prun-ops 0.4.1 → 0.4.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/capistrano/config/ubuntu.rake +2 -2
- data/lib/prun/ops/railitie.rb +1 -1
- data/lib/prun/ops/version.rb +1 -1
- data/lib/prun/ssl_certificate.rb +65 -0
- metadata +2 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6db83ea42405061a985ad0735a5639153113ef023ce5a8508c9f44c4fc937eef
|
|
4
|
+
data.tar.gz: 8758ab13d2d398b11dbaf4aaad38cbdeafcef524a18c00a8fb1eba19ee901780
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f1f8ff8c12d6f347c37f89ec4b168224b352f81bdc8d1a528b40aad5a914ced296d48fa8dcf2c13e52702f6c729b1ba15a922b9a54ffe061f46425467b3946c3
|
|
7
|
+
data.tar.gz: 06fec349960354343974b5e53f2428aff7e02e869e34eb678ab77c7dfd773cdf9c2734a684f0ac84efa14671d79ad9e53206a838c26ae3c08ab4c876f7a21576
|
|
@@ -6,10 +6,10 @@ namespace :ubuntu do
|
|
|
6
6
|
execute "sudo apt-get -y update"
|
|
7
7
|
# Pre-requirements
|
|
8
8
|
execute <<-EOBLOCK
|
|
9
|
-
#{apt_nointeractive} git build-essential libsqlite3-dev libssl-dev gawk g++ vim
|
|
9
|
+
#{apt_nointeractive} git build-essential libsqlite3-dev libssl-dev gawk g++ vim
|
|
10
10
|
#{apt_nointeractive} libssl-dev libreadline-dev libgdbm-dev openssl
|
|
11
11
|
#{apt_nointeractive} libreadline6-dev libyaml-dev sqlite3 autoconf libgdbm-dev
|
|
12
|
-
#{apt_nointeractive} libcurl4 libcurl3-gnutls libcurl4-openssl-dev
|
|
12
|
+
#{apt_nointeractive} libcurl4 libcurl3-gnutls libcurl4-openssl-dev
|
|
13
13
|
#{apt_nointeractive} libncurses5-dev automake libtool bison pkg-config libffi-dev libvips
|
|
14
14
|
#{apt_nointeractive} software-properties-common gnupg2
|
|
15
15
|
EOBLOCK
|
data/lib/prun/ops/railitie.rb
CHANGED
data/lib/prun/ops/version.rb
CHANGED
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
class SslCertificate
|
|
4
|
+
DNS_PROVIDER = 'digitalocean'
|
|
5
|
+
NGINX_RELOAD_COMMAND = 'service nginx restart'
|
|
6
|
+
CREDENTIALS_PATH = '/etc/letsencrypt/digitalocean.ini'
|
|
7
|
+
DOMAIN = "#{`hostname`.strip}.com".freeze
|
|
8
|
+
|
|
9
|
+
def self.renew = new.renew
|
|
10
|
+
|
|
11
|
+
def renew
|
|
12
|
+
create_credentials_file
|
|
13
|
+
if run_command(certbot_command)
|
|
14
|
+
Rails.logger.info "SSL::Certificate renewed successfully for #{DOMAIN}."
|
|
15
|
+
if run_command(NGINX_RELOAD_COMMAND)
|
|
16
|
+
Rails.logger.info 'SSL::Web server reloaded.'
|
|
17
|
+
else
|
|
18
|
+
Rails.logger.fail 'SSL::Failed to reload web server.'
|
|
19
|
+
end
|
|
20
|
+
else
|
|
21
|
+
Rails.logger.fail "SSL::Certificate renewal failed for #{DOMAIN}."
|
|
22
|
+
end
|
|
23
|
+
remove_credentials_file
|
|
24
|
+
end
|
|
25
|
+
|
|
26
|
+
private
|
|
27
|
+
|
|
28
|
+
def certbot_command
|
|
29
|
+
'certbot certonly ' \
|
|
30
|
+
"--dns-#{DNS_PROVIDER} " \
|
|
31
|
+
"--dns-#{DNS_PROVIDER}-credentials #{CREDENTIALS_PATH} " \
|
|
32
|
+
"-d '*.#{DOMAIN}' " \
|
|
33
|
+
"-d '#{DOMAIN}' " \
|
|
34
|
+
'--agree-tos ' \
|
|
35
|
+
'--no-eff-email ' \
|
|
36
|
+
"--email admin@#{DOMAIN} " \
|
|
37
|
+
'--force-renewal'
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def create_credentials_file
|
|
41
|
+
File.write(CREDENTIALS_PATH, "dns_#{DNS_PROVIDER}_api_token=#{Cred[:digitalocean_api_token]}")
|
|
42
|
+
File.chmod(0o600, CREDENTIALS_PATH)
|
|
43
|
+
Rails.logger.info "SSL::Credentials file created at #{CREDENTIALS_PATH}."
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
def remove_credentials_file
|
|
47
|
+
File.delete(CREDENTIALS_PATH) if File.exist?(CREDENTIALS_PATH)
|
|
48
|
+
Rails.logger.info "SSL::Credentials file removed from #{CREDENTIALS_PATH}."
|
|
49
|
+
rescue Errno::ENOENT
|
|
50
|
+
Rails.logger.warn "SSL::Credentials file not found at #{CREDENTIALS_PATH}."
|
|
51
|
+
rescue StandardError => e
|
|
52
|
+
Rails.logger.error "SSL::Error removing credentials file: #{e.message}"
|
|
53
|
+
end
|
|
54
|
+
|
|
55
|
+
def run_command(command)
|
|
56
|
+
Rails.logger.info "SSL::Running: #{command}"
|
|
57
|
+
output = `#{command} 2>&1`
|
|
58
|
+
success = $CHILD_STATUS.success?
|
|
59
|
+
|
|
60
|
+
Rails.logger.info("SSL::Output:\n#{output}") unless output.strip.empty?
|
|
61
|
+
Rails.logger.fail("SSL::Command failed with exit status: #{$CHILD_STATUS.exitstatus}") unless success
|
|
62
|
+
|
|
63
|
+
success
|
|
64
|
+
end
|
|
65
|
+
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: prun-ops
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.4.
|
|
4
|
+
version: 0.4.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- jlebrijo
|
|
@@ -120,6 +120,7 @@ files:
|
|
|
120
120
|
- lib/prun/ops.rb
|
|
121
121
|
- lib/prun/ops/railitie.rb
|
|
122
122
|
- lib/prun/ops/version.rb
|
|
123
|
+
- lib/prun/ssl_certificate.rb
|
|
123
124
|
- lib/tasks/backup.rake
|
|
124
125
|
- lib/tasks/db.rake
|
|
125
126
|
- lib/tasks/git.rake
|