letsencrypt-rails-heroku 0.3.0 → 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +18 -0
- data/README.md +1 -1
- data/Rakefile +4 -4
- data/VERSION +1 -1
- data/letsencrypt-rails-heroku.gemspec +8 -7
- data/lib/letsencrypt-rails-heroku.rb +1 -0
- data/lib/letsencrypt-rails-heroku/exceptions.rb +12 -0
- data/lib/tasks/letsencrypt.rake +34 -11
- metadata +8 -5
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 05ee4912e0826370d5e74c310b425ba6e4143921
|
4
|
+
data.tar.gz: 889c2a4c16e672481c1db9d42a5dfe2a45f8424e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: f0cf0b6f588d1a91fbe590d55d44cc211c51865241392379d8fe8b4ea90f4a4033ba1eff5dbf79ed1c4aa2819fec77b6bf49934a0d61defe9ac5f69a29b876ff
|
7
|
+
data.tar.gz: 82269e1b169a4ddc091882d42b970a82cfe880cd37c183248e3c733129b6bf63a8f740fbc93d3cb266468a8a0443e3a871b8f3ae1a5be0622c166caac755989e
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,21 @@
|
|
1
|
+
# 1.0.0
|
2
|
+
|
3
|
+
The major version bump reflects the backwards-incompatible change around how
|
4
|
+
errors are handled; `abort` vs. custom exception types.
|
5
|
+
|
6
|
+
Huge thanks to everyone that contributed to this release, either via raising
|
7
|
+
issues or submitting pull requests.
|
8
|
+
|
9
|
+
- Raise exceptions on errors, instead of just `abort`ing. This should help
|
10
|
+
you catch when your certificate renewal fails, before it expires completely.
|
11
|
+
Closes issue #21 and pull request #28. Thanks @abigailmcp!
|
12
|
+
|
13
|
+
- Wait up to 30 seconds for LetsEncrypt to verify a domain challenge. Closes
|
14
|
+
issue #6 and pull requests #30, #25 and #7. Thanks @abigailmcp!
|
15
|
+
|
16
|
+
- Attempt to fetch the challenge URL for up to 30 seconds before giving up.
|
17
|
+
Closes issue #9 and pull request #28. Thanks @abigailmcp!
|
18
|
+
|
1
19
|
# 0.3.0
|
2
20
|
|
3
21
|
- Remove some Rails-specific methods and code to allow the gem to be used
|
data/README.md
CHANGED
@@ -26,7 +26,7 @@ Add the gem to your Gemfile:
|
|
26
26
|
```
|
27
27
|
# Until the new API calls are generally available, you must manually specify my fork
|
28
28
|
# of the Heroku API gem:
|
29
|
-
gem 'platform-api',
|
29
|
+
gem 'platform-api', git: 'https://github.com/jalada/platform-api', branch: 'master'
|
30
30
|
|
31
31
|
gem 'letsencrypt-rails-heroku', group: 'production'
|
32
32
|
```
|
data/Rakefile
CHANGED
@@ -15,12 +15,12 @@ require 'juwelier'
|
|
15
15
|
Juwelier::Tasks.new do |gem|
|
16
16
|
# gem is a Gem::Specification... see http://guides.rubygems.org/specification-reference/ for more options
|
17
17
|
gem.name = "letsencrypt-rails-heroku"
|
18
|
-
gem.homepage = "
|
18
|
+
gem.homepage = "https://github.com/pixielabs/letsencrypt-rails-heroku"
|
19
19
|
gem.license = "MIT"
|
20
|
-
gem.summary = %Q{Automatic LetsEncrypt
|
20
|
+
gem.summary = %Q{Automatic LetsEncrypt certificates in your Rails app on Heroku}
|
21
21
|
gem.description = %Q{This gem automatically handles creation, renewal, and applying SSL certificates from LetsEncrypt to your Heroku account.}
|
22
|
-
gem.email = "
|
23
|
-
gem.authors = ["David Somers"]
|
22
|
+
gem.email = "team@pixielabs.io"
|
23
|
+
gem.authors = ["Pixie Labs", "David Somers", "Abigail McPhillips"]
|
24
24
|
|
25
25
|
# dependencies defined in Gemfile
|
26
26
|
end
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.
|
1
|
+
1.0.0
|
@@ -2,18 +2,18 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: letsencrypt-rails-heroku 0.
|
5
|
+
# stub: letsencrypt-rails-heroku 1.0.0 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "letsencrypt-rails-heroku"
|
9
|
-
s.version = "0.
|
9
|
+
s.version = "1.0.0"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib"]
|
13
|
-
s.authors = ["David Somers"]
|
14
|
-
s.date = "
|
13
|
+
s.authors = ["Pixie Labs", "David Somers", "Abigail McPhillips"]
|
14
|
+
s.date = "2017-02-17"
|
15
15
|
s.description = "This gem automatically handles creation, renewal, and applying SSL certificates from LetsEncrypt to your Heroku account."
