letsencrypt_heroku 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: fd350843a8264fbb86c567c3da1050d577ad6bff
+  data.tar.gz: 4a09bf20e63e78b20718ca4647441ce9a1df8d77
+SHA512:
+  metadata.gz: b8ab3351b3b0055270feb47c668c0622211b42ad0f68af19463a90c7993b67f72c6b6adf8220cc0b02b94083fd2218ee110b2eaad13d83ae13129ad2705084db
+  data.tar.gz: 77a13396a80b2a4a78e3477effa4f99b5197ddebb4f04b65bd2ad2c277e8773b73845f575378e38c56c37d1f223725ba2ded003c4d09e812c9190e669da59629

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.rspec

@@ -0,0 +1,2 @@
+--format documentation
+--color

data/.ruby-version

@@ -0,0 +1 @@
+2.3.1

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.3.1
+before_install: gem install bundler -v 1.12.5

data/Gemfile

@@ -0,0 +1,4 @@
+source 'https://rubygems.org'
+
+# Specify your gem's dependencies in letsencrypt_heroku.gemspec
+gemspec

data/README.md

@@ -0,0 +1,31 @@
+# LetsencryptHeroku
+
+Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file `lib/letsencrypt_heroku`. To experiment with that code, run `bin/console` for an interactive prompt.
+
+## Installation
+
+Add these lines to your application's Gemfile:
+
+```ruby
+gem 'letsencrypt_rack'
+gem 'letsencrypt_heroku', require: false
+```
+
+And then execute:
+
+    $ bundle
+
+You'll need a `config/letsencrypt_heroku.yml`
+
+    - contact:    contact@foobar.dev
+      domains:    foobar.dev www.foobar.dev
+      herokuapp:  foobar
+
+And finally execute
+
+    $ letsencrypt_heroku
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/xijo/letsencrypt_heroku.
+

data/Rakefile

@@ -0,0 +1,10 @@
+require 'bundler/gem_tasks'
+
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec
+
+desc 'Open an irb session preloaded with this library'
+task :console do
+  sh 'irb -rubygems -I lib -r letsencrypt_heroku.rb'
+end

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "letsencrypt_heroku"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start

data/bin/letsencrypt_heroku

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require 'bundler/setup'
+require 'letsencrypt_heroku'
+
+LetsencryptHeroku::CLI.run

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/letsencrypt_heroku.gemspec

@@ -0,0 +1,27 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'letsencrypt_heroku/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'letsencrypt_heroku'
+  spec.version       = LetsencryptHeroku::VERSION
+  spec.authors       = ['Johannes Opper']
+  spec.email         = ['johannes.opper@gmail.com']
+
+  spec.summary       = %q{Setup SSL for heroku with letsencrypt}
+  spec.description   = %q{Setup SSL for heroku with letsencrypt}
+  spec.homepage      = 'https://github.com/xijo/letsencrypt_heroku'
+
+  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "rainbow"
+  spec.add_dependency "acme-client"
+
+  spec.add_development_dependency "bundler", "~> 1.12"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

data/lib/letsencrypt_heroku.rb

@@ -0,0 +1,21 @@
+require 'rainbow'
+require 'yaml'
+require 'acme-client'
+require 'openssl'
+require 'letsencrypt_heroku/version'
+require 'letsencrypt_heroku/setup'
+
+module LetsencryptHeroku
+  class CLI
+    CONFIG_FILE = 'config/letsencrypt_heroku.yml'
+
+    def self.run
+      if File.exist?(CONFIG_FILE)
+        configs = Array(YAML.load(File.read(CONFIG_FILE))).map { |c| OpenStruct.new(c) }
+        configs.each { |config| Setup.new(config).perform }
+      else
+        puts Rainbow("Missing config: #{CONFIG_FILE}").red
+      end
+    end
+  end
+end

