letsencrypt_standalone 0.1.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/.gitignore +11 -0
- data/.rspec +2 -0
- data/.travis.yml +4 -0
- data/CODE_OF_CONDUCT.md +49 -0
- data/Gemfile +4 -0
- data/README.md +27 -0
- data/Rakefile +6 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/exe/le_standalone +118 -0
- data/le_standalone.gemspec +36 -0
- data/le_standalone.json +15 -0
- data/lib/letsencrypt_standalone.rb +11 -0
- data/lib/letsencrypt_standalone/base.rb +34 -0
- data/lib/letsencrypt_standalone/certificate.rb +49 -0
- data/lib/letsencrypt_standalone/client.rb +48 -0
- data/lib/letsencrypt_standalone/config.rb +55 -0
- data/lib/letsencrypt_standalone/domain.rb +84 -0
- data/lib/letsencrypt_standalone/version.rb +3 -0
- metadata +149 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: f5cfab69f72511700b1af722b981aa051b7df7af
|
4
|
+
data.tar.gz: ce88586ddcdc681eaa8326c9d48e5f7e7596a116
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 7130decc64246670ce93c85cc844307f7b65dcdd41b68e118c0d00b3f4876e399de7bafd7307776771721b4a3f04f192db22c551580dd52c680e25721477d600
|
7
|
+
data.tar.gz: 50a6ef511005d4319d5072206cd4c4446cb73ff4d2fc319196d6534fc89e1135f0c5e67819a49e441e18fc52b807004c12f9ec38b7f12ef4de1af1f39f919d8c
|
data/.gitignore
ADDED
data/.rspec
ADDED
data/.travis.yml
ADDED
data/CODE_OF_CONDUCT.md
ADDED
@@ -0,0 +1,49 @@
|
|
1
|
+
# Contributor Code of Conduct
|
2
|
+
|
3
|
+
As contributors and maintainers of this project, and in the interest of
|
4
|
+
fostering an open and welcoming community, we pledge to respect all people who
|
5
|
+
contribute through reporting issues, posting feature requests, updating
|
6
|
+
documentation, submitting pull requests or patches, and other activities.
|
7
|
+
|
8
|
+
We are committed to making participation in this project a harassment-free
|
9
|
+
experience for everyone, regardless of level of experience, gender, gender
|
10
|
+
identity and expression, sexual orientation, disability, personal appearance,
|
11
|
+
body size, race, ethnicity, age, religion, or nationality.
|
12
|
+
|
13
|
+
Examples of unacceptable behavior by participants include:
|
14
|
+
|
15
|
+
* The use of sexualized language or imagery
|
16
|
+
* Personal attacks
|
17
|
+
* Trolling or insulting/derogatory comments
|
18
|
+
* Public or private harassment
|
19
|
+
* Publishing other's private information, such as physical or electronic
|
20
|
+
addresses, without explicit permission
|
21
|
+
* Other unethical or unprofessional conduct
|
22
|
+
|
23
|
+
Project maintainers have the right and responsibility to remove, edit, or
|
24
|
+
reject comments, commits, code, wiki edits, issues, and other contributions
|
25
|
+
that are not aligned to this Code of Conduct, or to ban temporarily or
|
26
|
+
permanently any contributor for other behaviors that they deem inappropriate,
|
27
|
+
threatening, offensive, or harmful.
|
28
|
+
|
29
|
+
By adopting this Code of Conduct, project maintainers commit themselves to
|
30
|
+
fairly and consistently applying these principles to every aspect of managing
|
31
|
+
this project. Project maintainers who do not follow or enforce the Code of
|
32
|
+
Conduct may be permanently removed from the project team.
|
33
|
+
|
34
|
+
This code of conduct applies both within project spaces and in public spaces
|
35
|
+
when an individual is representing the project or its community.