|
16
|
-
s.email = "
|
16
|
+
s.email = "team@pixielabs.io"
|
17
17
|
s.extra_rdoc_files = [
|
18
18
|
"LICENSE.txt",
|
19
19
|
"README.md"
|
@@ -29,15 +29,16 @@ Gem::Specification.new do |s|
|
|
29
29
|
"VERSION",
|
30
30
|
"letsencrypt-rails-heroku.gemspec",
|
31
31
|
"lib/letsencrypt-rails-heroku.rb",
|
32
|
+
"lib/letsencrypt-rails-heroku/exceptions.rb",
|
32
33
|
"lib/letsencrypt-rails-heroku/letsencrypt.rb",
|
33
34
|
"lib/letsencrypt-rails-heroku/middleware.rb",
|
34
35
|
"lib/letsencrypt-rails-heroku/railtie.rb",
|
35
36
|
"lib/tasks/letsencrypt.rake"
|
36
37
|
]
|
37
|
-
s.homepage = "
|
38
|
+
s.homepage = "https://github.com/pixielabs/letsencrypt-rails-heroku"
|
38
39
|
s.licenses = ["MIT"]
|
39
40
|
s.rubygems_version = "2.5.1"
|
40
|
-
s.summary = "Automatic LetsEncrypt
|
41
|
+
s.summary = "Automatic LetsEncrypt certificates in your Rails app on Heroku"
|
41
42
|
|
42
43
|
if s.respond_to? :specification_version then
|
43
44
|
s.specification_version = 4
|
@@ -0,0 +1,12 @@
|
|
1
|
+
module Letsencrypt
|
2
|
+
module Error
|
3
|
+
# Exception raised when LetsEncrypt encounters an issue verifying the challenge.
|
4
|
+
class VerificationError < StandardError; end
|
5
|
+
# Exception raised when challenge URL is not available.
|
6
|
+
class ChallengeUrlError < StandardError; end
|
7
|
+
# Exception raised on timeout of challenge verification.
|
8
|
+
class VerificationTimeoutError < StandardError; end
|
9
|
+
# Exception raised when an error occurs adding the certificate to Heroku.
|
10
|
+
class HerokuCertificateError < StandardError; end
|
11
|
+
end
|
12
|
+
end
|
data/lib/tasks/letsencrypt.rake
CHANGED
@@ -8,7 +8,7 @@ namespace :letsencrypt do
|
|
8
8
|
desc 'Renew your LetsEncrypt certificate'
|
9
9
|
task :renew do
|
10
10
|
# Check configuration looks OK
|
11
|
-
abort "letsencrypt-rails-heroku is configured incorrectly. Are you missing an environment variable or other configuration? You should have a heroku_token, heroku_app,
|
11
|
+
abort "letsencrypt-rails-heroku is configured incorrectly. Are you missing an environment variable or other configuration? You should have a heroku_token, heroku_app, acme_email and acme_domain configured either via a `Letsencrypt.configure` block in an initializer or as environment variables." unless Letsencrypt.configuration.valid?
|
12
12
|
|
13
13
|
# Set up Heroku client
|
14
14
|
heroku = PlatformAPI.connect_oauth Letsencrypt.configuration.heroku_token
|
@@ -42,17 +42,30 @@ namespace :letsencrypt do
|
|
42
42
|
})
|
43
43
|
puts "Done!"
|
44
44
|
|
45
|
-
# Wait for request to go through
|
46
|
-
print "Giving config vars time to change..."
|
47
|
-
sleep(5)
|
48
|
-
puts "Done!"
|
49
|
-
|
50
45
|
# Wait for app to come up
|
51
46
|
print "Testing filename works (to bring up app)..."
|
52
47
|
|
53
48
|
# Get the domain name from Heroku
|
54
49
|
hostname = heroku.domain.list(heroku_app).first['hostname']
|
55
|
-
|
50
|
+
|
51
|
+
# Wait at least a little bit, otherwise the first request will almost always fail.
|
52
|
+
sleep(2)
|
53
|
+
|
54
|
+
start_time = Time.now
|
55
|
+
|
56
|
+
begin
|
57
|
+
open("http://#{hostname}/#{challenge.filename}").read
|
58
|
+
rescue OpenURI::HTTPError => e
|
59
|
+
if Time.now - start_time <= 30
|
60
|
+
puts "Error fetching challenge, retrying... #{e.message}"
|
61
|
+
sleep(5)
|
62
|
+
retry
|
63
|
+
else
|
64
|
+
failure_message = "Error waiting for response from http://#{hostname}/#{challenge.filename}, Error: #{e.message}"
|
65
|
+
raise Letsencrypt::Error::ChallengeUrlError, failure_message
|
66
|
+
end
|
67
|
+
end
|
68
|
+
|
56
69
|
puts "Done!"
