letsencrypt_webfaction 3.2.0 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +4 -3
- data/.gitignore +4 -0
- data/.rubocop.yml +2 -0
- data/.travis.yml +0 -2
- data/CHANGELOG.md +5 -0
- data/Gemfile +2 -2
- data/README.md +29 -6
- data/certs/will_in_wi.pem +8 -8
- data/docs/upgrading.md +10 -0
- data/letsencrypt_webfaction.gemspec +1 -1
- data/lib/letsencrypt_webfaction.rb +1 -1
- data/lib/letsencrypt_webfaction/application.rb +1 -1
- data/lib/letsencrypt_webfaction/application/init.rb +1 -1
- data/lib/letsencrypt_webfaction/application/run.rb +6 -9
- data/lib/letsencrypt_webfaction/application/version.rb +1 -1
- data/lib/letsencrypt_webfaction/certificate_installer.rb +3 -2
- data/lib/letsencrypt_webfaction/certificate_issuer.rb +15 -3
- data/lib/letsencrypt_webfaction/domain_validator.rb +13 -14
- data/lib/letsencrypt_webfaction/options.rb +4 -3
- data/lib/letsencrypt_webfaction/options/certificate.rb +3 -1
- data/lib/letsencrypt_webfaction/webfaction_api_credentials.rb +1 -0
- data/templates/letsencrypt_webfaction.toml +3 -3
- metadata +13 -13
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: 2d709e490a30b32d1606e0603cca2c3e4e986813
|
4
|
+
data.tar.gz: 8089c0a8d1937633b300e9f81abcc5d7289621c1
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 09355bdc2f2c0fa9721ed53a88a0f9ae92e0cba782f3cc59797117771644041ae837222ed24990d58ddc6b4fe441289accfde2b172eda6527abbaf486ddbb2f2
|
7
|
+
data.tar.gz: 33e97c3dd6c2085b3831b852000289ab8d8001df3ab7d01d7227dbb866dff215062770a26a273911372454937c85c0b4b91a8e7d6524f62f4a4a66004c26d3be
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data.tar.gz.sig
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
1
|
+
��h�^�j=����e����AYn�\��+�f�;���
|
2
|
+
��6G�Z��]�9�30���c
|
3
|
+
��ut�U��}J���>��������P[&� �m�����C�
|
4
|
+
�����H��ei��^�>Cg;�nCl�U�ı�
|
data/.gitignore
CHANGED
data/.rubocop.yml
CHANGED
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
@@ -2,6 +2,11 @@ Unreleased
|
|
2
2
|
|
3
3
|
* Your change here!
|
4
4
|
|
5
|
+
v4.0.0
|
6
|
+
|
7
|
+
* Support ACMEv2
|
8
|
+
* No longer adds intermediate certs to bundle, as these don't appear to be provided.
|
9
|
+
|
5
10
|
v3.2.0
|
6
11
|
|
7
12
|
* New `--force` argument for easier handling of `endpoint` switching. Fixes [#132](https://github.com/will-in-wi/letsencrypt-webfaction/issues/132)
|
data/Gemfile
CHANGED
@@ -4,13 +4,13 @@ source 'https://rubygems.org'
|
|
4
4
|
gemspec
|
5
5
|
|
6
6
|
group :development, :test do
|
7
|
-
gem 'bundler', '~> 1.11'
|
8
7
|
gem 'pry', '~> 0.10'
|
9
8
|
gem 'pry-byebug', '~> 3.3'
|
10
9
|
gem 'pry-doc'
|
11
10
|
gem 'rake', '~> 12.0'
|
12
11
|
gem 'rspec', '~> 3.4'
|
13
|
-
gem 'rubocop', '~> 0.
|
12
|
+
gem 'rubocop', '~> 0.68.0' # Forcing 0.68, as Ruby 2.2 is unsupported after this.
