push.rocks/smartcert
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: push.rocks:v0.0.1
Branches Tags
push.rocks:master
push.rocks:v1.0.7
push.rocks:v1.0.6
push.rocks:v1.0.5
push.rocks:v1.0.4
push.rocks:v1.0.3
push.rocks:v1.0.2
push.rocks:v1.0.1
push.rocks:v1.0.0
push.rocks:v0.0.18
push.rocks:v0.0.17
push.rocks:v0.0.16
push.rocks:v0.0.15
push.rocks:v0.0.14
push.rocks:v0.0.13
push.rocks:v0.0.12
push.rocks:v0.0.11
push.rocks:v0.0.10
push.rocks:v0.0.9
push.rocks:v0.0.8
push.rocks:v0.0.7
push.rocks:v0.0.6
push.rocks:v0.0.5
push.rocks:v0.0.4
push.rocks:v0.0.3
push.rocks:v0.0.2
push.rocks:v0.0.1
...
compare: push.rocks:master
Branches Tags
push.rocks:master
push.rocks:v1.0.7
push.rocks:v1.0.6
push.rocks:v1.0.5
push.rocks:v1.0.4
push.rocks:v1.0.3
push.rocks:v1.0.2
push.rocks:v1.0.1
push.rocks:v1.0.0
push.rocks:v0.0.18
push.rocks:v0.0.17
push.rocks:v0.0.16
push.rocks:v0.0.15
push.rocks:v0.0.14
push.rocks:v0.0.13
push.rocks:v0.0.12
push.rocks:v0.0.11
push.rocks:v0.0.10
push.rocks:v0.0.9
push.rocks:v0.0.8
push.rocks:v0.0.7
push.rocks:v0.0.6
push.rocks:v0.0.5
push.rocks:v0.0.4
push.rocks:v0.0.3
push.rocks:v0.0.2
push.rocks:v0.0.1

83 Commits
v0.0.1 ... master

Author SHA1 Message Date
Philipp Kunz
bf07bf27d4 switch to new org scheme 2023-07-11 00:21:17 +02:00
Philipp Kunz
5117d1e3c3 switch to new org scheme 2023-07-10 02:42:26 +02:00
Phil Kunz
b8ecc0bca0 added smartacme 2017-01-03 08:15:09 +01:00
Phil Kunz
34299fa651 remove npm letsencrypt 2017-01-01 14:25:46 +01:00
Phil Kunz
fd89e54295 fix 2017-01-01 05:18:50 +01:00
PhilKunz
7455891097 switch to new storage strategy... 2016-10-24 03:26:34 +02:00
PhilKunz
944fbc071b fix .gitignore 2016-10-24 02:42:45 +02:00
PhilKunz
b6b06e6853 update 2016-10-24 02:24:34 +02:00
PhilKunz
c4b72aebf8 update 2016-10-24 01:42:31 +02:00
PhilKunz
b72f6dfac3 1.0.8 2016-10-24 01:06:30 +02:00
PhilKunz
aa85d294c5 add some classes 2016-10-24 01:06:27 +02:00
PhilKunz
b03d8bfb65 fix 2016-10-24 00:35:00 +02:00
Phil Kunz
4094834446 fix 2016-10-22 16:27:57 +02:00
Phil Kunz
5c7bf24c56 start transition to letsencrypt 2016-10-22 16:21:25 +02:00
Phil Kunz
738c249a3e add npmextra.json 2016-10-22 15:46:04 +02:00
Phil Kunz
b8656aa231 update README 2016-10-22 04:23:12 +02:00
Phil Kunz
903b497525 update dependencies 2016-10-22 04:16:07 +02:00
PhilKunz
2c9f19b2e5 1.0.7 2016-08-03 12:26:48 +02:00
PhilKunz
1c63450213 update version types 2016-08-03 12:26:34 +02:00
PhilKunz
1beceb21a8 1.0.6 2016-07-24 20:26:20 +02:00
PhilKunz
ec40f43c9e fix README and git 2016-07-24 20:17:23 +02:00
PhilKunz
a4d0654f28 improve gitlab ci 2016-07-24 20:07:24 +02:00
PhilKunz
3ca368755b 1.0.5 2016-07-24 19:56:36 +02:00
PhilKunz
86fedee9ed now recovering from errors 2016-07-24 19:56:32 +02:00
PhilKunz
fc91384a76 1.0.4 2016-07-24 19:39:23 +02:00
PhilKunz
2e8cfd00d2 now paying respect to same zone subdomains 2016-07-24 19:39:20 +02:00
PhilKunz
6c67556756 1.0.3 2016-07-22 03:39:54 +02:00
PhilKunz
8e892c14bc test 2016-07-22 03:39:45 +02:00
PhilKunz
adcf49d729 1.0.2 2016-07-22 03:28:33 +02:00
PhilKunz
22d79491ce testing 2016-07-22 03:28:30 +02:00
PhilKunz
1b23d1e435 1.0.1 2016-07-22 02:59:33 +02:00
PhilKunz
1c2063ef82 now retrying 2016-07-22 02:59:11 +02:00
PhilKunz
d48a6c8315 1.0.0 2016-07-22 02:13:23 +02:00
PhilKunz
1185480b91 0.0.18 2016-07-22 02:12:58 +02:00
PhilKunz
afddfe5217 improve README 2016-07-22 02:12:49 +02:00
PhilKunz
159ffe0728 now requesting in parallel 2016-07-22 02:11:04 +02:00
PhilKunz
3c3da30966 update README 2016-07-21 15:02:51 +02:00
PhilKunz
d4b249a59b update 2016-07-21 14:58:05 +02:00
LosslessBot
06256f7a4d 0.0.17 2016-07-13 16:06:27 +02:00
LosslessBot
be6fc3adfd cleanup after oneself 2016-07-13 16:06:16 +02:00
LosslessBot
5ccf5b81e2 0.0.16 2016-07-13 12:09:41 +02:00
LosslessBot
d06a2cee2f update sslDir handling 2016-07-13 12:09:34 +02:00
LosslessBot
a7525184ef 0.0.15 2016-07-12 18:00:15 +02:00
LosslessBot
ae9865749a use interface for Cert constructor 2016-07-12 18:00:08 +02:00
LosslessBot
b2482b3cfd 0.0.14 2016-07-12 16:36:34 +02:00
LosslessBot
41988da3ed fix types 2016-07-12 16:36:29 +02:00
Phil Kunz
55d450be69 0.0.13 2016-07-06 03:23:54 +02:00
Phil Kunz
ae2ade8680 updated test 2016-07-06 03:23:51 +02:00
Phil Kunz
d7ec7e254e 0.0.12 2016-07-06 03:10:49 +02:00
Phil Kunz
4bd7aee8ea add typings to package.json 2016-07-06 03:10:36 +02:00
Phil Kunz
bf711c2bb6 update tests 2016-07-04 21:57:14 +02:00
Phil Kunz
eb9e6679c4 0.0.11 2016-07-04 09:00:31 +02:00
Phil Kunz
96c801cdbd now fully working 2016-07-04 08:41:58 +02:00
Phil Kunz
ee844fd348 implement Git Repo Sync 2016-07-04 04:56:49 +02:00
Phil Kunz
d06c7059bb update dependency typings 2016-07-01 06:26:10 +02:00
Phil Kunz
d36f2f0c33 update for latest npmts compatibility 2016-07-01 06:18:48 +02:00
Phil Kunz
4bcf925b28 0.0.10 2016-06-29 22:55:50 +02:00
Phil Kunz
484e75ac34 nwo creating configfile per certificate all right 2016-06-28 10:34:59 +02:00
Phil Kunz
ad792f32dd now has sslDir implemented 2016-06-28 09:32:01 +02:00
Phil Kunz
05b7c7ab45 improve logs and cooldown 2016-06-28 05:53:49 +02:00
Phil Kunz
d94a097443 start Certificate class logic 2016-06-23 04:37:18 +02:00
Phil Kunz
645e46dc01 start implementing validity check 2016-06-23 03:46:37 +02:00
Phil Kunz
5c87851ab8 remove some unused deps 2016-06-22 14:58:46 +02:00
Phil Kunz
0fd3bd262b start implementation of sslDir and gitOrigin 2016-06-22 13:55:38 +02:00
Phil Kunz
732e35d295 compile 2016-06-22 13:35:15 +02:00
Phil Kunz
e9135c42af 0.0.9 2016-06-22 13:22:21 +02:00
Phil Kunz
a850243c59 now working 2016-06-22 13:22:09 +02:00
Phil Kunz
8dc75feb8d update structure 2016-06-21 21:08:04 +02:00
Phil Kunz
ac7160c3a3 add should devDeps 2016-06-21 20:04:44 +02:00
Phil Kunz
1cdcd332d4 install step now working 2016-06-21 20:02:57 +02:00
Phil Kunz
5e10df8e5a update REAMDE 2016-06-18 16:14:57 +02:00
Phil Kunz
e67677d57d 0.0.6 2016-06-18 16:03:58 +02:00
Phil Kunz
d5b5e8d612 update Readme 2016-06-18 16:03:46 +02:00
Phil Kunz
bbee7923e4 more structure 2016-06-18 15:59:03 +02:00
Phil Kunz
04be5f88eb 0.0.5 2016-06-18 15:42:53 +02:00
Phil Kunz
3c626908f1 compile 2016-06-18 15:42:49 +02:00
Phil Kunz
821b2f95b0 fix repo link 2016-06-18 15:42:09 +02:00
Phil Kunz
c0753c185f 0.0.4 2016-06-18 15:13:06 +02:00
Phil Kunz
dad659e2ed fix description 2016-06-18 15:13:02 +02:00
Phil Kunz
d1f1ae271a 0.0.3 2016-06-18 15:09:48 +02:00
Phil Kunz
7bd18cb927 fix branches for ci 2016-06-18 15:09:44 +02:00
Phil Kunz
56b5adac16 0.0.2 2016-06-18 15:08:06 +02:00
Phil Kunz
56180af583 integrate gitlab ci 2016-06-18 15:07:54 +02:00
37 changed files with 3019 additions and 15 deletions
Show Stats Expand all files Collapse all files

10
.gitignore vendored
View File

@ -1,3 +1,9 @@
node_modules node_modules/
assets/
docs/ docs/
coverage/ public/
pages/
coverage/
.nogit/
dist/assets/
test/assets/

38
.gitlab-ci.yml Normal file
View File

@ -0,0 +1,38 @@
image: hosttoday/ht-docker-node:npmts
stages:
- test1
- test2
- release
before_script:
- npmci prepare ssh
testLTS:
stage: test1
script:
- npmci test lts
only:
- tags
tags:
- docker
- lossless
testSTABLE:
stage: test2
script:
- npmci test stable
only:
- tags
tags:
- docker
- lossless
release:
stage: release
script:
- npmci publish npm
only:
- tags
tags:
- lossless

47
README.md
View File

@ -1,16 +1,51 @@
# Cert # Cert
Easily obain SSL certificates from LetsEncrypt. Supports DNS-01 challenge. TypeScript ready. Easily obain SSL certificates from LetsEncrypt. Supports DNS-01 challenge. TypeScript ready.
## Availabililty
[![npm](https://push.rocks/assets/repo-button-npm.svg)](https://www.npmjs.com/package/cert)
[![git](https://push.rocks/assets/repo-button-git.svg)](https://gitlab.com/pushrocks/cert)
[![git](https://push.rocks/assets/repo-button-mirror.svg)](https://github.com/pushrocks/cert)
[![docs](https://push.rocks/assets/repo-button-docs.svg)](https://pushrocks.gitlab.io/cert/)
## Status for master
[![build status](https://gitlab.com/pushrocks/cert/badges/master/build.svg)](https://gitlab.com/pushrocks/cert/commits/master)
[![coverage report](https://gitlab.com/pushrocks/cert/badges/master/coverage.svg)](https://gitlab.com/pushrocks/cert/commits/master)
[![Dependency Status](https://david-dm.org/pushrocks/cert.svg)](https://david-dm.org/pushrocks/cert)
[![bitHound Dependencies](https://www.bithound.io/github/pushrocks/cert/badges/dependencies.svg)](https://www.bithound.io/github/pushrocks/cert/master/dependencies/npm)
[![bitHound Code](https://www.bithound.io/github/pushrocks/cert/badges/code.svg)](https://www.bithound.io/github/pushrocks/cert)
[![TypeScript](https://img.shields.io/badge/TypeScript-2.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
[![node](https://img.shields.io/badge/node->=%206.x.x-blue.svg)](https://nodejs.org/dist/latest-v6.x/docs/api/)
[![JavaScript Style Guide](https://img.shields.io/badge/code%20style-standard-brightgreen.svg)](http://standardjs.com/)
## Usage ## Usage
```typescript ```typescript
import {Cert} from "cert"; import {Cert} from "cert";
myCert = new Cert({ let myCert = new Cert({
cfEmail = "some@cloudflare.email", cfEmail: "some@cloudflare.email",
cfKey = "someCloudflareApiKey", cfKey: "someCloudflareApiKey",
outputPath = "someOutputPath" // NOTE: if you already have certificates, make sure you put them in here, so cert only requires the missing ones sslDir: "someOutputPath", // NOTE: if you already have certificates, make sure you put them in here, so cert only requires the missing ones
gitOriginRepo: "git@githhub.com/someuser/somereopo" // good for persistence in highly volatile environments like docker
}); });
myCert.getDomainCert("example.com"); myCert.getDomainCert("example.com"); // returns promise
``` ```
> **Note:** cert supports async parallel cert fetching.
However any subsequent calls will wait for the queue of the same dns zone to clear.
In other words: test1.domain1.tld and test2.domain2.tld will run in parallel, but test2.domain1.tld will wait for test1.domain1.tld !
## sslDir
to use the certificates it is important to understand what the structure of the ssl directory looks like.
## using a git origin repo.
Often times you want to keep track of certificates in order to keep them
even if the point of initial certificate request is gone. Imagine you have a dockerenvironement
and you keep starting new container versions for the same domain. YOu ideally want to use a proxy
that handles SSL managemet for you. But even the proxy needs to be updated from time to time.
So you need some kind of persistence between versions. This is why you can sync up all certificates to a git repo over ssh
Just make sure your id_rsa is in place for the node user and is allowed for the origin repo.
[![npm](https://push.rocks/assets/repo-header.svg)](https://push.rocks)

43
dist/cert.classes.cert.d.ts vendored Normal file
View File

@ -0,0 +1,43 @@
/// <reference types="q" />
import * as q from 'q';
import { Stringmap, Objectmap } from 'lik';
import { Certificate } from './cert.classes.certificate';
import { Letsencrypt, TLeEnv } from './cert.classes.letsencrypt';
export interface ICertConstructorOptions {
cfEmail: string;
cfKey: string;
sslDirPath?: string;
gitOriginRepo?: string;
leEnv?: TLeEnv;
}
export declare class Cert {
domainStringRequestMap: Stringmap;
certificateMap: Objectmap<Certificate>;
letsencrypt: Letsencrypt;
private _challengeHandler;
private _certRepo;
/**
* Constructor for Cert object
*/
constructor(optionsArg: ICertConstructorOptions);
/**
* setup the Cert instanceof
* @executes ASYNC
* @return Promise
*/
setup(): q.Promise<{}>;
/**
* adds a Certificate for a given domain
*/
addCertificate(domainNameArg: string, optionsArg?: {
force: boolean;
}): q.Promise<{}>;
/**
* cleans up old certificates
*/
cleanOldCertificates(): void;
/**
* executes the current batch of jobs
*/
deploy(): void;
}

75
dist/cert.classes.cert.js vendored Normal file
View File

@ -0,0 +1,75 @@
"use strict";
const q = require("q");
const lik_1 = require("lik");
// classes
const cert_classes_certificate_1 = require("./cert.classes.certificate");
const cert_classes_certrepo_1 = require("./cert.classes.certrepo");
const cert_classes_letsencrypt_1 = require("./cert.classes.letsencrypt");
const cert_classes_challengehandler_1 = require("./cert.classes.challengehandler");
class Cert {
/**
* Constructor for Cert object
*/
constructor(optionsArg) {
this.domainStringRequestMap = new lik_1.Stringmap();
this.certificateMap = new lik_1.Objectmap();
// set up challengehandler
this._challengeHandler = new cert_classes_challengehandler_1.ChallengeHandler({
cfEmail: optionsArg.cfEmail,
cfKey: optionsArg.cfKey
});
// setup Letsencrypt
this.letsencrypt = new cert_classes_letsencrypt_1.Letsencrypt({
leEnv: optionsArg.leEnv,
sslDir: optionsArg.sslDirPath,
challengeHandler: this._challengeHandler
});
this._certRepo = new cert_classes_certrepo_1.CertRepo({
sslDirPath: optionsArg.sslDirPath,
remoteGitUrl: optionsArg.gitOriginRepo,
certInstance: this
});
}
/**
* setup the Cert instanceof
* @executes ASYNC
* @return Promise
*/
setup() {
return this._certRepo.setup();
}
/**
* adds a Certificate for a given domain
*/
addCertificate(domainNameArg, optionsArg = { force: false }) {
let done = q.defer();
let certificateForDomain = this.certificateMap.find((certificate) => {
return certificate.domainName === domainNameArg;
});
if (certificateForDomain instanceof cert_classes_certificate_1.Certificate) {
certificateForDomain.renew()
.then(done.resolve);
}
else {
certificateForDomain = new cert_classes_certificate_1.Certificate({
certInstance: this,
domainName: domainNameArg
});
certificateForDomain.renew()
.then(done.resolve);
}
return done.promise;
}
/**
* cleans up old certificates
*/
cleanOldCertificates() {
}
/**
* executes the current batch of jobs
*/
deploy() {
}
}
exports.Cert = Cert;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5jbGFzc2VzLmNlcnQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9jZXJ0LmNsYXNzZXMuY2VydC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsdUJBQXNCO0FBQ3RCLDZCQUEwQztBQUsxQyxVQUFVO0FBQ1YseUVBQXdEO0FBQ3hELG1FQUFrRDtBQUNsRCx5RUFBZ0U7QUFDaEUsbUZBQWtFO0FBV2xFO0lBT0k7O09BRUc7SUFDSCxZQUFZLFVBQW1DO1FBVC9DLDJCQUFzQixHQUFHLElBQUksZUFBUyxFQUFFLENBQUE7UUFDeEMsbUJBQWMsR0FBRyxJQUFJLGVBQVMsRUFBZSxDQUFBO1FBVXpDLDBCQUEwQjtRQUMxQixJQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxnREFBZ0IsQ0FBQztZQUMxQyxPQUFPLEVBQUUsVUFBVSxDQUFDLE9BQU87WUFDM0IsS0FBSyxFQUFFLFVBQVUsQ0FBQyxLQUFLO1NBQzFCLENBQUMsQ0FBQTtRQUVGLG9CQUFvQjtRQUNwQixJQUFJLENBQUMsV0FBVyxHQUFHLElBQUksc0NBQVcsQ0FBQztZQUMvQixLQUFLLEVBQUUsVUFBVSxDQUFDLEtBQUs7WUFDdkIsTUFBTSxFQUFFLFVBQVUsQ0FBQyxVQUFVO1lBQzdCLGdCQUFnQixFQUFFLElBQUksQ0FBQyxpQkFBaUI7U0FDM0MsQ0FBQyxDQUFBO1FBRUYsSUFBSSxDQUFDLFNBQVMsR0FBRyxJQUFJLGdDQUFRLENBQUM7WUFDMUIsVUFBVSxFQUFFLFVBQVUsQ0FBQyxVQUFVO1lBQ2pDLFlBQVksRUFBRSxVQUFVLENBQUMsYUFBYTtZQUN0QyxZQUFZLEVBQUUsSUFBSTtTQUNyQixDQUFDLENBQUE7SUFDTixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILEtBQUs7UUFDRCxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtJQUNqQyxDQUFDO0lBRUQ7O09BRUc7SUFDSCxjQUFjLENBQUMsYUFBcUIsRUFBRSxhQUFpQyxFQUFFLEtBQUssRUFBRSxLQUFLLEVBQUU7UUFDbkYsSUFBSSxJQUFJLEdBQUcsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO1FBQ3BCLElBQUksb0JBQW9CLEdBQUcsSUFBSSxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxXQUFXO1lBQzVELE1BQU0sQ0FBQyxXQUFXLENBQUMsVUFBVSxLQUFLLGFBQWEsQ0FBQTtRQUNuRCxDQUFDLENBQUMsQ0FBQTtRQUNGLEVBQUUsQ0FBQyxDQUFDLG9CQUFvQixZQUFZLHNDQUFXLENBQUMsQ0FBQyxDQUFDO1lBQzlDLG9CQUFvQixDQUFDLEtBQUssRUFBRTtpQkFDdkIsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQTtRQUMzQixDQUFDO1FBQUMsSUFBSSxDQUFDLENBQUM7WUFDSixvQkFBb0IsR0FBRyxJQUFJLHNDQUFXLENBQUM7Z0JBQ25DLFlBQVksRUFBRSxJQUFJO2dCQUNsQixVQUFVLEVBQUUsYUFBYTthQUM1QixDQUFDLENBQUE7WUFDRixvQkFBb0IsQ0FBQyxLQUFLLEVBQUU7aUJBQ3ZCLElBQUksQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUE7UUFDM0IsQ0FBQztRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILG9CQUFvQjtJQUVwQixDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNO0lBRU4sQ0FBQztDQUNKO0FBNUVELG9CQTRFQyJ9

48
dist/cert.classes.certificate.d.ts vendored Normal file
View File

@ -0,0 +1,48 @@
/// <reference types="q" />
import * as q from 'q';
import * as plugins from './cert.plugins';
import { Cert } from './cert.classes.cert';
export interface ICertificateFsConfig {
domainName: string;
creationTime: number;
expiryTime: number;
}
export interface ICertificateConstructorOptions {
domainName: string;
certInstance: Cert;
}
export declare type TCertificateStatus = 'unregistered' | 'valid' | 'expiring' | 'expired';
export declare class Certificate {
domainName: string;
certInstance: Cert;
domainData: plugins.smartstring.Domain;
creationDate: Date;
expiryDate: Date;
publicKey: string;
privKey: string;
/**
* run when creating a new instance of Certificate
*/
constructor(optionsArg: ICertificateConstructorOptions);
/**
* the status of the Certificate
*/
readonly status: TCertificateStatus;
readonly sameZoneRequesting: boolean;
/**
* schedule a retry of certificate request
*/
scheduleRetry(): q.Promise<{}>;
/**
* renew certificate if needed
*/
renew(force?: boolean): q.Promise<{}>;
/**
* syncFs syncs the certificate with disk
*/
syncFs(): void;
/**
* deletes the certificate
*/
delete(): void;
}