data/lib/letsencrypt_heroku/setup.rb

@@ -0,0 +1,92 @@
+module LetsencryptHeroku
+  class Setup
+    class SetupError < StandardError ; end
+
+    PRODUCTION = 'https://acme-v01.api.letsencrypt.org/'
+    STAGING    = 'https://acme-staging.api.letsencrypt.org/'
+
+    attr_accessor :config
+
+    def initialize(config)
+      @config = config
+      @config.endpoint ||= PRODUCTION
+      @config.domains = config.domains.split
+    end
+
+    def perform
+      run_task "preflight" do
+        # heroku labs:enable http-sni
+        # heroku plugins:install heroku-certs
+
+        # check that ssl endpoint is on
+        # check heroku is there
+        # check that certs are there
+      end
+
+      run_task 'register with letsencrypt server' do
+        @private_key = OpenSSL::PKey::RSA.new(4096)
+        @client = Acme::Client.new(private_key: @private_key, endpoint: config.endpoint)
+        @client.register(contact: "mailto:#{config.contact}").agree_terms or fail_task
+      end
+
+      config.domains.each do |domain|
+        run_task "authorize #{domain}" do
+          @challenge = @client.authorize(domain: domain).http01
+
+          command = "heroku config:set LETSENCRYPT_RESPONSE=#{@challenge.file_content} &> /dev/null"
+          `#{command}`
+          $?.success? or fail_task
+
+          test_response(domain: domain, challenge: @challenge)
+
+          @challenge.request_verification
+          sleep(1) while 'pending' == @challenge.verify_status
+          @challenge.verify_status == 'valid' or fail_task
+        end
+      end
+
+      # if has cert: update cert, else add cert
+
+      run_task "update certificates" do
+        csr = Acme::Client::CertificateRequest.new(names: config.domains)
+        certificate = @client.new_certificate(csr)
+        File.write('privkey.pem', certificate.request.private_key.to_pem)
+        File.write('fullchain.pem', certificate.fullchain_to_pem)
+
+        command = "heroku _certs:update fullchain.pem privkey.pem --confirm #{config.herokuapp}"
+        `#{command}`
+        $?.success? or fail_task
+
+        FileUtils.rm %w(privkey.pem fullchain.pem)
+      end
+    rescue SetupError
+    end
+
+    def test_response(domain:, challenge:)
+      url = "http://#{domain}/#{challenge.filename}"
+      fail_count = 0
+      while fail_count < 30
+        answer = `curl -sL #{url}`
+        if answer != challenge.file_content
+          fail_count += 1
+          sleep(1)
+        else
+          return
+        end
+      end
+      fail_task
+    end
+
+    def run_task(name)
+      @_current_task = name
+      print Rainbow("      #{@_current_task}").yellow
+      yield
+      puts Rainbow("\r    ✔ #{@_current_task}").green
+    end
+
+    def fail_task(reason = nil)
+      puts Rainbow("\r    ✘ #{@_current_task}").red
+      raise SetupError, reason
+    end
+  end
+end

data/lib/letsencrypt_heroku/version.rb

@@ -0,0 +1,3 @@
+module LetsencryptHeroku
+  VERSION = "0.1.0"
+end

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: letsencrypt_heroku
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Johannes Opper
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2016-06-22 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rainbow
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: acme-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.12'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: Setup SSL for heroku with letsencrypt
+email:
+- johannes.opper@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".ruby-version"
+- ".travis.yml"
+- Gemfile
+- README.md
+- Rakefile
+- bin/console
+- bin/letsencrypt_heroku
+- bin/setup
+- letsencrypt_heroku.gemspec
+- lib/letsencrypt_heroku.rb
+- lib/letsencrypt_heroku/setup.rb
+- lib/letsencrypt_heroku/version.rb
+homepage: https://github.com/xijo/letsencrypt_heroku
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.6.4
+signing_key: 
+specification_version: 4
+summary: Setup SSL for heroku with letsencrypt
+test_files: []
+has_rdoc: