kingsly_certbot 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +6 -1
- data/.ruby-version +1 -1
- data/Gemfile.lock +5 -5
- data/README.md +8 -0
- data/bin/kingsly-certbot +5 -10
- data/kingsly-config.yaml.sample +3 -3
- data/lib/kingsly_certbot/configuration.rb +6 -6
- data/lib/kingsly_certbot/ip_sec_cert_adapter.rb +3 -6
- data/lib/kingsly_certbot/kingsly_client.rb +3 -2
- data/lib/kingsly_certbot/runner.rb +2 -2
- data/lib/kingsly_certbot/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5e525264e27c4abb5e41f87fc23c4111333f8672c64dffb56f69aca385c69120
|
|
4
|
+
data.tar.gz: b3b3cea79f1747964f44000f4883beac210cb857c3604d1cace166ea4cfd3940
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ac47f45190d97fc9d440d683a0c9a689a77c31a624d88d365f2ee5654bcd191eed14a2b0f910277bf584b39dc1135e7bb1ab8a8b5cb6e85e90cbf859dbc8b2a4
|
|
7
|
+
data.tar.gz: 2819638266478f99cbaa4681c837b41963a8a71d5ea41b1bfe4ca75fbabc5e2b3816934cc81b832af0e39ca2882e2a7196ac533b1583c5eb69011155c42b6236
|
data/.rubocop.yml
CHANGED
|
@@ -14,6 +14,7 @@ Style/CommandLiteral:
|
|
|
14
14
|
Metrics/BlockLength:
|
|
15
15
|
Exclude:
|
|
16
16
|
- 'spec/*'
|
|
17
|
+
- 'kingsly_certbot.gemspec'
|
|
17
18
|
|
|
18
19
|
Metrics/PerceivedComplexity:
|
|
19
20
|
Max: 8
|
|
@@ -29,4 +30,8 @@ Metrics/AbcSize:
|
|
|
29
30
|
|
|
30
31
|
Metrics/ParameterLists:
|
|
31
32
|
Exclude:
|
|
32
|
-
- 'lib/kingsly_certbot/kingsly_client.rb'
|
|
33
|
+
- 'lib/kingsly_certbot/kingsly_client.rb'
|
|
34
|
+
|
|
35
|
+
Style/GlobalVars:
|
|
36
|
+
AllowedVariables:
|
|
37
|
+
- '$logger'
|
data/.ruby-version
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
2.5.
|
|
1
|
+
2.5.3
|
data/Gemfile.lock
CHANGED
|
@@ -2,7 +2,7 @@ PATH
|
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
4
|
kingsly_certbot (0.1.0)
|
|
5
|
-
sentry-raven (~> 2.9.0)
|
|
5
|
+
sentry-raven (~> 2.9, >= 2.9.0)
|
|
6
6
|
|
|
7
7
|
GEM
|
|
8
8
|
remote: https://rubygems.org/
|
|
@@ -60,12 +60,12 @@ PLATFORMS
|
|
|
60
60
|
ruby
|
|
61
61
|
|
|
62
62
|
DEPENDENCIES
|
|
63
|
-
bundler (~> 2.0.1)
|
|
63
|
+
bundler (~> 2.0, >= 2.0.1)
|
|
64
64
|
kingsly_certbot!
|
|
65
|
-
rake (~> 10.5.0)
|
|
66
|
-
rspec (~> 3.8.0)
|
|
65
|
+
rake (~> 10.5, >= 10.5.0)
|
|
66
|
+
rspec (~> 3.8, >= 3.8.0)
|
|
67
67
|
rubocop (~> 0.63.1)
|
|
68
|
-
webmock (~> 3.5.1)
|
|
68
|
+
webmock (~> 3.5, >= 3.5.1)
|
|
69
69
|
|
|
70
70
|
BUNDLED WITH
|
|
71
71
|
2.0.1
|
data/README.md
CHANGED
|
@@ -16,6 +16,14 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
|
|
|
16
16
|
|
|
17
17
|
To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
|
|
18
18
|
|
|
19
|
+
#### Running Test suite
|
|
20
|
+
|
|
21
|
+
```
|
|
22
|
+
$ mkdir /etc/ipsec.d
|
|
23
|
+
$ sudo chown -R $USER:staff /etc/ipsec.d
|
|
24
|
+
$ bundle exec rake
|
|
25
|
+
```
|
|
26
|
+
|
|
19
27
|
## Contributing
|
|
20
28
|
|
|
21
29
|
Bug reports and pull requests are welcome on GitHub at https://github.com/gojekfarm/kingsly-certbot
|
data/bin/kingsly-certbot
CHANGED
|
@@ -4,18 +4,13 @@
|
|
|
4
4
|
require 'kingsly_certbot'
|
|
5
5
|
|
|
6
6
|
# kingsly-certbot --config /opt/kingsly-certbot/kingsly-certbot.conf
|
|
7
|
-
|
|
8
|
-
$logger = if Dir.exists?(log_dir)
|
|
9
|
-
Logger.new("#{log_dir}/kingsly-certbot.log", level: ENV['LOG_LEVEL'] || 'info')
|
|
10
|
-
else
|
|
11
|
-
Logger.new(STDOUT)
|
|
12
|
-
end
|
|
7
|
+
$logger = Logger.new(STDOUT)
|
|
13
8
|
certbot = begin
|
|
14
9
|
KingslyCertbot::Runner.new(ARGV)
|
|
15
|
-
rescue StandardError => e
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
10
|
+
rescue StandardError => e
|
|
11
|
+
$logger.fatal(e)
|
|
12
|
+
