class ApartmentAcmeClient::CertificateStorage::S3

Constants

CSR_ENCRYPTION_S3_NAME
ENCRYPTION_S3_NAME

Public Class Methods

new() click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 8
def initialize
  @base_prefix = if ApartmentAcmeClient.lets_encrypt_test_server_enabled
                   TEST_PREFIX
                 else
                   ''
                 end
end

Public Instance Methods

cert_exists?() click to toggle source

do we have a certificate on this server? We cannot start nginx when it is pointing at a non-existing certificate, so we need to check

# File lib/apartment_acme_client/certificate_storage/s3.rb, line 32
def cert_exists?
  File.exist?(cert_path('privkey.pem'))
end
csr_private_key() click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 43
def csr_private_key
  s3_object = s3_file(csr_private_key_s3_filename)
  return nil unless s3_object.exists?

  s3_object.get.body.read
end
private_key() click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 36
def private_key
  s3_object = s3_file(private_key_s3_filename)
  return nil unless s3_object.exists?

  s3_object.get.body.read
end
save_csr_private_key(private_key) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 55
def save_csr_private_key(private_key)
  store_s3_file(csr_private_key_s3_filename, private_key.to_der)
end
save_private_key(private_key) click to toggle source

saves a private key to s3

# File lib/apartment_acme_client/certificate_storage/s3.rb, line 51
def save_private_key(private_key)
  store_s3_file(private_key_s3_filename, private_key.to_der)
end
store_certificate_string(certificate_string) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 19
def store_certificate_string(certificate_string)
  File.write(cert_path('cert.pem'), certificate_string)
  store_s3_file(derived_filename('cert.pem'), certificate_string)
end
store_csr_private_key_string(csr_private_key_string) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 24
def store_csr_private_key_string(csr_private_key_string)
  File.write(cert_path('privkey.pem'), csr_private_key_string)
  store_s3_file(derived_filename('privkey.pem'), csr_private_key_string)
end

Private Instance Methods

cert_path(filename) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 78
def cert_path(filename)
  File.join(ApartmentAcmeClient.certificate_storage_folder, derived_filename(filename))
end
csr_private_key_s3_filename() click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 65
def csr_private_key_s3_filename
  derived_filename(CSR_ENCRYPTION_S3_NAME)
end
derived_filename(filename) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 69
def derived_filename(filename)
  "#{@base_prefix}#{filename}"
end
private_key_s3_filename() click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 61
def private_key_s3_filename
  derived_filename(ENCRYPTION_S3_NAME)
end
s3_file(filename) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 82
def s3_file(filename)
  s3 = Aws::S3::Resource.new(region: ApartmentAcmeClient.aws_region)
  object = s3.bucket(ApartmentAcmeClient.aws_bucket).object(filename)
  object
end
store_s3_file(filename, file_contents) click to toggle source
# File lib/apartment_acme_client/certificate_storage/s3.rb, line 73
def store_s3_file(filename, file_contents)
  object = s3_file(filename)
  object.put(body: file_contents)
end