RubyGems - rails-letsencrypt - Versions diffs - 0.5.0 → 0.5.1 - Mend

rails-letsencrypt 0.5.0 → 0.5.1

Files changed (11) hide show

checksums.yaml +4 -4
data/README.md +87 -5
data/Rakefile +1 -1
data/app/models/concerns/lets_encrypt/certificate_issuable.rb +1 -0
data/app/models/concerns/lets_encrypt/certificate_verifiable.rb +1 -0
data/app/models/lets_encrypt/certificate.rb +8 -0
data/lib/letsencrypt/configuration.rb +2 -0
data/lib/letsencrypt/redis.rb +1 -0
data/lib/letsencrypt/version.rb +1 -1
data/lib/letsencrypt.rb +18 -0
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 0633ffad33535aafb793abb0e38402b90ccb2d5a
-  data.tar.gz: db2be9f9072c31adb5592a936a7b5501e5a639cc
+  metadata.gz: 20d99952a5fed288ccf2a91a784e1042ffb5be58
+  data.tar.gz: a55d6f532be02ab448695b0b9c90a3b39f9fe76b
 SHA512:
-  metadata.gz: faaa56f16f0ab8ace274c7bc2e56fc9d67a86db0c75579751d1e54491e09c7c221cf3560a713c2dfba9b54ca36d3da84b534b6139f64c81418a8f10dce285526
-  data.tar.gz: b285b39c7c74297456f6e209ec9d193937ca4af436b904a2691641be913cad87ac341d0d3f3aef53caf2794335393d07558c7f48e7537e95bafb9de4fc2e63cb
+  metadata.gz: 8bdd74b0ca815dc03c277852b597d9aa07369db2ef8d2ccef9e2d47e2baa1f2e4391e24c585405baabb12dea055abad2098d519ed50adfecc89634a45237b9a5
+  data.tar.gz: a0bee2de40ad55c1a9766ace4b4ba5baa913a18fe9c53263526599ebc5b5018846ca86cba067b7fd065f8004d06b65cbda254f7c69628bf98cf301951d5958f4

data/README.md CHANGED Viewed

@@ -29,13 +29,95 @@ Add `acme-challenge` mounts in `config/routes.rb`
 mount LetsEncrypt::Engine => '/.well-known'
 ```
+### Configuration
+Add a file to `config/initializers/letsencrypt.rb` and put below config you need.
+```ruby
+LetsEncrypt.config do |config|
+  # Using Let's Encrypt staging server or not
+  # Default only `Rails.env.production? == true` will use Let's Encrypt production server.
+  config.use_staging = true
+  # Set the private key path
+  # Default is locate at config/letsencrypt.key
+  config.private_key_path = Rails.root.join('config', 'letsencrypt.key')
+  # Use environment variable to set private key
+  # If enable, the API Client will use `LETSENCRYPT_PRIVATE_KEY` as private key
+  # Default is false
+  config.use_env_key = false
+  # Should sync certificate into redis
+  # When using ngx_mruby to dynamic load certificate, this will be helpful
+  # Default is false
+  config.save_to_redis = false
+  # The redis server url
+  # Default is nil
+  config.redis_url = 'redis://localhost:6379/1'
+end
+```
 ## Usage
-The SSL certificate setup is depend on web server, this gem can work with `ngx_mruby` or `kong`.
+The SSL certificate setup depends on the web server, this gem can work with `ngx_mruby` or `kong`.
+### Certificate Model
+#### Create
+Add a new domain into the database.
+```ruby
+cert = LetsEncrypt::Certificate.create(domain: 'example.com')
+cert.get # alias  `verify && issue`
+```
+#### Verify
+Makes a request to Let's Encrypt and verify domain
+```ruby
+cert = LetsEncrypt::Certificate.find_by(domain: 'example.com')
+cert.verify
+```
+#### Issue
+Ask Let's Encrypt to issue a new certificate.
+```ruby
+cert = LetsEncrypt::Certificate.find_by(domain: 'example.com')
+cert.issue
+```
+#### Renew
+```ruby
+cert = LetsEncrypt::Certificate.find_by(domain: 'example.com')
+cert.renew
+```
+#### Status
+Check a certificate is verified and issued.
+```ruby
+cert = LetsEncrypt::Certificate.find_by(domain: 'example.com')
+cert.active? # => true
+```
+Check a certificate is expired.
+```ruby
+cert = LetsEncrypt::Certificate.find_by(domain: 'example.com')
+cert.expired? # => false
+```
 ### Tasks
-To renew certificate, you can can run `renew` task to renew coming expires certificates.
+To renew a certificate, you can run `renew` task to renew coming expires certificates.
 ```bash
 rake letsencrypt:renew
@@ -46,7 +128,7 @@ rake letsencrypt:renew
 If you are using Sidekiq or others, you can enqueue renew task daily.
 ```
-LetsEncrypt::RenewCertificate.perform_later
+LetsEncrypt::RenewCertificatesJob.perform_later
 ```
 ### ngx_mruby
@@ -62,7 +144,7 @@ LetsEncrypt.config do |config|
 end
 ```
-Connect `Redis` when nginx worker start
+Connect `Redis` when Nginx worker start
 ```
 http {
   # ...
@@ -101,7 +183,7 @@ server {
 ### Kong
-Not support now.
+Coming soon.
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/Rakefile CHANGED Viewed

