rails-letsencrypt 0.10.1 → 0.11.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9fcc6f31e49bb320d23f8dc89e768de5c88edc1cfcb65540d3ff294337908aa6
-  data.tar.gz: 88ebaa8808ab982309be5d3a903b39ba731d68a2f0f7d33fee336316ac0b7ade
+  metadata.gz: 1831382c1a2c8970e928bb47c8760bdf4e58b11c6d0944465cf781be3d91f8c5
+  data.tar.gz: 77a91de46a8a4b0b1b8f49789b1eb390bafb1245347f30a6598f0176398da64d
 SHA512:
-  metadata.gz: 37ba93909e4ec5d883c4d84a41a8b64060079b87c491765736c0d325a8d9df7759f5d9fc21945d3769ccd12388a154eb56604c4dc06c89a01cdc3ebd68189ed0
-  data.tar.gz: 819e3498c99f2037ab520114bc2e1bfa2f6bbce50d05a948dfa3ac1b43fc9cab0630bca1b6d1df294bc89ac4f43b1df18ab417a286f38dec60f2caa5ae66649f
+  metadata.gz: bb4e008a900c46946cbe3a2077deb110c13115c0ba1b64246e376d63f54b3913f81bda6fec525ad031c78be67e6bfb58a47d25153ea3b5695a6a19f1ee52fb22
+  data.tar.gz: 34740983c6aa421bf5bf7bdc703ddfc77ff5b4ceba1277ef3c9568d11dca3049a278e0d5204d4b34049d8d35d216bd7a6a05d19506ff257328dff9276359ea72

data/README.md

@@ -1,11 +1,11 @@
-# LetsEncrypt [![Gem Version](https://badge.fury.io/rb/rails-letsencrypt.svg)](https://badge.fury.io/rb/rails-letsencrypt) [![Build Status](https://travis-ci.org/elct9620/rails-letsencrypt.svg?branch=master)](https://travis-ci.org/elct9620/rails-letsencrypt) [![Coverage Status](https://coveralls.io/repos/github/elct9620/rails-letsencrypt/badge.svg?branch=master)](https://coveralls.io/github/elct9620/rails-letsencrypt?branch=master) [![Code Climate](https://codeclimate.com/github/elct9620/rails-letsencrypt/badges/gpa.svg)](https://codeclimate.com/github/elct9620/rails-letsencrypt)
+# LetsEncrypt [![Gem Version](https://badge.fury.io/rb/rails-letsencrypt.svg)](https://badge.fury.io/rb/rails-letsencrypt) [![Code Climate](https://codeclimate.com/github/elct9620/rails-letsencrypt/badges/gpa.svg)](https://codeclimate.com/github/elct9620/rails-letsencrypt)
 
 Provide manageable Let's Encrypt Certificate for Rails.
 
 ## Requirement
 
-* Rails 5+
-* Ruby 2.5+
+* Rails 6.1+
+* Ruby 2.7+
 
 ## Installation
 
@@ -22,7 +22,7 @@ rails generate lets_encrypt:install
 rake db:migrate
 ```
 
-Setup private key for Let's Encrypt API
+Setup private key for Let's Encrypt API, and create an account at letsencrypt.org associated with that key
 