|
36
|
+
|
37
|
+
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
38
|
+
reported by contacting a project maintainer at grigory.aksentiev@gmail.com. All
|
39
|
+
complaints will be reviewed and investigated and will result in a response that
|
40
|
+
is deemed necessary and appropriate to the circumstances. Maintainers are
|
41
|
+
obligated to maintain confidentiality with regard to the reporter of an
|
42
|
+
incident.
|
43
|
+
|
44
|
+
This Code of Conduct is adapted from the [Contributor Covenant][homepage],
|
45
|
+
version 1.3.0, available at
|
46
|
+
[http://contributor-covenant.org/version/1/3/0/][version]
|
47
|
+
|
48
|
+
[homepage]: http://contributor-covenant.org
|
49
|
+
[version]: http://contributor-covenant.org/version/1/3/0/
|
data/Gemfile
ADDED
data/README.md
ADDED
@@ -0,0 +1,27 @@
|
|
1
|
+
## Installation
|
2
|
+
|
3
|
+
$ gem install letsencrypt_standalone
|
4
|
+
|
5
|
+
## Usage
|
6
|
+
|
7
|
+
config file like this:
|
8
|
+
|
9
|
+
```
|
10
|
+
{
|
11
|
+
"path": "./",
|
12
|
+
"ssl_dir": "ssl_certs", //relative to "path"
|
13
|
+
"email": "admin@example.com",
|
14
|
+
"domains": [
|
15
|
+
{
|
16
|
+
"host": "example.com"
|
17
|
+
}
|
18
|
+
]
|
19
|
+
}
|
20
|
+
|
21
|
+
```
|
22
|
+
|
23
|
+
choose acme backend
|
24
|
+
|
25
|
+
```
|
26
|
+
LE_ENVIRONMENT=staging
|
27
|
+
```
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "letsencrypt_standalone"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
require "pry"
|
11
|
+
Pry.start
|
12
|
+
|
13
|
+
# require "irb"
|
14
|
+
# IRB.start
|
data/bin/setup
ADDED
data/exe/le_standalone
ADDED
@@ -0,0 +1,118 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
require 'optparse'
|
3
|
+
require 'json'
|
4
|
+
require 'acme-client'
|
5
|
+
require 'fileutils'
|
6
|
+
require 'webrick'
|
7
|
+
require 'logger'
|
8
|
+
require 'letsencrypt_standalone'
|
9
|
+
|
10
|
+
# Default logger
|
11
|
+
logger = LetsencryptStandalone::Base.logger
|
12
|
+
|
13
|
+
OptionParser.new do |opts|
|
14
|
+
opts.banner = "le_standalone [options]"
|
15
|
+
|
16
|
+
opts.on("-c", "--config File", String, "Path to config file. Default: ./le_standalone.json") do |item|
|
17
|
+
config_file = item
|
18
|
+
end
|
19
|
+
|
20
|
+
opts.on("-p", "--port N", Integer, "Port. Default: 12080") do |port|
|
21
|
+
config.port = port if !port.nil?
|
22
|
+
end
|
23
|
+
|
24
|
+
opts.on("-a", "--add Domains", Array, "Add domain(s) to config, generate key and try to obtain certificate.") do |list|
|
25
|
+
config.add(domains: list)
|
26
|
+
end
|
27
|
+
|
28
|
+
opts.on("-l", "--log File", String, "Log file") do |file|
|
29
|
+
# Overwrite default logger with the new one of specified
|
30
|
+
logger = LetsencryptStandalone::Base.logger(log_destination: file) if file
|
31
|
+
end
|
32
|
+
|
33
|
+
opts.on_tail("--version", "Show version") do
|
34
|
+
puts LetsencryptStandalone::VERSION
|
35
|
+
exit
|
36
|
+
end
|
37
|
+
|
38
|
+
opts.on_tail("-h", "--help", "Show this message") do
|
39
|
+
puts opts
|
40
|
+
exit
|
41
|
+
end
|
42
|
+
end.parse!
