kingsly-certbot 0.1.0 → 0.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/Gemfile.lock +1 -1
- data/kingsly-config.yaml.sample +2 -3
- data/lib/kingsly_certbot/configuration.rb +3 -14
- data/lib/kingsly_certbot/kingsly_client.rb +2 -5
- data/lib/kingsly_certbot/runner.rb +1 -2
- data/lib/kingsly_certbot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 23bedd90f9a1b26f3cdae7ed108c48e921f0da3ad61c7fec9a012883b7ae35a9
|
|
4
|
+
data.tar.gz: 7bbd7b0d81e17764627c975e00707d0606f989f6a34963b35499c07fabe8ca0e
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 0ba0c36b11c4bb9e960b17228f137e90d31ecf104d0884ad594ebce29cb442e0cb8761a6a6c137bcf120aaa5a3bc0b897da55622e7df1f44f592f6c7f3d8bca2
|
|
7
|
+
data.tar.gz: 1154ef166dec300600bdb1d3d6a846a41fec646106e6b80ae5f31320411229cc8ebbaca30118a93fdff8ca0041a81e285fbf7d7284a4b56c997f1c860b9afa2d
|
data/CHANGELOG.md
CHANGED
data/Gemfile.lock
CHANGED
data/kingsly-config.yaml.sample
CHANGED
|
@@ -2,8 +2,7 @@ SENTRY_DSN:
|
|
|
2
2
|
ENVIRONMENT: 'development'
|
|
3
3
|
TOP_LEVEL_DOMAIN: 'example.com'
|
|
4
4
|
SUB_DOMAIN: 'subdomain'
|
|
5
|
-
KINGSLY_SERVER_HOST: '
|
|
6
|
-
|
|
7
|
-
KINGSLY_SERVER_PASSWORD: '****'
|
|
5
|
+
KINGSLY_SERVER_HOST: 'localhost'
|
|
6
|
+
KINGSLY_SERVER_PORT: 8080
|
|
8
7
|
SERVER_TYPE: 'ipsec'
|
|
9
8
|
IPSEC_ROOT: ~/ipsec
|
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
module KingslyCertbot
|
|
4
4
|
class Configuration
|
|
5
|
-
VARS = %i[kingsly_server_host
|
|
5
|
+
VARS = %i[kingsly_server_host kingsly_server_port top_level_domain sub_domain
|
|
6
6
|
kingsly_http_read_timeout kingsly_http_open_timeout sentry_dsn environment server_type ipsec_root].freeze
|
|
7
7
|
attr_accessor(*VARS)
|
|
8
8
|
|
|
@@ -14,29 +14,18 @@ module KingslyCertbot
|
|
|
14
14
|
@top_level_domain = params['TOP_LEVEL_DOMAIN']
|
|
15
15
|
@sub_domain = params['SUB_DOMAIN']
|
|
16
16
|
@kingsly_server_host = params['KINGSLY_SERVER_HOST']
|
|
17
|
-
@
|
|
18
|
-
@kingsly_server_password = params['KINGSLY_SERVER_PASSWORD']
|
|
17
|
+
@kingsly_server_port = params['KINGSLY_SERVER_PORT']
|
|
19
18
|
@server_type = params['SERVER_TYPE']
|
|
20
19
|
@ipsec_root = params['IPSEC_ROOT'] || '/'
|
|
21
20
|
end
|
|
22
21
|
|
|
23
22
|
def validate!
|
|
24
|
-
%i[top_level_domain sub_domain kingsly_server_host
|
|
23
|
+
%i[top_level_domain sub_domain kingsly_server_host kingsly_server_port server_type].each do |mandatory|
|
|
25
24
|
raise "Missing mandatory config '#{mandatory}'" if send(mandatory).nil? || send(mandatory) == ''
|
|
26
25
|
end
|
|
27
26
|
raise "Unsupported server_type '#{server_type}'" unless ['ipsec'].include?(server_type)
|
|
28
27
|
|
|
29
28
|
self
|
|
30
29
|
end
|
|
31
|
-
|
|
32
|
-
def to_s
|
|
33
|
-
str = ''
|
|
34
|
-
VARS.each do |key|
|
|
35
|
-
value = send(key)
|
|
36
|
-
value = '****' if key == :kingsly_server_password
|
|
37
|
-
str += "#{key}: '#{value}'\n"
|
|
38
|
-
end
|
|
39
|
-
str
|
|
40
|
-
end
|
|
41
30
|
end
|
|
42
31
|
end
|
|
@@ -7,8 +7,7 @@ require 'base64'
|
|
|
7
7
|
module KingslyCertbot
|
|
8
8
|
class KingslyClient
|
|
9
9
|
def self.get_cert_bundle(kingsly_server_host:,
|
|
10
|
-
|
|
11
|
-
kingsly_server_password:,
|
|
10
|
+
kingsly_server_port:,
|
|
12
11
|
top_level_domain:,
|
|
13
12
|
sub_domain:,
|
|
14
13
|
kingsly_http_read_timeout: 120,
|
|
@@ -18,16 +17,14 @@ module KingslyCertbot
|
|
|
18
17
|
'top_level_domain' => top_level_domain,
|
|
19
18
|
'sub_domain' => sub_domain
|
|
20
19
|
}
|
|
21
|
-
uri = URI.parse("
|
|
20
|
+
uri = URI.parse("http://#{kingsly_server_host}:#{kingsly_server_port}/v1/cert_bundles")
|
|
22
21
|
|
|
23
22
|
http = Net::HTTP.new(uri.host, uri.port)
|
|
24
|
-
http.use_ssl = true
|
|
25
23
|
|
|
26
24
|
http.read_timeout = kingsly_http_read_timeout
|
|
27
25
|
http.open_timeout = kingsly_http_open_timeout
|
|
28
26
|
|
|
29
27
|
headers = {}
|
|
30
|
-
headers['Authorization'] = 'Basic ' + Base64.encode64("#{kingsly_server_user}:#{kingsly_server_password}").chop
|
|
31
28
|
headers['Content-Type'] = 'application/json'
|
|
32
29
|
resp = http.start do |http_request|
|
|
33
30
|
http_request.post(uri.path, JSON.dump(body), headers)
|
|
@@ -39,8 +39,7 @@ module KingslyCertbot
|
|
|
39
39
|
$logger.info("Querying Kingsly server for certificate to domain #{@configuration.sub_domain}.#{@configuration.top_level_domain}")
|
|
40
40
|
cert_bundle = KingslyClient.get_cert_bundle(
|
|
41
41
|
kingsly_server_host: @configuration.kingsly_server_host,
|
|
42
|
-
|
|
43
|
-
kingsly_server_password: @configuration.kingsly_server_password,
|
|
42
|
+
kingsly_server_port: @configuration.kingsly_server_port,
|
|
44
43
|
top_level_domain: @configuration.top_level_domain,
|
|
45
44
|
sub_domain: @configuration.sub_domain,
|
|
46
45
|
kingsly_http_read_timeout: @configuration.kingsly_http_read_timeout,
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kingsly-certbot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- FOSS at GO-JEK
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-02-
|
|
11
|
+
date: 2019-02-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|