103
dist/cert.classes.certificate.js vendored Normal file
View File

@ -0,0 +1,103 @@
"use strict";
const q = require("q");
const plugins = require("./cert.plugins");
class Certificate {
/**
* run when creating a new instance of Certificate
*/
constructor(optionsArg) {
this.creationDate = null;
this.expiryDate = null;
this.publicKey = null;
this.privKey = null;
this.domainName = optionsArg.domainName;
this.domainData = new plugins.smartstring.Domain(this.domainName);
this.certInstance = optionsArg.certInstance;
}
/**
* the status of the Certificate
*/
get status() {
let validTimeRemaining = 0;
if (this.creationDate !== null && this.expiryDate !== null) {
validTimeRemaining = this.expiryDate.getTime() - Date.now();
}
let MonthMilliseconds = 2629746000;
if (this.publicKey === null || this.privKey === null) {
return 'unregistered';
}
else if (validTimeRemaining >= MonthMilliseconds) {
return 'valid';
}
else if (validTimeRemaining < MonthMilliseconds && validTimeRemaining >= 0) {
return 'expiring';
}
else {
return 'expired';
}
}
get sameZoneRequesting() {
return this.certInstance.domainStringRequestMap.checkMinimatch('*' + this.domainData.zoneName);
}
/**
* schedule a retry of certificate request
*/
scheduleRetry() {
let done = plugins.q.defer();
setTimeout(() => {
this.renew()
.then(done.resolve);
}, 60000);
return done.promise;
}
/**
* renew certificate if needed
*/
renew(force = false) {
let done = q.defer();
if (this.status === 'valid') {
plugins.beautylog.log('Certificate still valid for more than 1 month, so it is not renewed now');
done.resolve();
}
else if (this.status === 'expiring' || this.status === 'expired' || this.status === 'unregistered') {
plugins.beautylog.info('Certificate not valid currently, going to renew now!');
if (this.sameZoneRequesting) {
this.certInstance.domainStringRequestMap.registerUntilTrue(() => {
return !this.sameZoneRequesting;
}, () => {
this.renew().then(done.resolve);
});
}
else {
this.certInstance.letsencrypt.registerDomain(this.domainName)
.then(() => {
return this.syncFs();
})
.then(() => {
done.resolve();
}).catch((err) => { console.log(err); });
}
}
else {
throw Error(`weird status for certificate with domain name ${this.domainName}`);
}
done.resolve();
return done.promise;
}
/**
* syncFs syncs the certificate with disk
*/
syncFs() {
let configJsonMemory = {
domainName: this.domainName,
creationTime: this.creationDate.getTime(),
expiryTime: this.expiryDate.getTime()
};
}
/**
* deletes the certificate
*/
delete() { }
}
exports.Certificate = Certificate;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5jbGFzc2VzLmNlcnRpZmljYXRlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvY2VydC5jbGFzc2VzLmNlcnRpZmljYXRlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSx1QkFBc0I7QUFFdEIsMENBQXlDO0FBcUJ6QztJQVNJOztPQUVHO0lBQ0gsWUFBWSxVQUEwQztRQVJ0RCxpQkFBWSxHQUFTLElBQUksQ0FBQTtRQUN6QixlQUFVLEdBQVMsSUFBSSxDQUFBO1FBQ3ZCLGNBQVMsR0FBVyxJQUFJLENBQUE7UUFDeEIsWUFBTyxHQUFXLElBQUksQ0FBQTtRQU1sQixJQUFJLENBQUMsVUFBVSxHQUFHLFVBQVUsQ0FBQyxVQUFVLENBQUE7UUFDdkMsSUFBSSxDQUFDLFVBQVUsR0FBRyxJQUFJLE9BQU8sQ0FBQyxXQUFXLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQTtRQUNqRSxJQUFJLENBQUMsWUFBWSxHQUFHLFVBQVUsQ0FBQyxZQUFZLENBQUE7SUFDL0MsQ0FBQztJQUVEOztPQUVHO0lBQ0gsSUFBSSxNQUFNO1FBQ04sSUFBSSxrQkFBa0IsR0FBVyxDQUFDLENBQUE7UUFDbEMsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLFlBQVksS0FBSyxJQUFJLElBQUksSUFBSSxDQUFDLFVBQVUsS0FBSyxJQUFJLENBQUMsQ0FBQyxDQUFDO1lBQ3hELGtCQUFrQixHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsT0FBTyxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFBO1FBQ2hFLENBQUM7UUFDRCxJQUFJLGlCQUFpQixHQUFHLFVBQVUsQ0FBQTtRQUNsQyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsU0FBUyxLQUFLLElBQUksSUFBSSxJQUFJLENBQUMsT0FBTyxLQUFLLElBQUksQ0FBQyxDQUFDLENBQUM7WUFDbkQsTUFBTSxDQUFDLGNBQWMsQ0FBQTtRQUN6QixDQUFDO1FBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDLGtCQUFrQixJQUFJLGlCQUFpQixDQUFDLENBQUMsQ0FBQztZQUNqRCxNQUFNLENBQUMsT0FBTyxDQUFBO1FBQ2xCLENBQUM7UUFBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUMsa0JBQWtCLEdBQUcsaUJBQWlCLElBQUksa0JBQWtCLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUMzRSxNQUFNLENBQUMsVUFBVSxDQUFBO1FBQ3JCLENBQUM7UUFBQyxJQUFJLENBQUMsQ0FBQztZQUNKLE1BQU0sQ0FBQyxTQUFTLENBQUE7UUFDcEIsQ0FBQztJQUNMLENBQUM7SUFFRCxJQUFJLGtCQUFrQjtRQUNsQixNQUFNLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxzQkFBc0IsQ0FBQyxjQUFjLENBQUMsR0FBRyxHQUFHLElBQUksQ0FBQyxVQUFVLENBQUMsUUFBUSxDQUFDLENBQUE7SUFDbEcsQ0FBQztJQUVEOztPQUVHO0lBQ0gsYUFBYTtRQUNULElBQUksSUFBSSxHQUFHLE9BQU8sQ0FBQyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDNUIsVUFBVSxDQUFDO1lBQ1AsSUFBSSxDQUFDLEtBQUssRUFBRTtpQkFDUCxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFBO1FBQzNCLENBQUMsRUFBRSxLQUFLLENBQUMsQ0FBQTtRQUNULE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILEtBQUssQ0FBQyxRQUFpQixLQUFLO1FBQ3hCLElBQUksSUFBSSxHQUFHLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUNwQixFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLE9BQU8sQ0FBQyxDQUFDLENBQUM7WUFDMUIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMseUVBQXlFLENBQUMsQ0FBQTtZQUNoRyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDbEIsQ0FBQztRQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLFVBQVUsSUFBSSxJQUFJLENBQUMsTUFBTSxLQUFLLFNBQVMsSUFBSSxJQUFJLENBQUMsTUFBTSxLQUFLLGNBQWMsQ0FBQyxDQUFDLENBQUM7WUFDbkcsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLENBQUMsc0RBQXNELENBQUMsQ0FBQTtZQUM5RSxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsa0JBQWtCLENBQUMsQ0FBQyxDQUFDO2dCQUMxQixJQUFJLENBQUMsWUFBWSxDQUFDLHNCQUFzQixDQUFDLGlCQUFpQixDQUNsRDtvQkFDSSxNQUFNLENBQUMsQ0FBQyxJQUFJLENBQUMsa0JBQWtCLENBQUE7Z0JBQ25DLENBQUMsRUFDRDtvQkFDSSxJQUFJLENBQUMsS0FBSyxFQUFFLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQTtnQkFDbkMsQ0FBQyxDQUNKLENBQUE7WUFDVCxDQUFDO1lBQUMsSUFBSSxDQUFDLENBQUM7Z0JBQ0osSUFBSSxDQUFDLFlBQVksQ0FBQyxXQUFXLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxVQUFVLENBQUM7cUJBQ3hELElBQUksQ0FBQztvQkFDRixNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxDQUFBO2dCQUN4QixDQUFDLENBQUM7cUJBQ0QsSUFBSSxDQUFDO29CQUNGLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtnQkFDbEIsQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsR0FBRyxPQUFPLE9BQU8sQ0FBQyxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUEsQ0FBQyxDQUFDLENBQUMsQ0FBQTtZQUMvQyxDQUFDO1FBQ0wsQ0FBQztRQUFDLElBQUksQ0FBQyxDQUFDO1lBQ0osTUFBTSxLQUFLLENBQUMsaURBQWlELElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQyxDQUFBO1FBQ25GLENBQUM7UUFDRCxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7UUFDZCxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQTtJQUN2QixDQUFDO0lBRUQ7O09BRUc7SUFDSCxNQUFNO1FBQ0YsSUFBSSxnQkFBZ0IsR0FBeUI7WUFDekMsVUFBVSxFQUFFLElBQUksQ0FBQyxVQUFVO1lBQzNCLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWSxDQUFDLE9BQU8sRUFBRTtZQUN6QyxVQUFVLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUU7U0FDeEMsQ0FBQTtJQUVMLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU0sS0FBSyxDQUFDO0NBQ2Y7QUF6R0Qsa0NBeUdDIn0=