|
43
|
+
|
44
|
+
begin
|
45
|
+
|
46
|
+
# Config
|
47
|
+
config = LetsencryptStandalone::Config.new
|
48
|
+
config.port = 12080
|
49
|
+
|
50
|
+
# Webrick conf
|
51
|
+
FileUtils.mkdir_p(config.www_root)
|
52
|
+
|
53
|
+
Thread.new do
|
54
|
+
log = WEBrick::Log.new(logger, WEBrick::Log::DEBUG)
|
55
|
+
server = WEBrick::HTTPServer.new :Port => config.port,
|
56
|
+
:DocumentRoot => config.www_root,
|
57
|
+
:Logger => log
|
58
|
+
server.start
|
59
|
+
end
|
60
|
+
|
61
|
+
# Account
|
62
|
+
client = LetsencryptStandalone::Client.new account: config.account,
|
63
|
+
email: config.email
|
64
|
+
|
65
|
+
# Let's encrypt!
|
66
|
+
config.domains.each do |params|
|
67
|
+
domain = LetsencryptStandalone::Domain.new(params: params)
|
68
|
+
config.push_private_key_name(domain: domain)
|
69
|
+
|
70
|
+
if domain.certificates
|
71
|
+
certificate = LetsencryptStandalone::Certificate.new(client: client.acme_client, domain: domain)
|
72
|
+
next if !certificate.needs_refresh?
|
73
|
+
end
|
74
|
+
|
75
|
+
logger.info "Starting #{domain.host} tasks"
|
76
|
+
domain.validate(client: client)
|
77
|
+
|
78
|
+
tries = config.tries
|
79
|
+
tries.times do |n|
|
80
|
+
begin
|
81
|
+
# verified?
|
82
|
+
status = domain.verify_status
|
83
|
+
if status == 'valid'
|
84
|
+
logger.info "Verified #{domain.host} challenge. Obtaining certificate."
|
85
|
+
certificate ||= LetsencryptStandalone::Certificate.new(client: client.acme_client, domain: domain)
|
86
|
+
.obtain_new
|
87
|
+
|
88
|
+
certificate.save
|
89
|
+
break
|
90
|
+
else
|
91
|
+
logger.info "Could not verify #{domain.host} challenge. Status #{status}"
|
92
|
+
logger.warn "FAIL: Certificate for #{domain.host} has not been obtained during #{tries} tries." if n == tries
|
93
|
+
end
|
94
|
+
sleep 1
|
95
|
+
rescue Acme::Client::Error::Malformed
|
96
|
+
next
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
100
|
+
# write cert path to config
|
101
|
+
if certificate
|
102
|
+
config.push_certs_locations(files: certificate.files, domain: domain)
|
103
|
+
logger.info "SUCCESS: Certificate for #{domain.host} was obtained"
|
104
|
+
end
|
105
|
+
|
106
|
+
logger.info "Finished #{domain.host} tasks"
|
107
|
+
end
|
108
|
+
|
109
|
+
# Refresh configuration for future use
|
110
|
+
config.config[:account] = client.account
|
111
|
+
config.write
|
112
|
+
|
113
|
+
# Make clean
|
114
|
+
FileUtils.rm_rf config.www_root
|
115
|
+
|
116
|
+
rescue Exception => err
|
117
|
+
logger.fatal err
|
118
|
+
end
|
@@ -0,0 +1,36 @@
|
|
1
|
+
# coding: utf-8
|
2
|
+
lib = File.expand_path('../lib', __FILE__)
|
3
|
+
$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
4
|
+
require 'letsencrypt_standalone/version'
|
5
|
+
|
6
|
+
Gem::Specification.new do |spec|
|
7
|
+
spec.name = "letsencrypt_standalone"
|
8
|
+
spec.version = LetsencryptStandalone::VERSION
|
9
|
+
spec.authors = ["Grigory Aksentyev"]
|
10
|
+
spec.email = ["grigory.aksentiev@gmail.com"]
|
11
|
+
|
12
|
+
spec.summary = %q{Generate and sign ssl certificate with let's encrypt}
|
13
|
+
spec.description = %q{Run stangalone server which do all work, the put the stuff generated to path specified}
