class Pvcglue::Packages::Ssl
Public Instance Methods
install!()
click to toggle source
# File lib/pvcglue/packages/ssl.rb, line 9 def install! # TODO: Support using already created certs return true unless Pvcglue.cloud.ssl_mode == :acme Pvcglue::Packages::SslAcme.apply(minion) # Issue Certificate first_domain = Pvcglue.cloud.domains.first domains = Pvcglue.cloud.domains.map { |domain| "-d #{domain}" } first_domain_option = domains.first domain_options = domains.join(' ') staging_option = Pvcglue.command_line_options[:create_test_cert] ? '--staging ' : '' force_option = Pvcglue.command_line_options[:force_cert] ? '--force ' : '' debug_option = Pvcglue.logger.level == 0 ? '--debug ' : '' begin # Test with http://www.example.com/.well-known/acme-challenge/test.html base_name = "test-#{SecureRandom.hex}.html" verification_file_name = File.join(Pvcglue.cloud.letsencrypt_full, base_name) connection.write_to_file(:root, "Everything's shiny, Cap'n. Not to fret.", verification_file_name, 'root', 'www-data', '660') unless Net::HTTP.get(first_domain, "/.well-known/acme-challenge/#{base_name}") =~ /shiny/ Pvcglue.logger.error("Unable to connect to #{first_domain} at #{minion.public_ip}") raise(Thor::Error, 'Please fix and then restart.') end ensure # TODO: Delete verification file end result = connection.ssh?(:root, '', "/root/.acme.sh/acme.sh #{debug_option}#{staging_option}#{force_option}--issue #{domain_options} -w #{Pvcglue.cloud.letsencrypt_root}") raise result.inspect unless result.exitstatus == 0 || result.exitstatus == 2 # Install Certificate connection.mkdir_p(:root, Pvcglue.cloud.nginx_config_ssl_path) # acme.sh --installcert -d theos.in --keypath /etc/nginx/ssl/theos.in/theos.in.key --fullchainpath /etc/nginx/ssl/theos.in/theos.in.cer --reloadcmd 'systemctl reload nginx' connection.ssh!(:root, '', "/root/.acme.sh/acme.sh --installcert #{first_domain_option} --keypath #{Pvcglue.cloud.nginx_ssl_key_file_name} --fullchainpath #{Pvcglue.cloud.nginx_ssl_crt_file_name} --reloadcmd 'systemctl reload nginx'") end
installed?()
click to toggle source
# File lib/pvcglue/packages/ssl.rb, line 4 def installed? return true if Pvcglue.cloud.ssl_mode == :none false end
post_install_check?()
click to toggle source
# File lib/pvcglue/packages/ssl.rb, line 49 def post_install_check? true end