|
13
|
+
gem 'rubocop-performance'
|
14
14
|
gem 'simplecov', '~> 0.11'
|
15
15
|
gem 'timecop', '~> 0.9.1'
|
16
16
|
gem 'webmock', '~> 3.4'
|
data/README.md
CHANGED
@@ -2,7 +2,17 @@
|
|
2
2
|
|
3
3
|
LetsEncrypt utility client for WebFaction hosts.
|
4
4
|
|
5
|
-
*
|
5
|
+
## *WebFaction has released first-party support for Let's Encrypt Certs!*
|
6
|
+
|
7
|
+
The long-awaited support by [webfaction is here!](https://blog.webfaction.com/2018/09/issue-lets-encrypt-ssl-certificates-with-the-control-panel/) See [the blog post for details about how to use it](https://blog.webfaction.com/2018/09/issue-lets-encrypt-ssl-certificates-with-the-control-panel/), it's really easy! I've switched all of my personal certificates over to their implementation. If you are looking to start adding certificates to your site, start there, not with this tool.
|
8
|
+
|
9
|
+
I am not going to abandon this application outright. Too many people have worked too hard on this to suddenly drop it. But I am not planning any further work on it, unless people find actual bugs. If you can't use the WebFaction control panel to issue your Let's Encrypt certs for some reason and so are using this tool, please file a support ticket with WebFaction and also [comment on this ticket](https://github.com/will-in-wi/letsencrypt-webfaction/issues/160).
|
10
|
+
|
11
|
+
And finally, THANK YOU to all of you who have filed issues, contributed code and documentation, and helped others solve tickets. You have made this a tremendously fun and rewarding project to work on, and helped out so many fellow WebFaction customers.
|
12
|
+
|
13
|
+
## Previous Readme
|
14
|
+
|
15
|
+
*NOTE: Version 4 is out and requires some manual changes. See [the upgrade guide for details](docs/upgrading.md).*
|
6
16
|
|
7
17
|
This tool automates the process of using LetsEncrypt on WebFaction hosts. It can be added to the Cron scheduled task runner where it will validate your domains automatically, obtain the certificates, and then install them using the Webfaction API.
|
8
18
|
|
@@ -67,7 +77,7 @@ After saving `~/.bash_profile`, run the command `source $HOME/.bash_profile` to
|
|
67
77
|
|
68
78
|
Run `letsencrypt_webfaction init` to generate a registration cert and the config file. Open the config file `nano -w ~/letsencrypt_webfaction.toml` and edit to reflect your configuration.
|
69
79
|
|
70
|
-
Now, you are ready to run `letsencrypt_webfaction run` from your SSH session to get certificates. Note that by default the config file `letsencrypt_webfaction.toml` is pointed at the LetsEncrypt staging endpoint (the line that says: `
|
80
|
+
Now, you are ready to run `letsencrypt_webfaction run` from your SSH session to get certificates. Note that by default the config file `letsencrypt_webfaction.toml` is pointed at the LetsEncrypt staging endpoint (the line that says: `directory = "https://acme-staging-v02.api.letsencrypt.org/directory"`); meaning you will only get "test" certificates installed while using the stage endpoint. To issue live certificates you will need to comment out default line, and uncomment the production endpoint line (the line that says: `directory = "https://acme-v02.api.letsencrypt.org/directory" # Production`).
|
71
81
|
|
72
82
|
When you have tested with staging, you can remove the certificate from WebFaction control panel (make sure no webapps are using it first) and re-run with the production endpoint.
|
73
83
|
|
@@ -83,13 +93,26 @@ Finally, if you would like the `http` site to redirect to your `https`, follow t
|
|
83
93
|
|
84
94
|
The syntax of the letsencrypt_webfaction command is as follows:
|
85
95
|
|
86
|
-
$ letsencrypt_webfaction [
|
96
|
+
$ letsencrypt_webfaction [init|run] [*options]
|
97
|
+
|
98
|
+
The commands are `init` and `run`. You can also use `--version` to get the currently installed version of letsencrypt_webfaction.
|
99
|
+
|
100
|
+
#### `init`
|
101
|
+
|
102
|
+
Generate registration cert and config file.