|
14
|
+
# spec.homepage = "TODO: Put your gem's website or public repo URL here."
|
15
|
+
|
16
|
+
# Prevent pushing this gem to RubyGems.org by setting 'allowed_push_host', or
|
17
|
+
# delete this section to allow pushing this gem to any host.
|
18
|
+
# if spec.respond_to?(:metadata)
|
19
|
+
# spec.metadata['allowed_push_host'] = "TODO: Set to 'http://mygemserver.com'"
|
20
|
+
# else
|
21
|
+
# raise "RubyGems 2.0 or newer is required to protect against public gem pushes."
|
22
|
+
# end
|
23
|
+
|
24
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
|
25
|
+
spec.bindir = "exe"
|
26
|
+
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
27
|
+
spec.require_paths = ["lib"]
|
28
|
+
|
29
|
+
spec.add_development_dependency "bundler", "~> 1.11"
|
30
|
+
spec.add_development_dependency "rake", "~> 10.0"
|
31
|
+
spec.add_development_dependency "rspec", "~> 3.0"
|
32
|
+
spec.add_development_dependency "pry"
|
33
|
+
spec.add_development_dependency "pry-byebug"
|
34
|
+
|
35
|
+
spec.add_dependency 'acme-client'
|
36
|
+
end
|
data/le_standalone.json
ADDED
@@ -0,0 +1,11 @@
|
|
1
|
+
require 'letsencrypt_standalone/base'
|
2
|
+
require 'letsencrypt_standalone/certificate'
|
3
|
+
require 'letsencrypt_standalone/client'
|
4
|
+
require 'letsencrypt_standalone/config'
|
5
|
+
require 'letsencrypt_standalone/domain'
|
6
|
+
require 'letsencrypt_standalone/version'
|
7
|
+
|
8
|
+
module LetsencryptStandalone
|
9
|
+
PROD_URL = 'https://acme-v01.api.letsencrypt.org/'
|
10
|
+
STAGE_URL = 'https://acme-staging.api.letsencrypt.org/'
|
11
|
+
end
|
@@ -0,0 +1,34 @@
|
|
1
|
+
require 'letsencrypt_standalone'
|
2
|
+
|
3
|
+
module LetsencryptStandalone
|
4
|
+
require 'logger'
|
5
|
+
class Base
|
6
|
+
class << self
|
7
|
+
def logger(log_destination: STDOUT)
|
8
|
+
@@logger = Logger.new(log_destination)
|
9
|
+
@@logger.level = Logger::INFO
|
10
|
+
@@logger
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
def logger
|
15
|
+
@@logger
|
16
|
+
end
|
17
|
+
|
18
|
+
def endpoint_url
|
19
|
+
ENV['LE_ENVIRONMENT'] == 'staging' ? STAGE_URL : PROD_URL
|
20
|
+
end
|
21
|
+
|
22
|
+
def output_dir
|
23
|
+
File.join(path, ssl_subdir)
|
24
|
+
end
|
25
|
+
|
26
|
+
def ssl_subdir
|
27
|
+
@ssl_subdir ||= LetsencryptStandalone::Config.new.ssl_subdir
|
28
|
+
end
|
29
|
+
|
30
|
+
def path
|
31
|
+
@path ||= LetsencryptStandalone::Config.new.config[:path]
|
32
|
+
end
|
33
|
+
end
|
34
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
require 'letsencrypt_standalone'
|
2
|
+
require 'fileutils'
|
3
|
+
require 'acme-client'
|
4
|
+
require 'openssl'
|
5
|
+
|
6
|
+
module LetsencryptStandalone
|
7
|
+
class Certificate < Base
|
8
|
+
|
9
|
+
@@default_names = {
|
10
|
+
certificate: 'cert.pem',
|
11
|
+
chain: 'chain.pem',
|
12
|
+
fullchain: 'fullchain.pem'
|
13
|
+
}
|
14
|
+
|
15
|
+
attr_reader :files
|
16
|
+
|
17
|
+
def initialize(domain:, client:)
|
18
|
+
@files = domain.certificates || @@default_names
|
19
|
+
@domain = domain.host
|
20
|
+
@client = client
|
21
|
+
@private_key = domain.private_key
|
22
|
+
end
|
23
|
+
|
24
|
+
def obtain_new
|
25
|
+
csr = Acme::Client::CertificateRequest.new(names: Array(@domain), private_key: @private_key)
|
26
|
+
@certificate = @client.new_certificate(csr) # => #<Acme::Client::Certificate ....>
|
27
|
+
return self
|
28
|
+
end
|
29
|
+
|
30
|
+
def needs_refresh?