31
dist/cert.classes.certrepo.d.ts vendored Normal file
View File

@ -0,0 +1,31 @@
/// <reference types="q" />
import * as q from 'q';
import { Cert } from './cert.classes.cert';
export interface ICertRepoConstructorOptions {
sslDirPath: string;
remoteGitUrl: string;
certInstance: Cert;
}
export declare class CertRepo {
private _sslDirPath;
private _remoteGitUrl;
private gitRepo;
private _certInstance;
constructor(optionsArg: ICertRepoConstructorOptions);
/**
* setup the Cert instance
*/
setup(): q.Promise<{}>;
/**
* syncs an objectmap of Certificates with repo
*/
syncFs(): q.Promise<{}>;
/**
* Pulls already requested certificates from git origin
*/
sslGitOriginPull: () => void;
/**
* Pushes all new requested certificates to git origin
*/
sslGitOriginAddCommitPush: () => void;
}

59
dist/cert.classes.certrepo.js vendored Normal file
View File

@ -0,0 +1,59 @@
"use strict";
const q = require("q");
const plugins = require("./cert.plugins");
const paths = require("./cert.paths");
class CertRepo {
constructor(optionsArg) {
/**
* Pulls already requested certificates from git origin
*/
this.sslGitOriginPull = () => {
if (this.gitRepo) {
this.gitRepo.pull('origin', 'master');
}
};
/**
* Pushes all new requested certificates to git origin
*/
this.sslGitOriginAddCommitPush = () => {
if (this._remoteGitUrl) {
this.gitRepo.addAll();
this.gitRepo.commit('added new SSL certificates and deleted obsolete ones.');
this.gitRepo.push('origin', 'master');
}
};
this._sslDirPath = optionsArg.sslDirPath;
this._remoteGitUrl = optionsArg.remoteGitUrl;
this._certInstance = optionsArg.certInstance;
// setup sslDir
if (!this._sslDirPath) {
this._sslDirPath = paths.defaultSslDir;
}
}
/**
* setup the Cert instance
*/
setup() {
// setup Git
let done = q.defer();
if (this._remoteGitUrl) {
plugins.smartfile.fs.ensureEmptyDirSync(paths.defaultSslDir);
plugins.smartgit.createRepoFromClone(this._remoteGitUrl, paths.defaultSslDir)
.then(gitRepoArg => {
this.gitRepo = gitRepoArg;
done.resolve();
});
}
return done.promise;
}
/**
* syncs an objectmap of Certificates with repo
*/
syncFs() {
let done = q.defer();
done.resolve();
return done.promise;
}
}
exports.CertRepo = CertRepo;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5jbGFzc2VzLmNlcnRyZXBvLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvY2VydC5jbGFzc2VzLmNlcnRyZXBvLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSx1QkFBc0I7QUFHdEIsMENBQXlDO0FBQ3pDLHNDQUFxQztBQVdyQztJQUtJLFlBQVksVUFBdUM7UUFxQ25EOztXQUVHO1FBQ0gscUJBQWdCLEdBQUc7WUFDZixFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztnQkFDZixJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsUUFBUSxDQUFDLENBQUE7WUFDekMsQ0FBQztRQUNMLENBQUMsQ0FBQTtRQUVEOztXQUVHO1FBQ0gsOEJBQXlCLEdBQUc7WUFDeEIsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDLENBQUM7Z0JBQ3JCLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxFQUFFLENBQUE7Z0JBQ3JCLElBQUksQ0FBQyxPQUFPLENBQUMsTUFBTSxDQUFDLHVEQUF1RCxDQUFDLENBQUE7Z0JBQzVFLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLFFBQVEsRUFBRSxRQUFRLENBQUMsQ0FBQTtZQUN6QyxDQUFDO1FBQ0wsQ0FBQyxDQUFBO1FBdERHLElBQUksQ0FBQyxXQUFXLEdBQUcsVUFBVSxDQUFDLFVBQVUsQ0FBQTtRQUN4QyxJQUFJLENBQUMsYUFBYSxHQUFHLFVBQVUsQ0FBQyxZQUFZLENBQUE7UUFDNUMsSUFBSSxDQUFDLGFBQWEsR0FBRyxVQUFVLENBQUMsWUFBWSxDQUFBO1FBRTVDLGVBQWU7UUFDZixFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQyxDQUFDO1lBQ3BCLElBQUksQ0FBQyxXQUFXLEdBQUcsS0FBSyxDQUFDLGFBQWEsQ0FBQTtRQUMxQyxDQUFDO0lBQ0wsQ0FBQztJQUVEOztPQUVHO0lBQ0gsS0FBSztRQUNELFlBQVk7UUFDWixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsRUFBRSxDQUFDLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDLENBQUM7WUFDckIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsa0JBQWtCLENBQUMsS0FBSyxDQUFDLGFBQWEsQ0FBQyxDQUFBO1lBQzVELE9BQU8sQ0FBQyxRQUFRLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLGFBQWEsRUFBRSxLQUFLLENBQUMsYUFBYSxDQUFDO2lCQUN4RSxJQUFJLENBQUMsVUFBVTtnQkFDWixJQUFJLENBQUMsT0FBTyxHQUFHLFVBQVUsQ0FBQTtnQkFDekIsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1lBQ2xCLENBQUMsQ0FBQyxDQUFBO1FBQ1YsQ0FBQztRQUNELE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0lBQ3ZCLENBQUM7SUFFRDs7T0FFRztJQUNILE1BQU07UUFDRixJQUFJLElBQUksR0FBRyxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUE7UUFDcEIsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1FBQ2QsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQXFCSjtBQTdERCw0QkE2REMifQ==