|
103
|
+
|
104
|
+
#### `run`
|
105
|
+
|
106
|
+
Generate certs and add to them to the control panel. This command has the following options:
|
87
107
|
|
88
|
-
|
108
|
+
* `--config=CONFIG`: Use alternative configuration path
|
109
|
+
* `--force`: Re-issue certs regardless of expiration
|
110
|
+
* `--help`: Show help for this command
|
111
|
+
* `--quiet`: Run with minimal output (useful for cron)
|
89
112
|
|
90
113
|
### Testing
|
91
114
|
|
92
|
-
To test certificate issuance, consider using the [LetsEncrypt staging server](https://community.letsencrypt.org/t/testing-against-the-lets-encrypt-staging-environment/6763). This doesn't have the rate limit of 5 certs per domain every 7 days. You can change the `
|
115
|
+
To test certificate issuance, consider using the [LetsEncrypt staging server](https://community.letsencrypt.org/t/testing-against-the-lets-encrypt-staging-environment/6763). This doesn't have the rate limit of 5 certs per domain every 7 days. You can change the `directory` config line to be `https://acme-staging-v02.api.letsencrypt.org/directory` in order to test the system.
|
93
116
|
|
94
117
|
After switching endpoints, you will likely want to run the command with `--force` in order to reissue all certificates from the new endpoint.
|
95
118
|
|
@@ -121,7 +144,7 @@ If you want to be notified upon failure, you can add `MAILTO=[you@youremail.com]
|
|
121
144
|
|
122
145
|
While WebFaction staff maintain your standard server software, the support team will not upgrade your installation of LetsEncrypt WebFaction. You won't usually need to do this unless you have an issue but, as is good practice with most software, it's best kept up to date.
|
123
146
|
|
124
|
-
You can find the current version by running `letsencrypt_webfaction --version`. Sort of. In versions >= 1.1.4, this will work. In older versions, this will just print `letsencrypt_webfaction: version unknown` due to an oversight on my part. So if you get the latter output, just upgrade.
|
147
|
+
You can find the current version by running `letsencrypt_webfaction --version`. Sort of. In versions >= 1.1.4 (except for versions v3.0.0-v3.0.1), this will work. In older versions, this will just print `letsencrypt_webfaction: version unknown` due to an oversight on my part. So if you get the latter output, just upgrade.
|
125
148
|
|
126
149
|
[The changelog](CHANGELOG.md) describes changes from version to version.
|
127
150
|
|
data/certs/will_in_wi.pem
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
-----BEGIN CERTIFICATE-----
|
2
|
-
|
2
|
+
MIIDhTCCAm2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMRAwDgYDVQQDDAd3aWxs
|
3
3
|
aWFtMRwwGgYKCZImiZPyLGQBGRYMam9obnN0b25oYXVzMRIwEAYKCZImiZPyLGQB
|
4
|
-
|
4
|
+
GRYCdXMwHhcNMjAwNDE2MDIxNzQ1WhcNMjEwNDE2MDIxNzQ1WjBEMRAwDgYDVQQD
|
5
5
|
DAd3aWxsaWFtMRwwGgYKCZImiZPyLGQBGRYMam9obnN0b25oYXVzMRIwEAYKCZIm
|
6
6
|
iZPyLGQBGRYCdXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl8XJy
|
7
7
|
iFDfTJHbPnQ43vJKAjVPwxRnPhThFeWgYlZ//SU6ZbO4GqewDSMyCrjtWOq+mE59
