letsencrypt_plugin 0.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (57) hide show
  1. checksums.yaml +7 -0
  2. data/MIT-LICENSE +20 -0
  3. data/Rakefile +37 -0
  4. data/app/assets/javascripts/letsencrypt_plugin/application.js +13 -0
  5. data/app/assets/stylesheets/letsencrypt_plugin/application.css +15 -0
  6. data/app/controllers/letsencrypt_plugin/application_controller.rb +22 -0
  7. data/app/helpers/letsencrypt_plugin/application_helper.rb +4 -0
  8. data/app/models/letsencrypt_plugin/challenge.rb +4 -0
  9. data/app/views/layouts/letsencrypt_plugin/application.html.erb +1 -0
  10. data/config/initializers/letsencrypt_plugin.rb +3 -0
  11. data/config/routes.rb +3 -0
  12. data/db/migrate/20151206135029_create_letsencrypt_plugin_challenges.rb +9 -0
  13. data/lib/letsencrypt_plugin.rb +4 -0
  14. data/lib/letsencrypt_plugin/engine.rb +5 -0
  15. data/lib/letsencrypt_plugin/version.rb +3 -0
  16. data/lib/tasks/letsencrypt_plugin_tasks.rake +96 -0
  17. data/test/dummy/README.rdoc +28 -0
  18. data/test/dummy/Rakefile +6 -0
  19. data/test/dummy/app/assets/javascripts/application.js +13 -0
  20. data/test/dummy/app/assets/stylesheets/application.css +15 -0
  21. data/test/dummy/app/controllers/application_controller.rb +5 -0
  22. data/test/dummy/app/helpers/application_helper.rb +2 -0
  23. data/test/dummy/app/views/layouts/application.html.erb +14 -0
  24. data/test/dummy/bin/bundle +3 -0
  25. data/test/dummy/bin/rails +4 -0
  26. data/test/dummy/bin/rake +4 -0
  27. data/test/dummy/bin/setup +29 -0
  28. data/test/dummy/config.ru +4 -0
  29. data/test/dummy/config/application.rb +26 -0
  30. data/test/dummy/config/boot.rb +5 -0
  31. data/test/dummy/config/database.yml +25 -0
  32. data/test/dummy/config/environment.rb +5 -0
  33. data/test/dummy/config/environments/development.rb +41 -0
  34. data/test/dummy/config/environments/production.rb +79 -0
  35. data/test/dummy/config/environments/test.rb +42 -0
  36. data/test/dummy/config/initializers/assets.rb +11 -0
  37. data/test/dummy/config/initializers/backtrace_silencers.rb +7 -0
  38. data/test/dummy/config/initializers/cookies_serializer.rb +3 -0
  39. data/test/dummy/config/initializers/filter_parameter_logging.rb +4 -0
  40. data/test/dummy/config/initializers/inflections.rb +16 -0
  41. data/test/dummy/config/initializers/mime_types.rb +4 -0
  42. data/test/dummy/config/initializers/session_store.rb +3 -0
  43. data/test/dummy/config/initializers/wrap_parameters.rb +14 -0
  44. data/test/dummy/config/letsencrypt_plugin.yml +15 -0
  45. data/test/dummy/config/locales/en.yml +23 -0
  46. data/test/dummy/config/routes.rb +4 -0
  47. data/test/dummy/config/secrets.yml +22 -0
  48. data/test/dummy/db/schema.rb +22 -0
  49. data/test/dummy/public/404.html +67 -0
  50. data/test/dummy/public/422.html +67 -0
  51. data/test/dummy/public/500.html +66 -0
  52. data/test/dummy/public/favicon.ico +0 -0
  53. data/test/fixtures/letsencrypt_plugin/challenges.yml +7 -0
  54. data/test/letsencrypt_plugin_test.rb +7 -0
  55. data/test/models/letsencrypt_plugin/challenge_test.rb +9 -0
  56. data/test/test_helper.rb +21 -0
  57. metadata +195 -0
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 108dfbd0e792c1bacf5f3e34cd23a0f6c91f0ce2
4
+ data.tar.gz: c4c828959d1f7c7774d56c089afc551694fb8449
5
+ SHA512:
6
+ metadata.gz: d038926e551cf7a9bea240c97feb17fd5d99e0c2f695cd642fd6f52478e06ba444b5318f8cb55b73182b70bc8b3b46ef5b34ab1e0541094e87c04663f81fb5eb
