kingsly-certbot 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +1 -1
- data/kingsly-config.yaml.sample +2 -3
- data/lib/kingsly_certbot/configuration.rb +3 -14
- data/lib/kingsly_certbot/kingsly_client.rb +2 -5
- data/lib/kingsly_certbot/runner.rb +1 -2
- data/lib/kingsly_certbot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 23bedd90f9a1b26f3cdae7ed108c48e921f0da3ad61c7fec9a012883b7ae35a9
|
|
4
|
+
data.tar.gz: 7bbd7b0d81e17764627c975e00707d0606f989f6a34963b35499c07fabe8ca0e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0ba0c36b11c4bb9e960b17228f137e90d31ecf104d0884ad594ebce29cb442e0cb8761a6a6c137bcf120aaa5a3bc0b897da55622e7df1f44f592f6c7f3d8bca2
|
|
7
|
+
data.tar.gz: 1154ef166dec300600bdb1d3d6a846a41fec646106e6b80ae5f31320411229cc8ebbaca30118a93fdff8ca0041a81e285fbf7d7284a4b56c997f1c860b9afa2d
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
data/kingsly-config.yaml.sample
CHANGED
|
@@ -2,8 +2,7 @@ SENTRY_DSN:
|
|
|
2
2
|
ENVIRONMENT: 'development'
|
|
3
3
|
TOP_LEVEL_DOMAIN: 'example.com'
|
|
4
4
|
SUB_DOMAIN: 'subdomain'
|
|
5
|
-
KINGSLY_SERVER_HOST: '
|
|
6
|
-
|
|
7
|
-
KINGSLY_SERVER_PASSWORD: '****'
|
|
5
|
+
KINGSLY_SERVER_HOST: 'localhost'
|
|
6
|
+
KINGSLY_SERVER_PORT: 8080
|
|
8
7
|
SERVER_TYPE: 'ipsec'
|
|
9
8
|
IPSEC_ROOT: ~/ipsec
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
module KingslyCertbot
|
|
4
4
|
class Configuration
|
|
5
|
-
VARS = %i[kingsly_server_host
|
|
5
|
+
VARS = %i[kingsly_server_host kingsly_server_port top_level_domain sub_domain
|
|
6
6
|
kingsly_http_read_timeout kingsly_http_open_timeout sentry_dsn environment server_type ipsec_root].freeze
|
|
7
7
|
attr_accessor(*VARS)
|
|
8
8
|
|
|
@@ -14,29 +14,18 @@ module KingslyCertbot
|
|
|
14
14
|
@top_level_domain = params['TOP_LEVEL_DOMAIN']
|
|
15
15
|
@sub_domain = params['SUB_DOMAIN']
|
|
16
16
|
@kingsly_server_host = params['KINGSLY_SERVER_HOST']
|
|
17
|
-
@
|
|
18
|
-
@kingsly_server_password = params['KINGSLY_SERVER_PASSWORD']
|
|
17
|
+
@kingsly_server_port = params['KINGSLY_SERVER_PORT']
|
|
19
18
|
@server_type = params['SERVER_TYPE']
|
|
20
19
|
@ipsec_root = params['IPSEC_ROOT'] || '/'
|
|
21
20
|
end
|
|
22
21
|
|
|
23
22
|
def validate!
|
|
24
|
-
%i[top_level_domain sub_domain kingsly_server_host
|
|
23
|
+
%i[top_level_domain sub_domain kingsly_server_host kingsly_server_port server_type].each do |mandatory|
|
|
25
24
|
raise "Missing mandatory config '#{mandatory}'" if send(mandatory).nil? || send(mandatory) == ''
|
|
26
25
|
end
|
|
27
26
|
raise "Unsupported server_type '#{server_type}'" unless ['ipsec'].include?(server_type)
|
|
28
27
|
|
|
29
28
|
self
|
|
30
29
|
end
|
|
31
|
-
|
|
32
|
-
def to_s
|
|
33
|
-
str = ''
|
|
34
|
-
VARS.each do |key|
|
|
35
|
-
value = send(key)
|
|
36
|
-
value = '****' if key == :kingsly_server_password
|
|
37
|
-
str += "#{key}: '#{value}'\n"
|
|
38
|
-
end
|
|
39
|
-
str
|
|
40
|
-
end
|
|
41
30
|
end
|
|
42
31
|
end
|
|
@@ -7,8 +7,7 @@ require 'base64'
|
|
|
7
7
|
module KingslyCertbot
|
|
8
8
|
class KingslyClient
|
|
9
9
|
def self.get_cert_bundle(kingsly_server_host:,
|
|
10
|
-
|
|
11
|
-
kingsly_server_password:,
|
|
10
|
+
kingsly_server_port:,
|
|
12
11
|
top_level_domain:,
|
|
13
12
|
sub_domain:,
|
|
14
13
|
kingsly_http_read_timeout: 120,
|
|
@@ -18,16 +17,14 @@ module KingslyCertbot
|
|
|
18
17
|
'top_level_domain' => top_level_domain,
|
|
19
18
|
'sub_domain' => sub_domain
|
|
20
19
|
}
|
|
21
|
-
uri = URI.parse("
|
|
20
|
+
uri = URI.parse("http://#{kingsly_server_host}:#{kingsly_server_port}/v1/cert_bundles")
|
|
22
21
|
|
|
23
22
|
http = Net::HTTP.new(uri.host, uri.port)
|
|
24
|
-
http.use_ssl = true
|
|
25
23
|
|
|
26
24
|
http.read_timeout = kingsly_http_read_timeout
|
|
27
25
|
http.open_timeout = kingsly_http_open_timeout
|
|
28
26
|
|
|
29
27
|
headers = {}
|
|
30
|
-
headers['Authorization'] = 'Basic ' + Base64.encode64("#{kingsly_server_user}:#{kingsly_server_password}").chop
|
|
31
28
|
headers['Content-Type'] = 'application/json'
|
|
32
29
|
resp = http.start do |http_request|
|
|
33
30
|
http_request.post(uri.path, JSON.dump(body), headers)
|
|
@@ -39,8 +39,7 @@ module KingslyCertbot
|
|
|
39
39
|
$logger.info("Querying Kingsly server for certificate to domain #{@configuration.sub_domain}.#{@configuration.top_level_domain}")
|
|
40
40
|
cert_bundle = KingslyClient.get_cert_bundle(
|
|
41
41
|
kingsly_server_host: @configuration.kingsly_server_host,
|
|
42
|
-
|
|
43
|
-
kingsly_server_password: @configuration.kingsly_server_password,
|
|
42
|
+
kingsly_server_port: @configuration.kingsly_server_port,
|
|
44
43
|
top_level_domain: @configuration.top_level_domain,
|
|
45
44
|
sub_domain: @configuration.sub_domain,
|
|
46
45
|
kingsly_http_read_timeout: @configuration.kingsly_http_read_timeout,
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kingsly-certbot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- FOSS at GO-JEK
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|