|
31
|
+
cert = @files[:certificate]
|
32
|
+
if cert.not_after > Time.now + 2*24*3600
|
33
|
+
logger.info("It doesnt need to refresh cert for domain: #{@domain}")
|
34
|
+
false
|
35
|
+
else
|
36
|
+
logger.info("It needs to refresh cert for domain: #{@domain}")
|
37
|
+
true
|
38
|
+
end
|
39
|
+
end
|
40
|
+
|
41
|
+
def save
|
42
|
+
# Save the certificate and the private key to files
|
43
|
+
FileUtils.mkdir_p(File.join(output_dir, @domain))
|
44
|
+
File.write(File.join(output_dir, @domain, @files[:certificate]), @certificate.to_pem)
|
45
|
+
File.write(File.join(output_dir, @domain, @files[:chain]), @certificate.chain_to_pem)
|
46
|
+
File.write(File.join(output_dir, @domain, @files[:fullchain]), @certificate.fullchain_to_pem)
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,48 @@
|
|
1
|
+
require 'letsencrypt_standalone'
|
2
|
+
require 'acme/client'
|
3
|
+
require 'openssl'
|
4
|
+
|
5
|
+
module LetsencryptStandalone
|
6
|
+
class Client < Base
|
7
|
+
attr_reader :account, :email, :acme_client
|
8
|
+
|
9
|
+
def initialize(account: nil, email:)
|
10
|
+
@email = email
|
11
|
+
@account = account
|
12
|
+
@acme_client = Acme::Client.new(private_key: private_key, endpoint: endpoint_url)
|
13
|
+
|
14
|
+
if !account
|
15
|
+
logger.info "Account key not found. Creating..."
|
16
|
+
@account = 'account.pem'
|
17
|
+
create(email)
|
18
|
+
save_account_key
|
19
|
+
raise 'No email specified' if !email
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
def create(email)
|
24
|
+
contact = 'mailto:' + email #https://github.com/schubergphilis/letsencrypt/issues/3
|
25
|
+
@acme_client.register(contact: contact).agree_terms
|
26
|
+
end
|
27
|
+
|
28
|
+
def authorize(domain:)
|
29
|
+
@acme_client.authorize(domain: domain)
|
30
|
+
end
|
31
|
+
|
32
|
+
private
|
33
|
+
|
34
|
+
def private_key
|
35
|
+
@private_key ||= if account && File.exist?(File.join(path, account))
|
36
|
+
OpenSSL::PKey::RSA.new(File.read(File.join(path, account)))
|
37
|
+
else
|
38
|
+
OpenSSL::PKey::RSA.new(4096)
|
39
|
+
end
|
40
|
+
end
|
41
|
+
|
42
|
+
def save_account_key
|
43
|
+
logger.info "Saving account key."