7
+ data.tar.gz: 60ad86e901086d6cf528cf1d3c4e78482f1fd5798b667400aa287a67d2e02f040c90d04835d6cbbcf5d88a0a0febf1767d05746c3fdf07167280093f097b4cd8
data/MIT-LICENSE ADDED
@@ -0,0 +1,20 @@
1
+ Copyright 2015 lgromanowski
2
+
3
+ Permission is hereby granted, free of charge, to any person obtaining
4
+ a copy of this software and associated documentation files (the
5
+ "Software"), to deal in the Software without restriction, including
6
+ without limitation the rights to use, copy, modify, merge, publish,
7
+ distribute, sublicense, and/or sell copies of the Software, and to
8
+ permit persons to whom the Software is furnished to do so, subject to
9
+ the following conditions:
10
+
11
+ The above copyright notice and this permission notice shall be
12
+ included in all copies or substantial portions of the Software.
13
+
14
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
15
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
16
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
17
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
18
+ LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
19
+ OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
20
+ WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
data/Rakefile ADDED
@@ -0,0 +1,37 @@
1
+ begin
2
+ require 'bundler/setup'
3
+ rescue LoadError
4
+ puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
5
+ end
6
+
7
+ require 'rdoc/task'
8
+
9
+ RDoc::Task.new(:rdoc) do |rdoc|
10
+ rdoc.rdoc_dir = 'rdoc'
11
+ rdoc.title = 'LetsencryptPlugin'
12
+ rdoc.options << '--line-numbers'
13
+ rdoc.rdoc_files.include('README.rdoc')
14
+ rdoc.rdoc_files.include('lib/**/*.rb')
15
+ end
16
+
17
+ APP_RAKEFILE = File.expand_path("../test/dummy/Rakefile", __FILE__)
18
+ load 'rails/tasks/engine.rake'
19
+
20
+
21
+ load 'rails/tasks/statistics.rake'
22
+
23
+
24
+
25
+ Bundler::GemHelper.install_tasks
26
+
27
+ require 'rake/testtask'
28
+
29
+ Rake::TestTask.new(:test) do |t|
30
+ t.libs << 'lib'
31
+ t.libs << 'test'
32
+ t.pattern = 'test/**/*_test.rb'
33
+ t.verbose = false
34
+ end
35
+
36
+
37
+ task default: :test
@@ -0,0 +1,13 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file.
9
+ //
10
+ // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require_tree .
@@ -0,0 +1,15 @@
1
+ /*
2
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
3
+ * listed below.
4
+ *
5
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
7
+ *
8
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9
+ * compiled file so the styles you add here take precedence over styles defined in any styles
10
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
11
+ * file per style scope.
12
+ *
13
+ *= require_tree .
14
+ *= require_self
15
+ */
@@ -0,0 +1,22 @@
1
+ module LetsencryptPlugin
2
+ class ApplicationController < ActionController::Base
3
+ before_action :validate_length, only: [:index]
4
+
5
+ def index
6
+ # There is only one item in DB with challenge response from our task
7
+ # we will use it to render plain text response
8
+ @response = Challenge.first
9
+ render plain: @response.response
10
+ end
11
+
12
+ private
13
+ def validate_length
14
+ # Challenge request should have at least 128bit
15
+ challenge_failed if params[:challenge].nil? || params[:challenge].length < 16 || params[:challenge].length > 256
16
+ end
17
+
18
+ def challenge_failed
19
+ raise ActionController::RoutingError.new('Challenge failed - invalid request.')