|
@@ -12,10 +12,10 @@ iL3gD6KBGRCdOVRmX+mgz0mIxchknFslbLE1aU9kNGabVw/25qUVxTid7HN5DAeY
|
|
12
12
|
gkKUO+QWHBNH4QL3AgMBAAGjgYEwfzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAd
|
13
13
|
BgNVHQ4EFgQUFOFAV8TE1Qa285rrUux+StPq5WowIgYDVR0RBBswGYEXd2lsbGlh
|
14
14
|
bUBqb2huc3RvbmhhdXMudXMwIgYDVR0SBBswGYEXd2lsbGlhbUBqb2huc3Rvbmhh
|
15
|
-
|
16
|
-
/
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
15
|
+
dXMudXMwDQYJKoZIhvcNAQEFBQADggEBAMK2SPYRVs6wzv802pqS1fllhrW/a+fZ
|
16
|
+
lU3UP5Gw7VlkFfB7i2J7kafB/kH1Qj6n4e9uu6YhzkodCAszXC0vJdBQoUB+nidO
|
17
|
+
+XFod0RVfCdcYCmhYsF8YMRqbTOPVDtoBXBISGzpt1boQykR6TZcZFkKEPsAAhRW
|
18
|
+
jNRsRelqGB81uWs32PC50OFpQ9Sj8scB/331mAzn//i1F0kiQnQetQDCbr5IieOI
|
19
|
+
is7nzWq9MtbVDHPaE5a10t+7UoSjPzWFe4qKnxjB8RjfGymDvy4+H2eJbRQE932E
|
20
|
+
Dm3/IFNc1K3ekU2WQEZ3O0WHQY8bCBgCAD/U/CiTaLUOm4VsPnYLAx4=
|
21
21
|
-----END CERTIFICATE-----
|
data/docs/upgrading.md
CHANGED
@@ -1,3 +1,13 @@
|
|
1
|
+
# Upgrading from v3 to v4
|
2
|
+
|
3
|
+
Switching to ACMEv2 broke backwards compatibility in a couple ways.
|
4
|
+
|
5
|
+
- You need to change the `endpoint` entry in your config to `directory` and update it to staging or production.
|
6
|
+
```toml
|
7
|
+
directory = "https://acme-staging-v02.api.letsencrypt.org/directory" # Staging
|
8
|
+
#directory = "https://acme-v02.api.letsencrypt.org/directory" # Production
|
9
|
+
```
|
10
|
+
|
1
11
|
# Upgrading from v2 to v3
|
2
12
|
|
3
13
|
Version 3 has a number of major ease of use improvements that break backwards compatibility:
|
@@ -27,7 +27,7 @@ Gem::Specification.new do |spec|
|
|
27
27
|
|
28
28
|
spec.required_ruby_version = '>= 2.2.0'
|
29
29
|
|
30
|
-
spec.add_runtime_dependency 'acme-client', '~>
|
30
|
+
spec.add_runtime_dependency 'acme-client', '~> 2.0'
|
31
31
|
spec.add_runtime_dependency 'toml-rb', '~> 1.1'
|
32
32
|
|
33
33
|
# This will be required for Ruby 2.4. But it is incompatible for Ruby <2.3. Unsupporting Ruby 2.4 for the moment.
|
@@ -18,7 +18,7 @@ module LetsencryptWebfaction
|
|
18
18
|
$stderr.puts "Missing command. Must be one of #{SUPPORTED_COMMANDS.keys.join(', ')}"
|
19
19
|
raise LetsencryptWebfaction::AppExitError, 'Missing command'
|
20
20
|
elsif v2_command?(args)
|
21
|
-
$stderr.puts 'It looks like you are trying to run a version 2 command in version
|
21
|
+
$stderr.puts 'It looks like you are trying to run a version 2 command in version 4'
|
22
22
|
$stderr.puts 'See https://github.com/will-in-wi/letsencrypt-webfaction/blob/master/docs/upgrading.md'
|
23
23
|
raise LetsencryptWebfaction::AppExitError, 'v2 command'
|
24
24
|
else
|
@@ -46,6 +46,7 @@ module LetsencryptWebfaction
|
|
46
46
|
|
47
47
|
def validate!
|
48
48
|
return true if @path.exist?
|
49
|
+
|
49
50
|
print_error
|
50
51
|
raise AppExitError, 'config missing'
|
51
52
|
end
|
@@ -123,6 +124,7 @@ module LetsencryptWebfaction
|
|
123
124
|
|
124
125
|
def validate_options # rubocop:disable Metrics/MethodLength
|
125
126
|
return if @options.valid?
