letsencrypt-rails-heroku 0.2.4 → 0.2.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/README.md +4 -2
- data/VERSION +1 -1
- data/letsencrypt-rails-heroku.gemspec +4 -3
- data/lib/tasks/letsencrypt.rake +35 -27
- metadata +3 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 4af526952e278835b5dee7faa482a5f7b3b6ff83
|
4
|
+
data.tar.gz: 7400137a3e71c181e5ecff096ac2aa68e4e0b3f7
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e0f308c77638172345bf1dba96eea15d118ae037b2fc7446229f35bffabaecca925647c0288a9237d0f6734765d3b7148f6a143589324174d3d6e75f1aa52c9a
|
7
|
+
data.tar.gz: 8e1af68eaaf9b48650451f5549c94fc8cadb15c83d2db15fb0304fb949518a87c027e7d3bca34b085c328bec84a5069e019531f3c188b22a6ebca916cf5bcf19
|
data/CHANGELOG.md
ADDED
data/README.md
CHANGED
@@ -7,7 +7,7 @@ on Heroku using their free SNI-based SSL and LetsEncrypt. It will automatically
|
|
7
7
|
handle renewals and keeping your certificate up to date.
|
8
8
|
|
9
9
|
|
10
|
-
##
|
10
|
+
## Requirements
|
11
11
|
|
12
12
|
- Whilst it is in beta, you must use the labs feature to enable Heroku's free
|
13
13
|
SSL offering:
|
@@ -88,7 +88,7 @@ After deploying, run `heroku run rake letsencrypt:renew`. Ensure that the
|
|
88
88
|
output looks good:
|
89
89
|
|
90
90
|
```
|
91
|
-
$ heroku run rake letsencrypt
|
91
|
+
$ heroku run rake letsencrypt:renew
|
92
92
|
Running rake letsencrypt:renew on ⬢ yourapp... ⣷ connecting, run.1234
|
93
93
|
Creating account key...Done!
|
94
94
|
Registering with LetsEncrypt...Done!
|
@@ -158,6 +158,8 @@ following security considerations:
|
|
158
158
|
- Provide instructions for running the gem decoupled from the app it is
|
159
159
|
securing, for the paranoid.
|
160
160
|
|
161
|
+
- Support non-SNI Heroku SSL too.
|
162
|
+
|
161
163
|
## Contributing
|
162
164
|
|
163
165
|
- Check out the latest master to make sure the feature hasn't been implemented
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
0.2.
|
1
|
+
0.2.5
|
@@ -2,16 +2,16 @@
|
|
2
2
|
# DO NOT EDIT THIS FILE DIRECTLY
|
3
3
|
# Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
|
4
4
|
# -*- encoding: utf-8 -*-
|
5
|
-
# stub: letsencrypt-rails-heroku 0.2.
|
5
|
+
# stub: letsencrypt-rails-heroku 0.2.5 ruby lib
|
6
6
|
|
7
7
|
Gem::Specification.new do |s|
|
8
8
|
s.name = "letsencrypt-rails-heroku"
|
9
|
-
s.version = "0.2.
|
9
|
+
s.version = "0.2.5"
|
10
10
|
|
11
11
|
s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
|
12
12
|
s.require_paths = ["lib"]
|
13
13
|
s.authors = ["David Somers"]
|
14
|
-
s.date = "2016-08-
|
14
|
+
s.date = "2016-08-10"
|
15
15
|
s.description = "This gem automatically handles creation, renewal, and applying SSL certificates from LetsEncrypt to your Heroku account."
|
16
16
|
s.email = "david@pixielabs.co.uk"
|
17
17
|
s.extra_rdoc_files = [
|
@@ -20,6 +20,7 @@ Gem::Specification.new do |s|
|
|
20
20
|
]
|
21
21
|
s.files = [
|
22
22
|
".document",
|
23
|
+
"CHANGELOG.md",
|
23
24
|
"Gemfile",
|
24
25
|
"Gemfile.lock",
|
25
26
|
"LICENSE.txt",
|
data/lib/tasks/letsencrypt.rake
CHANGED
@@ -27,38 +27,47 @@ namespace :letsencrypt do
|
|
27
27
|
registration.agree_terms
|
28
28
|
puts "Done!"