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,4 @@
1
+ module LetsencryptPlugin
2
+ module ApplicationHelper
3
+ end
4
+ end
@@ -0,0 +1,4 @@
1
+ module LetsencryptPlugin
2
+ class Challenge < ActiveRecord::Base
3
+ end
4
+ end
@@ -0,0 +1,3 @@
1
+ CONFIG = YAML.load_file(Rails.root.join('config', 'letsencrypt_plugin.yml'))
2
+ CONFIG.merge! CONFIG.fetch(Rails.env, {})
3
+ CONFIG.symbolize_keys!
data/config/routes.rb ADDED
@@ -0,0 +1,3 @@
1
+ LetsencryptPlugin::Engine.routes.draw do
2
+ get '.well-known/acme-challenge/:challenge' => 'application#index'
3
+ end
@@ -0,0 +1,9 @@
1
+ class CreateLetsencryptPluginChallenges < ActiveRecord::Migration
2
+ def change
3
+ create_table :letsencrypt_plugin_challenges do |t|
4
+ t.text :response
5
+
6
+ t.timestamps null: false
7
+ end
8
+ end
9
+ end
@@ -0,0 +1,4 @@
1
+ require "letsencrypt_plugin/engine"
2
+
3
+ module LetsencryptPlugin
4
+ end
@@ -0,0 +1,5 @@
1
+ module LetsencryptPlugin
2
+ class Engine < ::Rails::Engine
3
+ isolate_namespace LetsencryptPlugin
4
+ end
5
+ end
@@ -0,0 +1,3 @@
1
+ module LetsencryptPlugin
2
+ VERSION = "0.0.2"
3
+ end
@@ -0,0 +1,96 @@
1
+ require 'openssl'
2
+ require 'acme-client'
3
+
4
+ #Sets up logging - should only be called from other rake tasks
5
+ task setup_logger: :environment do
6
+ logger = Logger.new(STDOUT)
7
+ logger.level = Logger::INFO
8
+ Rails.logger = logger
9
+ end
10
+
11
+ desc "Generates SSL certificate using Let's Encrypt service"
12
+ task :letsencrypt_plugin => :setup_logger do
13
+ def generate_certificate()
14
+ client ||= Acme::Client.new(private_key: load_private_key, endpoint: CONFIG[:endpoint])
15
+ Rails.logger.info("Trying to register at Let's Encrypt service...")
16
+ begin
17
+ registration = client.register(contact: 'mailto:#{CONFIG[:email]}')
18
+ registration.agree_terms
19
+ Rails.logger.info("Registration succeed.")
20
+ rescue
21
+ Rails.logger.info("Already registered.")
22
+ end
23
+
24
+ Rails.logger.info("Sending authorization request...")
25
+ authorization = client.authorize(domain: CONFIG[:domain])
26
+ challenge = authorization.http01
27
+
28
+ store_challenge(challenge)
29
+
30
+ challenge.request_verification # => true
31
+
32
+ wait_for_status(challenge)
33
+
34
+ if challenge.verify_status == 'valid'
35
+ certificate_private_key = OpenSSL::PKey::RSA.new(2048)
36
+ csr = create_csr(certificate_private_key)
37
+ # We can now request a certificate
38
+ certificate = client.new_certificate(csr) # => #<Acme::Certificate ....>
39
+ save_certificate(certificate, certificate_private_key)
40
+
41
+ Rails.logger.info("Certificate has been generated.")
42
+ else
43
+ Rails.logger.error("Challenge verification failed!")
44
+ end
45
+ end
46
+
47
+ def load_private_key
48
+ Rails.logger.info("Loading private key...")
49
+ OpenSSL::PKey::RSA.new(File.read(File.join(Rails.root, CONFIG[:private_key])))
50
+ end
51
+
52
+ def store_challenge(challenge)
53
+ Rails.logger.info("Storing challenge information...")