$logger.fatal(e.backtrace.join("\n"))
|
|
13
|
+
return 1
|
|
19
14
|
end
|
|
20
15
|
|
|
21
16
|
certbot.configure.execute
|
data/kingsly-config.yaml.sample
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
SENTRY_DSN:
|
|
2
2
|
ENVIRONMENT: 'development'
|
|
3
|
-
TOP_LEVEL_DOMAIN: '
|
|
4
|
-
SUB_DOMAIN: '
|
|
5
|
-
KINGSLY_SERVER_HOST: '
|
|
3
|
+
TOP_LEVEL_DOMAIN: 'example.com'
|
|
4
|
+
SUB_DOMAIN: 'subdomain'
|
|
5
|
+
KINGSLY_SERVER_HOST: 'kingsly.example.com'
|
|
6
6
|
KINGSLY_SERVER_USER: '****'
|
|
7
7
|
KINGSLY_SERVER_PASSWORD: '****'
|
|
8
8
|
SERVER_TYPE: 'ipsec'
|
|
@@ -2,9 +2,9 @@
|
|
|
2
2
|
|
|
3
3
|
module KingslyCertbot
|
|
4
4
|
class Configuration
|
|
5
|
-
VARS = [
|
|
6
|
-
|
|
7
|
-
attr_accessor
|
|
5
|
+
VARS = %i[kingsly_server_host kingsly_server_user kingsly_server_password top_level_domain sub_domain
|
|
6
|
+
kingsly_http_read_timeout kingsly_http_open_timeout sentry_dsn environment server_type ipsec_root].freeze
|
|
7
|
+
attr_accessor(*VARS)
|
|
8
8
|
|
|
9
9
|
def initialize(params = {})
|
|
10
10
|
@kingsly_http_read_timeout = 120
|
|
@@ -32,9 +32,9 @@ module KingslyCertbot
|
|
|
32
32
|
def to_s
|
|
33
33
|
str = ''
|
|
34
34
|
VARS.each do |key|
|
|
35
|
-
value =
|
|
36
|
-
value =
|
|
37
|
-
str+="#{key
|
|
35
|
+
value = send(key)
|
|
36
|
+
value = '****' if key == :kingsly_server_password
|
|
37
|
+
str += "#{key}: '#{value}'\n"
|
|
38
38
|
end
|
|
39
39
|
str
|
|
40
40
|
end
|
|
@@ -48,12 +48,9 @@ module KingslyCertbot
|
|
|
48
48
|
end
|
|
49
49
|
|
|
50
50
|
def restart_service
|
|
51
|
-
result =
|
|
52
|
-
$logger.error(
|
|
53
|
-
result
|
|
54
|
-
rescue StandardError => e
|
|
55
|
-
$logger.fatal("ipsec restart command failed with error message: '#{e.message}'")
|
|
56
|
-
raise e
|
|
51
|
+
result = Kernel.system('ipsec restart')
|
|
52
|
+
$logger.error('ipsec restart command failed') unless result
|
|
53
|
+
result
|
|
57
54
|
end
|
|
58
55
|
end
|
|
59
56
|
end
|
|
@@ -18,9 +18,10 @@ module KingslyCertbot
|
|
|
18
18
|
'top_level_domain' => top_level_domain,
|
|
19
19
|
'sub_domain' => sub_domain
|
|
20
20
|
}
|
|
21
|
-
uri = URI.parse("
|
|
21
|
+
uri = URI.parse("https://#{kingsly_server_host}/v1/cert_bundles")
|
|
22
22
|
|
|
23
|
-
http = Net::HTTP.new(uri.host,
|
|
23
|
+
http = Net::HTTP.new(uri.host, uri.port)
|
|
24
|
+
http.use_ssl = true
|
|
24
25
|
|
|
25
26
|
http.read_timeout = kingsly_http_read_timeout
|
|
26
27
|
http.open_timeout = kingsly_http_open_timeout
|
|
@@ -6,7 +6,7 @@ module KingslyCertbot
|
|
|
6
6
|
|
|
7
7
|
def initialize(args)
|
|
8
8
|
raise 'Argument passed is not of type Array' if args.class != Array
|
|
9
|
-
raise '--config argument missing' if args[0]
|
|
9
|
+
raise '--config argument missing' if args[0].nil? || args[0].strip == ''
|
|
10
10
|
raise "Unknown argument '#{args[0]}'" if args[0] != '--config'
|
|
11
11
|
raise "Config file does not exist at '#{args[1]}'" unless File.exist?(args[1])
|
|
12
12
|
|
|
@@ -22,7 +22,7 @@ module KingslyCertbot
|
|
|
22
22
|
end
|
|
23
23
|
|
|
24
24
|
@configuration = KingslyCertbot::Configuration.new(local_config)
|
|
25
|
-
$logger.info("Loaded configuration: #{@configuration
|
|
25
|
+
$logger.info("Loaded configuration: #{@configuration}")
|
|
26
26
|
Raven.configure do |config|
|
|
27
27
|
config.dsn = @configuration.sentry_dsn
|
|
28
28
|
config.encoding = 'json'
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kingsly_certbot
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- FOSS at GO-JEK
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-02-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|