|
44
|
+
FileUtils.mkdir_p path
|
45
|
+
File.new(File.join(path, account), 'w').write(private_key.to_pem)
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
@@ -0,0 +1,55 @@
|
|
1
|
+
require 'letsencrypt_standalone'
|
2
|
+
|
3
|
+
module LetsencryptStandalone
|
4
|
+
class Config < Base
|
5
|
+
attr_accessor :config, :location, :port
|
6
|
+
def initialize(config_file: nil)
|
7
|
+
@location ||= 'le_standalone.json'
|
8
|
+
@config = JSON.parse(File.read(@location), :symbolize_names => true)
|
9
|
+
end
|
10
|
+
|
11
|
+
def output_dir
|
12
|
+
config.output_dir || super
|
13
|
+
end
|
14
|
+
|
15
|
+
%i(account domains email path).each do |meth|
|
16
|
+
define_method meth do
|
17
|
+
config.fetch(meth, nil)
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
def ssl_subdir
|
22
|
+
config[:ssl_subdir] || 'ssl_certs'
|
23
|
+
end
|
24
|
+
|
25
|
+
def www_root
|
26
|
+
config[:www_root] || 'public'
|
27
|
+
end
|
28
|
+
|
29
|
+
def tries
|
30
|
+
config.fetch(:tries, 5)
|
31
|
+
end
|
32
|
+
|
33
|
+
def add(domains:)
|
34
|
+
domains.each do |domain|
|
35
|
+
@config[:domains] << {host: domain}
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
def push_certs_locations(files:, domain:)
|
40
|
+
config[:domains].map! do |d|
|
41
|
+
d[:host] == domain.host ? d.merge(certificates: files) : d
|
42
|
+
end
|
43
|
+
end
|
44
|
+
|
45
|
+
def push_private_key_name(domain:)
|
46
|
+
config[:domains].map! do |d|
|
47
|
+
d[:host] == domain.host ? d.merge(private_key: domain.private_key_name) : d
|
48
|
+
end
|
49
|
+
end
|
50
|
+
|
51
|
+
def write
|
52
|
+
File.new(location, 'w').write(JSON.pretty_generate(config))
|
53
|
+
end
|
54
|
+
end
|
55
|
+
end
|
@@ -0,0 +1,84 @@
|
|
1
|
+
require 'letsencrypt_standalone'
|
2
|
+
require 'openssl'
|
3
|
+
require 'fileutils'
|
4
|
+
|
5
|
+
module LetsencryptStandalone
|
6
|
+
class Domain < Base
|
7
|
+
attr_accessor :host, :private_key, :certificates
|
8
|
+
attr_reader :private_key_name, :private_key_path
|
9
|
+
|
10
|
+
@@default_private_key_name = 'private_key.pem'
|
11
|
+
|
12
|
+
def initialize(params:, path: './')
|
13
|
+
@host = params.fetch(:host)
|
14
|
+
@private_key_name = params.fetch(:private_key, @@default_private_key_name)
|
15
|
+
@private_key_path = File.join(output_dir,@host, @private_key_name)
|
16
|
+
|
17
|
+
if params.has_key? :certificates
|
18
|
+
load_certs(params)
|
19
|
+
end
|
20
|
+
load_private_key
|
21
|
+
end
|
22
|
+
|
23
|
+
def host_dir
|
24
|
+
@host_dir ||= File.join(output_dir, host)
|
25
|
+
end
|
26
|
+
|
27
|
+
def validate(client:)
|
28
|
+
authorization = client.authorize(domain: self.host)
|
29
|
+
#The http-01 method will require you to respond to a HTTP request.