54
+ ch = LetsencryptPlugin::Challenge.first
55
+ if ch.nil?
56
+ ch = LetsencryptPlugin::Challenge.new
57
+ ch.save!(:response => challenge.file_content)
58
+ else
59
+ ch.update(:response => challenge.file_content)
60
+ end
61
+ sleep(1)
62
+ end
63
+
64
+ def wait_for_status(challenge)
65
+ Rails.logger.info("Waiting for challenge status...")
66
+ counter = 0
67
+ while challenge.verify_status == 'pending' && counter < 10
68
+ sleep(1)
69
+ counter += 1
70
+ end
71
+ end
72
+
73
+ def create_csr(certificate_private_key)
74
+ Rails.logger.info("Creating CSR...")
75
+ csr = OpenSSL::X509::Request.new
76
+ csr.subject = OpenSSL::X509::Name.new([
77
+ ['CN', CONFIG[:domain], OpenSSL::ASN1::UTF8STRING]
78
+ ])
79
+ csr.public_key = certificate_private_key.public_key
80
+ csr.sign(certificate_private_key, OpenSSL::Digest::SHA256.new)
81
+ csr
82
+ end
83
+
84
+ # Save the certificate and key
85
+ def save_certificate(certificate, certificate_private_key)
86
+ if !certificate.nil?
87
+ Rails.logger.info("Saving certificates and key...")
88
+ File.write(File.join(CONFIG[:output_cert_dir], "#{CONFIG[:domain]}-cert.pem"), certificate.to_pem)
89
+ File.write(File.join(CONFIG[:output_cert_dir], "#{CONFIG[:domain]}-key.pem"), certificate_private_key.to_pem)
90
+ File.write(File.join(CONFIG[:output_cert_dir], "#{CONFIG[:domain]}-chain.pem"), certificate.chain_to_pem)
91
+ File.write(File.join(CONFIG[:output_cert_dir], "#{CONFIG[:domain]}-fullchain.pem"), certificate.fullchain_to_pem)
92
+ end
93
+ end
94
+
95
+ generate_certificate
96
+ end
@@ -0,0 +1,28 @@
1
+ == README
2
+
3
+ This README would normally document whatever steps are necessary to get the
4
+ application up and running.
5
+
6
+ Things you may want to cover:
7
+
8
+ * Ruby version
9
+
10
+ * System dependencies
11
+
12
+ * Configuration
13
+
14
+ * Database creation
15
+
16
+ * Database initialization
17
+
18
+ * How to run the test suite
19
+
20
+ * Services (job queues, cache servers, search engines, etc.)
21
+
22
+ * Deployment instructions
23
+
24
+ * ...
25
+
26
+
27
+ Please feel free to use a different markup language if you do not plan to run
28
+ <tt>rake doc:app</tt>.
@@ -0,0 +1,6 @@
1
+ # Add your own tasks in files placed in lib/tasks ending in .rake,
2
+ # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
3
+
4
+ require File.expand_path('../config/application', __FILE__)
5
+
6
+ Rails.application.load_tasks
@@ -0,0 +1,13 @@
1
+ // This is a manifest file that'll be compiled into application.js, which will include all the files
2
+ // listed below.
3
+ //
4
+ // Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
5
+ // or any plugin's vendor/assets/javascripts directory can be referenced here using a relative path.
6
+ //
7
+ // It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
8
+ // compiled file.
9
+ //
10
+ // Read Sprockets README (https://github.com/rails/sprockets#sprockets-directives) for details
11
+ // about supported directives.
12
+ //
13
+ //= require_tree .
@@ -0,0 +1,15 @@
1
+ /*
2
+ * This is a manifest file that'll be compiled into application.css, which will include all the files
3
+ * listed below.
4
+ *
5
+ * Any CSS and SCSS file within this directory, lib/assets/stylesheets, vendor/assets/stylesheets,
6
+ * or any plugin's vendor/assets/stylesheets directory can be referenced here using a relative path.