|
29
29
|
|
30
|
-
|
31
|
-
challenge = authorization.http01
|
30
|
+
domains = Letsencrypt.configuration.acme_domain.split(',').map(&:strip)
|
32
31
|
|
33
|
-
|
34
|
-
|
35
|
-
'ACME_CHALLENGE_FILENAME' => challenge.filename,
|
36
|
-
'ACME_CHALLENGE_FILE_CONTENT' => challenge.file_content
|
37
|
-
})
|
38
|
-
puts "Done!"
|
32
|
+
domains.each do |domain|
|
33
|
+
puts "Performing verification for #{domain}:"
|
39
34
|
|
40
|
-
|
41
|
-
|
42
|
-
sleep(5)
|
43
|
-
puts "Done!"
|
35
|
+
authorization = client.authorize(domain: domain)
|
36
|
+
challenge = authorization.http01
|
44
37
|
|
45
|
-
|
46
|
-
|
38
|
+
print "Setting config vars on Heroku..."
|
39
|
+
heroku.config_var.update(heroku_app, {
|
40
|
+
'ACME_CHALLENGE_FILENAME' => challenge.filename,
|
41
|
+
'ACME_CHALLENGE_FILE_CONTENT' => challenge.file_content
|
42
|
+
})
|
43
|
+
puts "Done!"
|
47
44
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
45
|
+
# Wait for request to go through
|
46
|
+
print "Giving config vars time to change..."
|
47
|
+
sleep(5)
|
48
|
+
puts "Done!"
|
52
49
|
|
53
|
-
|
54
|
-
|
55
|
-
challenge.verify_status # => 'pending'
|
50
|
+
# Wait for app to come up
|
51
|
+
print "Testing filename works (to bring up app)..."
|
56
52
|
|
57
|
-
|
58
|
-
|
53
|
+
# Get the domain name from Heroku
|
54
|
+
hostname = heroku.domain.list(heroku_app).first['hostname']
|
55
|
+
open("http://#{hostname}/#{challenge.filename}").read
|
56
|
+
puts "Done!"
|
57
|
+
|
58
|
+
print "Giving LetsEncrypt some time to verify..."
|
59
|
+
# Once you are ready to serve the confirmation request you can proceed.
|
60
|
+
challenge.request_verification # => true
|
61
|
+
challenge.verify_status # => 'pending'
|
62
|
+
|
63
|
+
sleep(3)
|
64
|
+
puts "Done!"
|
65
|
+
|
66
|
+
unless challenge.verify_status == 'valid'
|
67
|
+
abort "Problem with verifying challenge."
|
68
|
+
end
|
59
69
|
|
60
|
-
|
61
|
-
abort "Problem with verifying challenge."
|
70
|
+
puts ""
|
62
71
|
end
|
63
72
|
|
64
73
|
# Unset temporary config vars. We don't care about waiting for this to
|
@@ -69,8 +78,7 @@ namespace :letsencrypt do
|
|
69
78
|
})
|
70
79
|
|
71
80
|
# Create CSR
|
72
|
-
|
73
|
-
csr = Acme::Client::CertificateRequest.new(names: names)
|
81
|
+
csr = Acme::Client::CertificateRequest.new(names: domains)
|
74
82
|
|
75
83
|
# Get certificate
|
76
84
|
certificate = client.new_certificate(csr) # => #<Acme::Client::Certificate ....>
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: letsencrypt-rails-heroku
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.2.
|
4
|
+
version: 0.2.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- David Somers
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-08-
|
11
|
+
date: 2016-08-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: acme-client
|
@@ -118,6 +118,7 @@ extra_rdoc_files:
|
|
118
118
|
- README.md
|
119
119
|
files:
|
120
120
|
- ".document"
|
121
|
+
- CHANGELOG.md
|
121
122
|
- Gemfile
|
122
123
|
- Gemfile.lock
|
123
124
|
- LICENSE.txt
|