|
30
|
+
@challenge = authorization.http01
|
31
|
+
|
32
|
+
# Save the file. We'll create a public directory to serve it from, and inside it we'll create the challenge file.
|
33
|
+
FileUtils.mkdir_p(File.join(config.www_root, File.dirname(@challenge.filename)))
|
34
|
+
|
35
|
+
# We'll write the content of the file
|
36
|
+
File.write(File.join(config.www_root, @challenge.filename), @challenge.file_content)
|
37
|
+
|
38
|
+
# try to verify
|
39
|
+
@challenge.request_verification
|
40
|
+
end
|
41
|
+
|
42
|
+
def verify_status
|
43
|
+
@challenge.verify_status
|
44
|
+
end
|
45
|
+
|
46
|
+
private
|
47
|
+
|
48
|
+
def load_private_key
|
49
|
+
logger.info "Trying to use existing private key for #{@host}"
|
50
|
+
if File.exists? File.join(host_dir, @private_key_name)
|
51
|
+
@private_key = OpenSSL::PKey::RSA.new(File.read(@private_key_path))
|
52
|
+
else
|
53
|
+
@private_key = generate_key
|
54
|
+
save_private_key
|
55
|
+
end
|
56
|
+
end
|
57
|
+
|
58
|
+
def config
|
59
|
+
@config ||= LetsencryptStandalone::Config.new
|
60
|
+
end
|
61
|
+
|
62
|
+
def create_host_dir
|
63
|
+
FileUtils.mkdir_p(host_dir)
|
64
|
+
end
|
65
|
+
|
66
|
+
def save_private_key
|
67
|
+
create_host_dir
|
68
|
+
File.new(@private_key_path, 'w').write(@private_key.to_pem)
|
69
|
+
end
|
70
|
+
|
71
|
+
def load_certs(params)
|
72
|
+
@certificates = {}
|
73
|
+
params[:certificates].each do |type, file|
|
74
|
+
cert = OpenSSL::X509::Certificate.new(File.read(File.join(host_dir, file)))
|
75
|
+
@certificates[type] = cert
|
76
|
+
logger.info "Trying to use existing cert #{type} for #{@host}"
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
def generate_key
|
81
|
+
OpenSSL::PKey::RSA.new(4096)
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
metadata
ADDED
@@ -0,0 +1,149 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: letsencrypt_standalone
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
version: 0.1.11
|
5
|
+
platform: ruby
|
6
|
+
authors:
|
7
|
+
- Grigory Aksentyev
|
8
|
+
autorequire:
|
9
|
+
bindir: exe
|
10
|
+
cert_chain: []
|
11
|
+
date: 2016-03-31 00:00:00.000000000 Z
|
12
|
+
dependencies:
|
13
|
+
- !ruby/object:Gem::Dependency
|
14
|
+
name: bundler
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
16
|
+
requirements:
|
17
|
+
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '1.11'
|
20
|
+
type: :development
|
21
|
+
prerelease: false
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - "~>"
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.11'
|
27
|
+
- !ruby/object:Gem::Dependency
|
28
|
+
name: rake
|
29
|
+
requirement: !ruby/object:Gem::Requirement
|
30
|
+
requirements:
|
31
|
+
- - "~>"
|
32
|
+
- !ruby/object:Gem::Version
|
33
|
+
version: '10.0'
|
34
|
+
type: :development
|
35
|
+
prerelease: false
|
36
|
+
version_requirements: !ruby/object:Gem::Requirement
|
37
|
+
requirements:
|
38
|
+
- - "~>"
|
39
|
+
- !ruby/object:Gem::Version
|
40
|
+
version: '10.0'
|
41
|
+
- !ruby/object:Gem::Dependency
|
42
|
+
name: rspec
|
43
|
+
requirement: !ruby/object:Gem::Requirement
|
44
|
+
requirements:
|
45
|
+
- - "~>"
|
46
|
+
- !ruby/object:Gem::Version
|
47
|
+
version: '3.0'
|
48