|
127
|
+
|
126
128
|
$stderr.puts 'The configuration file has an error:'
|
127
129
|
@options.errors.each do |field, error|
|
128
130
|
case error
|
@@ -155,19 +157,14 @@ module LetsencryptWebfaction
|
|
155
157
|
end
|
156
158
|
|
157
159
|
def client
|
158
|
-
@_client ||= Acme::Client.new(private_key: private_key,
|
160
|
+
@_client ||= Acme::Client.new(private_key: private_key, directory: @options.directory)
|
159
161
|
end
|
160
162
|
|
161
163
|
def register_key
|
164
|
+
return if client.kid
|
165
|
+
|
162
166
|
# If the private key is not known to the server, we need to register it for the first time.
|
163
|
-
|
164
|
-
|
165
|
-
# You'll may need to agree to the term (that's up the to the server to require it or not but boulder does by default)
|
166
|
-
registration.agree_terms
|
167
|
-
rescue Acme::Client::Error::Malformed => e
|
168
|
-
# Stupid hack if the registration already exists.
|
169
|
-
return if e.message == 'Registration key is already in use'
|
170
|
-
raise
|
167
|
+
client.new_account(contact: "mailto:#{@options.letsencrypt_account_email}", terms_of_service_agreed: true)
|
171
168
|
end
|
172
169
|
end
|
173
170
|
end
|
@@ -2,9 +2,10 @@ require 'xmlrpc/client'
|
|
2
2
|
|
3
3
|
module LetsencryptWebfaction
|
4
4
|
class CertificateInstaller
|
5
|
-
def initialize(cert_name, certificate, credentials)
|
5
|
+
def initialize(cert_name, certificate, private_key, credentials)
|
6
6
|
@cert_name = cert_name
|
7
7
|
@certificate = certificate
|
8
|
+
@private_key = private_key
|
8
9
|
@credentials = credentials
|
9
10
|
end
|
10
11
|
|
@@ -15,7 +16,7 @@ module LetsencryptWebfaction
|
|
15
16
|
else
|
16
17
|
'create_certificate'
|
17
18
|
end
|
18
|
-
@credentials.call(action, @cert_name, @certificate
|
19
|
+
@credentials.call(action, @cert_name, @certificate, @private_key.to_pem)
|
19
20
|
|
20
21
|
true
|
21
22
|
end
|
@@ -22,19 +22,31 @@ module LetsencryptWebfaction
|
|
22
22
|
|
23
23
|
private
|
24
24
|
|
25
|
+
def order
|
26
|
+
@_order ||= @client.new_order(identifiers: @cert_config.domains)
|
27
|
+
end
|
28
|
+
|
25
29
|
def validator
|
26
|
-
@_validator ||= LetsencryptWebfaction::DomainValidator.new
|
30
|
+
@_validator ||= LetsencryptWebfaction::DomainValidator.new order, @client, @cert_config.public_dirs
|
27
31
|
end
|
28
32
|
|
29
33
|
def certificate_installer
|
30
|
-
@_certificate_installer ||= LetsencryptWebfaction::CertificateInstaller.new(@cert_config.cert_name, certificate, @api_credentials)
|
34
|
+
@_certificate_installer ||= LetsencryptWebfaction::CertificateInstaller.new(@cert_config.cert_name, certificate, csr.private_key, @api_credentials)