@@ -10,7 +10,7 @@ require 'rdoc/task'
 RDoc::Task.new(:rdoc) do |rdoc|
   rdoc.rdoc_dir = 'rdoc'
-  rdoc.title    = 'rails-letsencrypt'
+  rdoc.title    = 'Rails Let\'sEncrypt'
   rdoc.options << '--line-numbers'
   rdoc.rdoc_files.include('README.md')
   rdoc.rdoc_files.include('lib/**/*.rb')

data/app/models/concerns/lets_encrypt/certificate_issuable.rb CHANGED Viewed

@@ -5,6 +5,7 @@ module LetsEncrypt
   module CertificateIssuable
     extend ActiveSupport::Concern
+    # Returns true if issue new certificate succeed.
     def issue
       logger.info "Getting certificate for #{domain}"
       create_certificate

data/app/models/concerns/lets_encrypt/certificate_verifiable.rb CHANGED Viewed

@@ -5,6 +5,7 @@ module LetsEncrypt
   module CertificateVerifiable
     extend ActiveSupport::Concern
+    # Returns true if verify domain is succeed.
     def verify
       start_authorize
       start_challenge

data/app/models/lets_encrypt/certificate.rb CHANGED Viewed

@@ -15,20 +15,27 @@ module LetsEncrypt
     before_create -> { self.key = OpenSSL::PKey::RSA.new(4096).to_s }
     after_save -> { save_to_redis }, if: -> { LetsEncrypt.config.use_redis? }
+    # Returns false if certificate is not issued.
+    #
+    # This method didn't check certificate is valid,
+    # its only uses for checking is there has a certificate.
     def active?
       certificate.present?
     end
+    # Returns true if certificate is expired.
     def expired?
       Time.zone.now >= expires_at
     end
+    # Returns true if success get a new certificate
     def get
       verify && issue
     end
     alias renew get
+    # Returns full-chain bundled certificates
     def bundle
       [intermediaries, certificate].join("\n")
     end
@@ -41,6 +48,7 @@ module LetsEncrypt
       @key_object ||= OpenSSL::PKey::RSA.new(key)
     end
+    # Save certificate into redis
     def save_to_redis
       LetsEncrypt::Redis.save(self)
     end

data/lib/letsencrypt/configuration.rb CHANGED Viewed

@@ -16,10 +16,12 @@ module LetsEncrypt
     config_accessor :save_to_redis
     config_accessor :redis_url
+    # Returns true if enabled `save_to_redis` feature
     def use_redis?
       save_to_redis == true
     end
+    # Returns true if under development mode.
     def use_staging?
       use_staging
     end

data/lib/letsencrypt/redis.rb CHANGED Viewed

@@ -8,6 +8,7 @@ module LetsEncrypt
         @connection ||= ::Redis.new(url: LetsEncrypt.config.redis_url)
       end
+      # Save certificate into redis.
       def save(cert)
         LetsEncrypt.logger.info "Save #{cert.domain}'s certificate to redis"
         connection.set "#{cert.domain}.key", cert.key

data/lib/letsencrypt/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module LetsEncrypt
-  VERSION = '0.5.0'
+  VERSION = '0.5.1'
 end

data/lib/letsencrypt.rb CHANGED Viewed

@@ -11,10 +11,15 @@ require 'letsencrypt/redis'
 # :nodoc:
 module LetsEncrypt
+  # Production mode API Endpoint
   ENDPOINT = 'https://acme-v01.api.letsencrypt.org/'
+  # Staging mode API Endpoint, the rate limit is higher
+  # but got invalid certificate for testing
   ENDPOINT_STAGING = 'https://acme-staging.api.letsencrypt.org'
   class << self
+    # Create the ACME Client to Let's Encrypt
     def client
       @client ||= ::Acme::Client.new(
         private_key: private_key,
@@ -32,10 +37,17 @@ module LetsEncrypt
       generate_private_key
     end
+    # Get current using Let's Encrypt endpoint
     def endpoint
       @endpoint ||= config.use_staging? ? ENDPOINT_STAGING : ENDPOINT
     end
+    # Register a Let's Encrypt account
+    #
+    # This is required a private key to do this,
+    # and Let's Encrypt will use this private key to
+    # connect with domain and assign the owner who can
+    # renew and revoked.
     def register(email)
       registration = client.register(contact: "mailto:#{email}")
       logger.info "Successfully registered private key with address #{email}"
@@ -59,6 +71,12 @@ module LetsEncrypt
       @logger ||= LoggerProxy.new(Rails.logger, tags: ['LetsEncrypt'])
     end
+    # Config how to Let's Encrypt works for Rails
+    #
+    #  LetsEncrypt.config do |config|
+    #    # Always use production mode to connect Let's Encrypt API server
+    #    config.use_staging = false
+    #   end
     def config(&block)
       @config ||= Configuration.new
       instance_exec(@config, &block) if block_given?

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails-letsencrypt
 version: !ruby/object:Gem::Version
-  version: 0.5.0
+  version: 0.5.1
 platform: ruby
 authors:
 - 蒼時弦也