|
+
type: :development
|
49
|
+
prerelease: false
|
50
|
+
version_requirements: !ruby/object:Gem::Requirement
|
51
|
+
requirements:
|
52
|
+
- - "~>"
|
53
|
+
- !ruby/object:Gem::Version
|
54
|
+
version: '3.0'
|
55
|
+
- !ruby/object:Gem::Dependency
|
56
|
+
name: pry
|
57
|
+
requirement: !ruby/object:Gem::Requirement
|
58
|
+
requirements:
|
59
|
+
- - ">="
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
version: '0'
|
62
|
+
type: :development
|
63
|
+
prerelease: false
|
64
|
+
version_requirements: !ruby/object:Gem::Requirement
|
65
|
+
requirements:
|
66
|
+
- - ">="
|
67
|
+
- !ruby/object:Gem::Version
|
68
|
+
version: '0'
|
69
|
+
- !ruby/object:Gem::Dependency
|
70
|
+
name: pry-byebug
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
72
|
+
requirements:
|
73
|
+
- - ">="
|
74
|
+
- !ruby/object:Gem::Version
|
75
|
+
version: '0'
|
76
|
+
type: :development
|
77
|
+
prerelease: false
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
79
|
+
requirements:
|
80
|
+
- - ">="
|
81
|
+
- !ruby/object:Gem::Version
|
82
|
+
version: '0'
|
83
|
+
- !ruby/object:Gem::Dependency
|
84
|
+
name: acme-client
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
86
|
+
requirements:
|
87
|
+
- - ">="
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0'
|
90
|
+
type: :runtime
|
91
|
+
prerelease: false
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
93
|
+
requirements:
|
94
|
+
- - ">="
|
95
|
+
- !ruby/object:Gem::Version
|
96
|
+
version: '0'
|
97
|
+
description: Run stangalone server which do all work, the put the stuff generated
|
98
|
+
to path specified
|
99
|
+
email:
|
100
|
+
- grigory.aksentiev@gmail.com
|
101
|
+
executables:
|
102
|
+
- le_standalone
|
103
|
+
extensions: []
|
104
|
+
extra_rdoc_files: []
|
105
|
+
files:
|
106
|
+
- ".gitignore"
|
107
|
+
- ".rspec"
|
108
|
+
- ".travis.yml"
|
109
|
+
- CODE_OF_CONDUCT.md
|
110
|
+
- Gemfile
|
111
|
+
- README.md
|
112
|
+
- Rakefile
|
113
|
+
- bin/console
|
114
|
+
- bin/setup
|
115
|
+
- exe/le_standalone
|
116
|
+
- le_standalone.gemspec
|
117
|
+
- le_standalone.json
|
118
|
+
- lib/letsencrypt_standalone.rb
|
119
|
+
- lib/letsencrypt_standalone/base.rb
|
120
|
+
- lib/letsencrypt_standalone/certificate.rb
|
121
|
+
- lib/letsencrypt_standalone/client.rb
|
122
|
+
- lib/letsencrypt_standalone/config.rb
|
123
|
+
- lib/letsencrypt_standalone/domain.rb
|
124
|
+
- lib/letsencrypt_standalone/version.rb
|
125
|
+
homepage:
|
126
|
+
licenses: []
|
127
|
+
metadata: {}
|
128
|
+
post_install_message:
|
129
|
+
rdoc_options: []
|
130
|
+
require_paths:
|
131
|
+
- lib
|
132
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
133
|
+
requirements:
|
134
|
+
- - ">="
|
135
|
+
- !ruby/object:Gem::Version
|
136
|
+
version: '0'
|
137
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
138
|
+
requirements:
|
139
|
+
- - ">="
|
140
|
+
- !ruby/object:Gem::Version
|
141
|
+
version: '0'
|
142
|
+
requirements: []
|
143
|
+
rubyforge_project:
|
144
|
+
rubygems_version: 2.5.1
|
145
|
+
signing_key:
|
146
|
+
specification_version: 4
|
147
|
+
summary: Generate and sign ssl certificate with let's encrypt
|
148
|
+
test_files: []
|
149
|
+
has_rdoc:
|