|
31
35
|
end
|
32
36
|
|
33
37
|
def certificate
|
34
38
|
# We can now request a certificate, you can pass anything that returns
|
35
39
|
# a valid DER encoded CSR when calling to_der on it, for example a
|
36
40
|
# OpenSSL::X509::Request too.
|
37
|
-
@_certificate ||=
|
41
|
+
@_certificate ||= begin
|
42
|
+
order.finalize(csr: csr)
|
43
|
+
while order.status == 'processing'
|
44
|
+
sleep(2)
|
45
|
+
order.reload
|
46
|
+
end
|
47
|
+
|
48
|
+
order.certificate
|
49
|
+
end
|
38
50
|
end
|
39
51
|
|
40
52
|
def csr
|
@@ -2,8 +2,8 @@ require 'fileutils'
|
|
2
2
|
|
3
3
|
module LetsencryptWebfaction
|
4
4
|
class DomainValidator
|
5
|
-
def initialize(
|
6
|
-
@
|
5
|
+
def initialize(order, client, public_dirs)
|
6
|
+
@order = order
|
7
7
|
@client = client
|
8
8
|
@public_dirs = public_dirs.map { |dir| File.expand_path(dir) }
|
9
9
|
end
|
@@ -11,15 +11,18 @@ module LetsencryptWebfaction
|
|
11
11
|
def validate! # rubocop:disable Metrics/MethodLength
|
12
12
|
write_files!
|
13
13
|
|
14
|
-
challenges.map(&:
|
14
|
+
challenges.map(&:request_validation).tap do |requests|
|
15
15
|
next unless requests.any?(&:!)
|
16
|
+
|
16
17
|
$stderr.puts 'Failed to request validations.'
|
17
18
|
return false
|
18
19
|
end
|
19
20
|
|
20
21
|
10.times do
|
22
|
+
challenges.each(&:reload)
|
21
23
|
break if no_challenges_pending?
|
22
|
-
|
24
|
+
|
25
|
+
sleep(2)
|
23
26
|
end
|
24
27
|
|
25
28
|
return true if all_challenges_valid?
|
@@ -30,20 +33,16 @@ module LetsencryptWebfaction
|
|
30
33
|
|
31
34
|
private
|
32
35
|
|
33
|
-
def authorizations
|
34
|
-
@authorizations ||= @domains.map { |domain| @client.authorize(domain: domain) }
|
35
|
-
end
|
36
|
-
|
37
36
|
def challenges
|
38
|
-
@challenges ||= authorizations.map(&:
|
37
|
+
@challenges ||= @order.authorizations.map(&:http)
|
39
38
|
end
|
40
39
|
|
41
40
|
def no_challenges_pending?
|
42
|
-
challenges.none? { |challenge| challenge.
|
41
|
+
challenges.none? { |challenge| challenge.status == 'pending' }
|
43
42
|
end
|
44
43
|
|
45
44
|
def all_challenges_valid?
|
46
|
-
challenges.reject { |challenge| challenge.
|
45
|
+
challenges.reject { |challenge| challenge.status == 'valid' }.empty?
|
47
46
|
end
|
48
47
|
|
49
48
|
def write_files!
|
@@ -59,7 +58,7 @@ module LetsencryptWebfaction
|
|
59
58
|
end
|
60
59
|
|
61
60
|
def print_errors
|
62
|
-
validations = authorizations.map(&:domain).zip(challenges)
|
61
|
+
validations = @order.authorizations.map(&:domain).zip(challenges)
|
63
62
|
$stderr.puts 'Failed to verify statuses.'
|
64
63
|
validations.each { |tuple| Validation.new(*tuple).print_error }
|
65
64
|
end
|
@@ -71,7 +70,7 @@ module LetsencryptWebfaction
|
|
71
70
|
end
|
72
71
|
|
73
72
|
def print_error # rubocop:disable Metrics/MethodLength
|
74
|
-
case @challenge.
|
73
|
+
case @challenge.status
|
75
74
|
when 'valid'
|
76
75
|
$stderr.puts "#{@domain}: Success"
|
77
76
|
when 'invalid'
|
@@ -80,7 +79,7 @@ module LetsencryptWebfaction
|
|
80
79
|
when 'pending'
|
81
80
|
$stderr.puts "#{@domain}: Still pending, but timed out"
|
82
81
|
else
|
83
|
-
$stderr.puts "#{@domain}: Unexpected authorization status #{@challenge.