 ```bash
 rails generate lets_encrypt:register
@@ -140,6 +140,16 @@ If you are using Sidekiq or others, you can enqueue renew task daily.
 LetsEncrypt::RenewCertificatesJob.perform_later
 ```
 
+### Subscribe
+
+When the certificate is trying to issue a new one, you can subscribe it for logging or error handling.
+
+```ruby
+ActiveSupport::Notifications.subscribe('letsencrypt.issue') do |name, start, finish, id, payload|
+  Rails.logger.info("Certificate for #{payload[:domain]} is issued")
+end
+```
+
 ### ngx_mruby
 
 The setup is following this [Article](http://hb.matsumoto-r.jp/entry/2017/03/23/173236)

data/app/controllers/lets_encrypt/verifications_controller.rb

@@ -7,7 +7,8 @@ module LetsEncrypt
   class VerificationsController < ApplicationController
     def show
       return render_verification_string if certificate.present?
-      render plain: 'Verification not found', status: 404
+
+      render plain: 'Verification not found', status: :not_found
     end
 
     protected

data/app/jobs/lets_encrypt/renew_certificates_job.rb

@@ -8,6 +8,7 @@ module LetsEncrypt
     def perform
       LetsEncrypt.certificate_model.renewable.each do |certificate|
         next if certificate.renew
+
         certificate.update(renew_after: 1.day.from_now)
       end
     end

data/app/models/concerns/lets_encrypt/certificate_issuable.rb

@@ -9,9 +9,7 @@ module LetsEncrypt
     def issue
       logger.info "Getting certificate for #{domain}"
       create_certificate
-      # rubocop:disable Metrics/LineLength
       logger.info "Certificate issued for #{domain} (expires on #{expires_at}, will renew after #{renew_after})"
-      # rubocop:enable Metrics/LineLength
       true
     end
 
@@ -30,12 +28,16 @@ module LetsEncrypt
       order.finalize(csr: csr)
       sleep 1 while order.status == 'processing'
       fullchain = order.certificate.split("\n\n")
+      assign_new_certificate(fullchain)
+      save!
+    end
+
+    def assign_new_certificate(fullchain)
       cert = OpenSSL::X509::Certificate.new(fullchain.shift)
       self.certificate = cert.to_pem
       self.intermediaries = fullchain.join("\n\n")
       self.expires_at = cert.not_after
       self.renew_after = (expires_at - 1.month) + rand(10).days
-      save!
     end
   end
 end

data/app/models/concerns/lets_encrypt/certificate_verifiable.rb

@@ -52,16 +52,16 @@ module LetsEncrypt
       true
     end
 
-    def retry_on_verify_error(e)
+    def retry_on_verify_error(error)
       @retries ||= 0
-      if e.is_a?(Acme::Client::Error::BadNonce) && @retries < 5
+      if error.is_a?(Acme::Client::Error::BadNonce) && @retries < 5
         @retries += 1
         logger.info "#{domain}: Bad nounce encountered. Retrying (#{@retries} of 5 attempts)"
         sleep 1
         verify
       else
         logger.info "#{domain}: Error: #{e.class} (#{e.message})"
-        return false
+        false
       end
     end
   end

data/app/models/lets_encrypt/certificate.rb

@@ -22,7 +22,7 @@ module LetsEncrypt
   #  index_letsencrypt_certificates_on_domain       (domain)
   #  index_letsencrypt_certificates_on_renew_after  (renew_after)
   #
-  class Certificate < ActiveRecord::Base
+  class Certificate < ApplicationRecord
     include CertificateVerifiable
     include CertificateIssuable
 
@@ -33,8 +33,8 @@ module LetsEncrypt
     scope :expired, -> { where('expires_at <= ?', Time.zone.now) }
 
     before_create -> { self.key = OpenSSL::PKey::RSA.new(4096).to_s }
-    after_save -> { save_to_redis }, if: -> { LetsEncrypt.config.use_redis? && active? }
     after_destroy -> { delete_from_redis }, if: -> { LetsEncrypt.config.use_redis? && active? }
+    after_save -> { save_to_redis }, if: -> { LetsEncrypt.config.use_redis? && active? }
 
     # Returns false if certificate is not issued.
     #
@@ -51,7 +51,9 @@ module LetsEncrypt
 
     # Returns true if success get a new certificate
     def get
-      verify && issue
+      ActiveSupport::Notifications.instrument('letsencrypt.issue', domain: domain) do
+        verify && issue
+      end
     end
 
     alias renew get

data/lib/generators/lets_encrypt/install_generator.rb

@@ -10,7 +10,7 @@ module LetsEncrypt
     class InstallGenerator < ::Rails::Generators::Base
       include ::Rails::Generators::Migration
 
-      source_root File.expand_path('../templates', __FILE__)
+      source_root File.expand_path('templates', __dir__)
 
       def self.next_migration_number(path)
         ActiveRecord::Generators::Base.next_migration_number(path)

data/lib/generators/lets_encrypt/register_generator.rb

@@ -26,26 +26,24 @@ module LetsEncrypt
       end
 
       def generate_key
-        # rubocop:disable Metrics/LineLength
         key_path = ask("Where you to save private key [#{LetsEncrypt.private_key_path}]:", path: true)
-        # rubocop:enable Metrics/LineLength
         key_path = LetsEncrypt.private_key_path if key_path.blank?
 
         return unless file_collision(key_path)
-        FileUtils.rm(key_path) if File.exist?(key_path)
+
+        FileUtils.rm_f(key_path)
         LetsEncrypt.config.use_env_key = false
         LetsEncrypt.config.private_key_path = key_path
 
         LetsEncrypt.load_private_key
 
-        # rubocop:disable Metrics/LineLength
