gitlab/letsencrypt/version.rb
 homepage: https://github.com/JustinAiken/jekyll-gitlab-letsencrypt