|
82
|
+
$stderr.puts "#{@domain}: Unexpected authorization status #{@challenge.status}"
|
84
83
|
end
|
85
84
|
end
|
86
85
|
|
@@ -5,7 +5,7 @@ require 'letsencrypt_webfaction/options/certificate'
|
|
5
5
|
|
6
6
|
module LetsencryptWebfaction
|
7
7
|
class Options
|
8
|
-
NON_BLANK_FIELDS = %i[username password letsencrypt_account_email
|
8
|
+
NON_BLANK_FIELDS = %i[username password letsencrypt_account_email directory api_url servername].freeze
|
9
9
|
|
10
10
|
WEBFACTION_API_URL = 'https://api.webfaction.com/'.freeze
|
11
11
|
|
@@ -39,8 +39,8 @@ module LetsencryptWebfaction
|
|
39
39
|
@config['letsencrypt_account_email']
|
40
40
|
end
|
41
41
|
|
42
|
-
def
|
43
|
-
@config['
|
42
|
+
def directory
|
43
|
+
@config['directory']
|
44
44
|
end
|
45
45
|
|
46
46
|
def api_url
|
@@ -57,6 +57,7 @@ module LetsencryptWebfaction
|
|
57
57
|
|
58
58
|
def errors
|
59
59
|
{}.tap do |e|
|
60
|
+
e[:endpoint] = 'needs to be updated to directory. See upgrade documentation.' if @config.key?('endpoint')
|
60
61
|
NON_BLANK_FIELDS.each do |field|
|
61
62
|
e[field] = "can't be blank" if public_send(field).nil? || public_send(field) == ''
|
62
63
|
end
|
@@ -2,7 +2,7 @@ module LetsencryptWebfaction
|
|
2
2
|
class Options
|
3
3
|
class Certificate
|
4
4
|
SUPPORTED_VALIDATION_METHODS = ['http01'].freeze
|
5
|
-
VALID_CERT_NAME = /[^a-zA-Z\d_]
|
5
|
+
VALID_CERT_NAME = /[^a-zA-Z\d_]/.freeze
|
6
6
|
VALID_KEY_SIZES = [2048, 4096].freeze
|
7
7
|
|
8
8
|
def initialize(args)
|
@@ -11,6 +11,7 @@ module LetsencryptWebfaction
|
|
11
11
|
|
12
12
|
def domains
|
13
13
|
return [] if @args['domains'].nil? || @args['domains'] == ''
|
14
|
+
|
14
15
|
Array(@args['domains'])
|
15
16
|
end
|
16
17
|
|
@@ -20,6 +21,7 @@ module LetsencryptWebfaction
|
|
20
21
|
|
21
22
|
def public_dirs
|
22
23
|
return [] if @args['public'].nil? || @args['public'] == ''
|
24
|
+
|
23
25
|
Array(@args['public'])
|
24
26
|
end
|
25
27
|
|
@@ -1,4 +1,4 @@
|
|
1
|
-
# Your Webfaction username and password
|
1
|
+
# Your Webfaction username and password, for the API & control panel, not SSH
|
2
2
|
username = "myusername"
|
3
3
|
password = "mypassword"
|
4
4
|
|
@@ -8,8 +8,8 @@ letsencrypt_account_email = "me@example.com"