         say "Your privated key is saved in #{key_path}, make sure setup configure for your rails.", :yellow
-        # rubocop:enable Metrics/LineLength
       end
 
       def register_email
         email = ask('What email you want to register:')
         return say('Email is inavlid!', :red) if email.blank?
+
         LetsEncrypt.register(email)
         say 'Register successed, don\'t forget backup your private key', :green
       end

data/lib/letsencrypt/logger_proxy.rb

@@ -15,10 +15,10 @@ module LetsEncrypt
       @tags = @tags.uniq
     end
 
-    def tag(logger)
+    def tag(logger, &block)
       if logger.respond_to?(:tagged)
         current_tags = tags - logger.formatter.current_tags
-        logger.tagged(*current_tags) { yield }
+        logger.tagged(*current_tags, &block)
       else
         yield
       end

data/lib/letsencrypt/redis.rb

@@ -11,6 +11,7 @@ module LetsEncrypt
       # Save certificate into redis.
       def save(cert)
         return unless cert.key.present? && cert.bundle.present?
+
         LetsEncrypt.logger.info "Save #{cert.domain}'s certificate (bundle) to redis"
         connection.set "#{cert.domain}.key", cert.key
         connection.set "#{cert.domain}.crt", cert.bundle
@@ -19,6 +20,7 @@ module LetsEncrypt
       # Delete certificate from redis.
       def delete(cert)
         return unless cert.key.present? && cert.certificate.present?
+
         LetsEncrypt.logger.info "Delete #{cert.domain}'s certificate from redis"
         connection.del "#{cert.domain}.key"
         connection.del "#{cert.domain}.crt"

data/lib/letsencrypt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module LetsEncrypt
-  VERSION = '0.10.1'
+  VERSION = '0.11.0'
 end

data/lib/letsencrypt.rb

@@ -32,14 +32,15 @@ module LetsEncrypt
     end
 
     def load_private_key
-      return ENV['LETSENCRYPT_PRIVATE_KEY'] if config.use_env_key
+      return ENV.fetch('LETSENCRYPT_PRIVATE_KEY', nil) if config.use_env_key
       return File.open(private_key_path) if File.exist?(private_key_path)
+
       generate_private_key
     end
 
     # Get current using Let's Encrypt endpoint
     def directory
-      @endpoint ||= config.use_staging? ? ENDPOINT_STAGING : ENDPOINT
+      @directory ||= config.use_staging? ? ENDPOINT_STAGING : ENDPOINT
     end
 
     # Register a Let's Encrypt account
@@ -56,12 +57,12 @@ module LetsEncrypt
     end
 
     def private_key_path
-      config.private_key_path || Rails.root.join('config', 'letsencrypt.key')
+      config.private_key_path || Rails.root.join('config/letsencrypt.key')
     end
 
     def generate_private_key
       key = OpenSSL::PKey::RSA.new(4096)
-      File.open(private_key_path, 'w') { |f| f.write(key.to_s) }
+      File.write(private_key_path, key.to_s)
       logger.info "Created new private key for Let's Encrypt"
       key
     end

data/lib/tasks/letsencrypt_tasks.rake

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 namespace :letsencrypt do
-  desc "Renew certificates that already expired or expiring soon"
+  desc 'Renew certificates that already expired or expiring soon'
   task renew: :environment do
     count = 0
     failed = 0

metadata

@@ -1,121 +1,135 @@
 --- !ruby/object:Gem::Specification
 name: rails-letsencrypt
 version: !ruby/object:Gem::Version
-  version: 0.10.1
+  version: 0.11.0
 platform: ruby
 authors:
 - 蒼時弦也
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-27 00:00:00.000000000 Z
+date: 2023-11-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: rails
+  name: acme-client
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: 2.0.0
+- !ruby/object:Gem::Dependency
+  name: actionmailer
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: acme-client
+  name: actionpack
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 2.0.0
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: redis
+  name: actionview
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: appraisal
+  name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+        version: '6.1'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: rspec-rails
+  name: activerecord
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
+        version: '6.1'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '0'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: simplecov
+  name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.16.1
-  type: :development
+        version: '6.1'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.16.1
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: coveralls
+  name: railties
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.8.23
-  type: :development
+        version: '6.1'
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.8.23
+        version: '6.1'
 - !ruby/object:Gem::Dependency
-  name: codeclimate-test-reporter
+  name: redis
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-  type: :development
+  type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
@@ -155,7 +169,8 @@ files:
 homepage: https://github.com/elct9620/rails-letsencrypt
 licenses:
 - MIT
-metadata: {}
+metadata:
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -164,14 +179,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.6
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: The Let's Encrypt certificate manager for rails