letsencrypt-cli 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 13fdaac7e4df11532b0bd073c686011054f5bab1
4
- data.tar.gz: 7805d292345e002848567c117a5ad0b9f058c11a
3
+ metadata.gz: 7251081d8f3dd853b125c43b1fa7db980e7db06e
4
+ data.tar.gz: 684292ac3a356c97695d54844569c71360ad2031
5
5
  SHA512:
6
- metadata.gz: 1f71051e7666506734ecd71ba7118dc4438f819c68b8b7ccc41cfb5c3eed3d0e0736c5323598bdb7ffebd67270cd9a8ad4c4ebc1766b8a0e168567484d6ea83f
7
- data.tar.gz: 63524b84c31c375fec6ec49494a820d1fefe372cb0e00ec5b14fab3a1ca92180aeb4a01965d84fbf810fd09a2ae1621b5fc26c0ff631d4d71492b3109e570d12
6
+ metadata.gz: 36698d3993b69182c14159541c3cdac47b2adc81b6bbe1e151c831d1c30f9c5fc7b11d6c7966d3eb20d30c9ae8d08de876d286e14e83e466028acf4fdfcd3ef4
7
+ data.tar.gz: 7058f1ce08fa09ef1516de2958da9d410c0a73fbff267385349dee97823e116bda8305ce9b99b9175b0df5a9b558506d79a6a1e5447cdf2600a540abe401e84a
data/README.md CHANGED
@@ -38,14 +38,22 @@ letsencrypt-cli authorize_all -t --webroot-path /var/www/default
38
38
 
39
39
  # create a certificate for before authorized domains.
40
40
  # the first domain will be the cn subject. All other are subjectAlternateName
41
+ # if cert.pem already exists, will only create a new one if the old is expired
42
+ # (30 days before expiration) -> see full help
43
+ letsencrypt-cli help cert
44
+
41
45
  letsencrypt-cli cert -t example.com www.example.com somdir.example.com
42
46
  # will create key.pem fullchain.pem chain.pem and cert.pem
47
+
48
+
49
+ # checks validation date of given certificate. Exists non-zero if not exists or
50
+ # will expire in 30 days
51
+ letsencrypt-cli check --days-valid 30 cert.pem
43
52
  ```
44
53
 
45
54
 
46
55
  ## Example integration nginx:
47
56
 
48
-
49
57
  ```nginx
50
58
  server {
51
59
  listen 80;
@@ -1,6 +1,5 @@
1
1
  require 'json'
2
2
  require 'acme-client'
3
- require 'pry'
4
3
 
5
4
  class AcmeWrapper
6
5
  def initialize(options)
@@ -90,6 +89,22 @@ class AcmeWrapper
90
89
  log "Certificate valid until: #{certificate.x509.not_after}"
91
90
  end
92
91
 
92
+ def check_certificate(path)
93
+ unless File.exists?(path)
94
+ log "Certificate #{path} does not exists", :warn
95
+ return false
96
+ end
97
+ cert = OpenSSL::X509::Certificate.new(File.read(path))
98
+ renew_on = cert.not_after.to_date - @options[:days_valid]
99
+ log "Certificate '#{path}' valid until #{cert.not_after.to_date}.", :info
100
+ if Date.today >= renew_on
101
+ log "Certificate '#{path}' should be renewed!", :warn
102
+ return false
103
+ else
104
+ true
105
+ end
106
+ end
107
+
93
108
  private
94
109
 
95
110
  def certificate_exists_and_valid?
@@ -62,8 +62,15 @@ module Letsencrypt
62
62
  wrapper.cert(domains)
63
63
  end
64
64
 
65
- map %w[--version -v] => :__print_version
65
+ desc "check PATH_TO_CERTIFICATE", "checks, if a given certificate exists and is valid until DAYS_VALID"
66
+ method_option :days_valid, desc: "If the --certificate-path already exists, only create new stuff, if that certificate isn't valid for less than the given number of days", default: 30, type: :numeric
67
+ def check(path)
68
+ if !wrapper.check_certificate(path)
69
+ exit 1
70
+ end
71
+ end
66
72
 
73
+ map %w[--version -v] => :__print_version
67
74
  desc "--version, -v", "print the version"
68
75
  def __print_version
69
76
  puts Letsencrypt::Cli::VERSION
@@ -1,5 +1,5 @@
1
1
  module Letsencrypt
2
2
  module Cli
3
- VERSION = "0.1.0"
3
+ VERSION = "0.1.1"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: letsencrypt-cli
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stefan Wienert