|
57
70
|
|
58
71
|
print "Giving LetsEncrypt some time to verify..."
|
@@ -60,12 +73,22 @@ namespace :letsencrypt do
|
|
60
73
|
challenge.request_verification # => true
|
61
74
|
challenge.verify_status # => 'pending'
|
62
75
|
|
63
|
-
|
76
|
+
start_time = Time.now
|
77
|
+
|
78
|
+
while challenge.verify_status == 'pending'
|
79
|
+
if Time.now - start_time >= 30
|
80
|
+
failure_message = "Failed - timed out waiting for challenge verification."
|
81
|
+
raise Letsencrypt::Error::VerificationTimeoutError, failure_message
|
82
|
+
end
|
83
|
+
sleep(3)
|
84
|
+
end
|
85
|
+
|
64
86
|
puts "Done!"
|
65
87
|
|
66
88
|
unless challenge.verify_status == 'valid'
|
67
89
|
puts "Problem verifying challenge."
|
68
|
-
|
90
|
+
failure_message = "Status: #{challenge.verify_status}, Error: #{challenge.error}"
|
91
|
+
raise Letsencrypt::Error::VerificationError, failure_message
|
69
92
|
end
|
70
93
|
|
71
94
|
puts ""
|
@@ -85,7 +108,7 @@ namespace :letsencrypt do
|
|
85
108
|
certificate = client.new_certificate(csr) # => #<Acme::Client::Certificate ....>
|
86
109
|
|
87
110
|
# Send certificates to Heroku via API
|
88
|
-
|
111
|
+
|
89
112
|
# First check for existing certificates:
|
90
113
|
certificates = heroku.sni_endpoint.list(heroku_app)
|
91
114
|
|
@@ -107,7 +130,7 @@ namespace :letsencrypt do
|
|
107
130
|
end
|
108
131
|
rescue Excon::Error::UnprocessableEntity => e
|
109
132
|
warn "Error adding certificate to Heroku. Response from Heroku’s API follows:"
|
110
|
-
|
133
|
+
raise Letsencrypt::Error::HerokuCertificateError, e.response.body
|
111
134
|
end
|
112
135
|
|
113
136
|
end
|
metadata
CHANGED
@@ -1,14 +1,16 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: letsencrypt-rails-heroku
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 1.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
|
+
- Pixie Labs
|
7
8
|
- David Somers
|
9
|
+
- Abigail McPhillips
|
8
10
|
autorequire:
|
9
11
|
bindir: bin
|
10
12
|
cert_chain: []
|
11
|
-
date:
|
13
|
+
date: 2017-02-17 00:00:00.000000000 Z
|
12
14
|
dependencies:
|
13
15
|
- !ruby/object:Gem::Dependency
|
14
16
|
name: acme-client
|
@@ -110,7 +112,7 @@ dependencies:
|
|
110
112
|
version: '0'
|
111
113
|
description: This gem automatically handles creation, renewal, and applying SSL certificates
|
112
114
|
from LetsEncrypt to your Heroku account.
|
113
|
-
email:
|
115
|
+
email: team@pixielabs.io
|
114
116
|
executables: []
|
115
117
|
extensions: []
|
116
118
|
extra_rdoc_files:
|
@@ -127,11 +129,12 @@ files:
|
|
127
129
|
- VERSION
|
128
130
|
- letsencrypt-rails-heroku.gemspec
|
129
131
|
- lib/letsencrypt-rails-heroku.rb
|
132
|
+
- lib/letsencrypt-rails-heroku/exceptions.rb
|
130
133
|
- lib/letsencrypt-rails-heroku/letsencrypt.rb
|
131
134
|
- lib/letsencrypt-rails-heroku/middleware.rb
|
132
135
|
- lib/letsencrypt-rails-heroku/railtie.rb
|
133
136
|
- lib/tasks/letsencrypt.rake
|
134
|
-
homepage:
|
137
|
+
homepage: https://github.com/pixielabs/letsencrypt-rails-heroku
|
135
138
|
licenses:
|
136
139
|
- MIT
|
137
140
|
metadata: {}
|
@@ -154,5 +157,5 @@ rubyforge_project:
|
|
154
157
|
rubygems_version: 2.5.1
|
155
158
|
signing_key:
|
156
159
|
specification_version: 4
|
157
|
-
summary: Automatic LetsEncrypt
|
160
|
+
summary: Automatic LetsEncrypt certificates in your Rails app on Heroku
|
158
161
|
test_files: []
|