7
+ *
8
+ * You're free to add application-wide styles to this file and they'll appear at the bottom of the
9
+ * compiled file so the styles you add here take precedence over styles defined in any styles
10
+ * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
11
+ * file per style scope.
12
+ *
13
+ *= require_tree .
14
+ *= require_self
15
+ */
@@ -0,0 +1,5 @@
1
+ class ApplicationController < ActionController::Base
2
+ # Prevent CSRF attacks by raising an exception.
3
+ # For APIs, you may want to use :null_session instead.
4
+ protect_from_forgery with: :exception
5
+ end
@@ -0,0 +1,2 @@
1
+ module ApplicationHelper
2
+ end
@@ -0,0 +1,14 @@
1
+ <!DOCTYPE html>
2
+ <html>
3
+ <head>
4
+ <title>Dummy</title>
5
+ <%= stylesheet_link_tag 'application', media: 'all', 'data-turbolinks-track' => true %>
6
+ <%= javascript_include_tag 'application', 'data-turbolinks-track' => true %>
7
+ <%= csrf_meta_tags %>
8
+ </head>
9
+ <body>
10
+
11
+ <%= yield %>
12
+
13
+ </body>
14
+ </html>
@@ -0,0 +1,3 @@
1
+ #!/usr/bin/env ruby
2
+ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
3
+ load Gem.bin_path('bundler', 'bundle')
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env ruby
2
+ APP_PATH = File.expand_path('../../config/application', __FILE__)
3
+ require_relative '../config/boot'
4
+ require 'rails/commands'
@@ -0,0 +1,4 @@
1
+ #!/usr/bin/env ruby
2
+ require_relative '../config/boot'
3
+ require 'rake'
4
+ Rake.application.run
@@ -0,0 +1,29 @@
1
+ #!/usr/bin/env ruby
2
+ require 'pathname'
3
+
4
+ # path to your application root.
5
+ APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
6
+
7
+ Dir.chdir APP_ROOT do
8
+ # This script is a starting point to setup your application.
9
+ # Add necessary setup steps to this file:
10
+
11
+ puts "== Installing dependencies =="
12
+ system "gem install bundler --conservative"
13
+ system "bundle check || bundle install"
14
+
15
+ # puts "\n== Copying sample files =="
16
+ # unless File.exist?("config/database.yml")
17
+ # system "cp config/database.yml.sample config/database.yml"
18
+ # end
19
+
20
+ puts "\n== Preparing database =="
21
+ system "bin/rake db:setup"
22
+
23
+ puts "\n== Removing old logs and tempfiles =="
24
+ system "rm -f log/*"
25
+ system "rm -rf tmp/cache"
26
+
27
+ puts "\n== Restarting application server =="
28
+ system "touch tmp/restart.txt"
29
+ end
@@ -0,0 +1,4 @@
1
+ # This file is used by Rack-based servers to start the application.
2
+
3
+ require ::File.expand_path('../config/environment', __FILE__)
4
+ run Rails.application
@@ -0,0 +1,26 @@
1
+ require File.expand_path('../boot', __FILE__)
2
+
3
+ require 'rails/all'
4
+
5
+ Bundler.require(*Rails.groups)
6
+ require "letsencrypt_plugin"
7
+
8
+ module Dummy
9
+ class Application < Rails::Application
10
+ # Settings in config/environments/* take precedence over those specified here.
11
+ # Application configuration should go into files in config/initializers
12
+ # -- all .rb files in that directory are automatically loaded.
13
+
14
+ # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
15
+ # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
16
+ # config.time_zone = 'Central Time (US & Canada)'
17
+
18
+ # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
19
+ # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
20
+ # config.i18n.default_locale = :de
21
+
22
+ # Do not swallow errors in after_commit/after_rollback callbacks.
23
+ config.active_record.raise_in_transactional_callbacks = true
24
+ end
25
+ end
26
+