|
|
8
8
|
# The ACME endpoint. Use the staging server until you get everything working.
|
9
9
|
# Then switch to the production endpoint. You may want to run with the --force
|
10
10
|
# command after switching to reissue all certificates.
|
11
|
-
|
12
|
-
#
|
11
|
+
directory = "https://acme-staging-v02.api.letsencrypt.org/directory" # Staging
|
12
|
+
#directory = "https://acme-v02.api.letsencrypt.org/directory" # Production
|
13
13
|
|
14
14
|
# The URL to the WebFaction API. You should not change this under normal
|
15
15
|
# circumstances.
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: letsencrypt_webfaction
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 4.0.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- William Johnston
|
@@ -10,9 +10,9 @@ bindir: exe
|
|
10
10
|
cert_chain:
|
11
11
|
- |
|
12
12
|
-----BEGIN CERTIFICATE-----
|
13
|
-
|
13
|
+
MIIDhTCCAm2gAwIBAgIBATANBgkqhkiG9w0BAQUFADBEMRAwDgYDVQQDDAd3aWxs
|
14
14
|
aWFtMRwwGgYKCZImiZPyLGQBGRYMam9obnN0b25oYXVzMRIwEAYKCZImiZPyLGQB
|
15
|
-
|
15
|
+
GRYCdXMwHhcNMjAwNDE2MDIxNzQ1WhcNMjEwNDE2MDIxNzQ1WjBEMRAwDgYDVQQD
|
16
16
|
DAd3aWxsaWFtMRwwGgYKCZImiZPyLGQBGRYMam9obnN0b25oYXVzMRIwEAYKCZIm
|
17
17
|
iZPyLGQBGRYCdXMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl8XJy
|
18
18
|
iFDfTJHbPnQ43vJKAjVPwxRnPhThFeWgYlZ//SU6ZbO4GqewDSMyCrjtWOq+mE59
|
@@ -23,14 +23,14 @@ cert_chain:
|
|
23
23
|
gkKUO+QWHBNH4QL3AgMBAAGjgYEwfzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAd
|
24
24
|
BgNVHQ4EFgQUFOFAV8TE1Qa285rrUux+StPq5WowIgYDVR0RBBswGYEXd2lsbGlh
|
25
25
|
bUBqb2huc3RvbmhhdXMudXMwIgYDVR0SBBswGYEXd2lsbGlhbUBqb2huc3Rvbmhh
|
26
|
-
|
27
|
-
/
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
26
|
+
dXMudXMwDQYJKoZIhvcNAQEFBQADggEBAMK2SPYRVs6wzv802pqS1fllhrW/a+fZ
|
27
|
+
lU3UP5Gw7VlkFfB7i2J7kafB/kH1Qj6n4e9uu6YhzkodCAszXC0vJdBQoUB+nidO
|
28
|
+
+XFod0RVfCdcYCmhYsF8YMRqbTOPVDtoBXBISGzpt1boQykR6TZcZFkKEPsAAhRW
|
29
|
+
jNRsRelqGB81uWs32PC50OFpQ9Sj8scB/331mAzn//i1F0kiQnQetQDCbr5IieOI
|
30
|
+
is7nzWq9MtbVDHPaE5a10t+7UoSjPzWFe4qKnxjB8RjfGymDvy4+H2eJbRQE932E
|
31
|
+
Dm3/IFNc1K3ekU2WQEZ3O0WHQY8bCBgCAD/U/CiTaLUOm4VsPnYLAx4=
|
32
32
|
-----END CERTIFICATE-----
|
33
|
-
date:
|
33
|
+
date: 2020-04-16 00:00:00.000000000 Z
|
34
34
|
dependencies:
|
35
35
|
- !ruby/object:Gem::Dependency
|
36
36
|
name: acme-client
|
@@ -38,14 +38,14 @@ dependencies:
|
|
38
38
|
requirements:
|
39
39
|
- - "~>"
|
40
40
|
- !ruby/object:Gem::Version
|
41
|
-
version: '
|
41
|
+
version: '2.0'
|
42
42
|
type: :runtime
|
43
43
|
prerelease: false
|
44
44
|
version_requirements: !ruby/object:Gem::Requirement
|
45
45
|
requirements:
|
46
46
|
- - "~>"
|
47
47
|
- !ruby/object:Gem::Version
|
48
|
-
version: '
|
48
|
+
version: '2.0'
|
49
49
|
- !ruby/object:Gem::Dependency
|
50
50
|
name: toml-rb
|
51
51
|
requirement: !ruby/object:Gem::Requirement
|
@@ -125,7 +125,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
125
125
|
version: '0'
|
126
126
|
requirements: []
|
127
127
|
rubyforge_project:
|
128
|
-
rubygems_version: 2.
|
128
|
+
rubygems_version: 2.5.1
|
129
129
|
signing_key:
|
130
130
|
specification_version: 4
|
131
131
|
summary: LetsEncrypt utility client for WebFaction hosts.
|
metadata.gz.sig
CHANGED
Binary file
|