20
dist/cert.classes.challengehandler.d.ts vendored Normal file
View File

@ -0,0 +1,20 @@
/// <reference types="q" />
export interface IChallengehandlerConstructorOptions {
cfEmail: string;
cfKey: string;
}
/**
* class ChallengeHandler handles challenges
*/
export declare class ChallengeHandler {
private _cfInstance;
constructor(optionsArg: IChallengehandlerConstructorOptions);
/**
* set a challenge
*/
setChallenge(domainNameArg: string, challengeArg: string): Q.Promise<{}>;
/**
* cleans a challenge
*/
cleanChallenge(domainNameArg: any): Q.Promise<{}>;
}

75
dist/cert.classes.challengehandler.js vendored Normal file
View File

@ -0,0 +1,75 @@
"use strict";
const plugins = require("./cert.plugins");
/**
* class ChallengeHandler handles challenges
*/
class ChallengeHandler {
constructor(optionsArg) {
this._cfInstance = new plugins.cflare.CflareAccount();
this._cfInstance.auth({
email: optionsArg.cfEmail,
key: optionsArg.cfKey
});
}
/**
* set a challenge
*/
setChallenge(domainNameArg, challengeArg) {
let done = plugins.q.defer();
plugins.beautylog.log('setting challenge for ' + domainNameArg);
this._cfInstance.createRecord(prefixName(domainNameArg), 'TXT', challengeArg).then(() => {
plugins.beautylog.ok('Challenge has been set!');
plugins.beautylog.info('We need to cool down to let DNS propagate to edge locations!');
cooldown().then(() => {
done.resolve();
});
});
return done.promise;
}
/**
* cleans a challenge
*/
cleanChallenge(domainNameArg) {
let done = plugins.q.defer();
plugins.beautylog.log('cleaning challenge for ' + domainNameArg);
this._cfInstance.removeRecord(prefixName(domainNameArg), 'TXT');
cooldown().then(() => {
done.resolve();
});
return done.promise;
}
}
exports.ChallengeHandler = ChallengeHandler;
/**
* cooldown timer for letting DNS settle before answering the challengerequest
*/
let cooldown = () => {
let done = plugins.q.defer();
let cooldowntime = 60000;
let passedTime = 0;
plugins.beautylog.log('Cooling down! ' + (cooldowntime / 1000).toString() + ' seconds left');
let coolDownCounter = () => {
setTimeout(() => {
if (cooldowntime <= passedTime) {
plugins.beautylog.ok('Cooled down!');
done.resolve();
}
else {
passedTime = passedTime + 5000;
plugins.beautylog.log('Cooling down! '
+ ((cooldowntime - passedTime) / 1000).toString()
+ ' seconds left');
coolDownCounter();
}
}, 5000);
};
coolDownCounter();
return done.promise;
};
/**
* prefix a domain name to make sure it complies with letsencrypt
*/
let prefixName = (domainNameArg) => {
return '_acme-challenge.' + domainNameArg;
};
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5jbGFzc2VzLmNoYWxsZW5nZWhhbmRsZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9jZXJ0LmNsYXNzZXMuY2hhbGxlbmdlaGFuZGxlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiO0FBQUEsMENBQXlDO0FBUXpDOztHQUVHO0FBQ0g7SUFFSSxZQUFZLFVBQStDO1FBQ3ZELElBQUksQ0FBQyxXQUFXLEdBQUcsSUFBSSxPQUFPLENBQUMsTUFBTSxDQUFDLGFBQWEsRUFBRSxDQUFBO1FBQ3JELElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDO1lBQ2xCLEtBQUssRUFBRSxVQUFVLENBQUMsT0FBTztZQUN6QixHQUFHLEVBQUUsVUFBVSxDQUFDLEtBQUs7U0FDeEIsQ0FBQyxDQUFBO0lBQ04sQ0FBQztJQUVEOztPQUVHO0lBQ0gsWUFBWSxDQUFDLGFBQXFCLEVBQUUsWUFBb0I7UUFDcEQsSUFBSSxJQUFJLEdBQUcsT0FBTyxDQUFDLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUM1QixPQUFPLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyx3QkFBd0IsR0FBRyxhQUFhLENBQUMsQ0FBQTtRQUMvRCxJQUFJLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLEVBQUUsS0FBSyxFQUFFLFlBQVksQ0FBQyxDQUFDLElBQUksQ0FBQztZQUMvRSxPQUFPLENBQUMsU0FBUyxDQUFDLEVBQUUsQ0FBQyx5QkFBeUIsQ0FBQyxDQUFBO1lBQy9DLE9BQU8sQ0FBQyxTQUFTLENBQUMsSUFBSSxDQUFDLDhEQUE4RCxDQUFDLENBQUE7WUFDdEYsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDO2dCQUNaLElBQUksQ0FBQyxPQUFPLEVBQUUsQ0FBQTtZQUNsQixDQUFDLENBQUMsQ0FBQTtRQUNOLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztJQUVEOztPQUVHO0lBQ0gsY0FBYyxDQUFDLGFBQWE7UUFDeEIsSUFBSSxJQUFJLEdBQUcsT0FBTyxDQUFDLENBQUMsQ0FBQyxLQUFLLEVBQUUsQ0FBQTtRQUM1QixPQUFPLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyx5QkFBeUIsR0FBRyxhQUFhLENBQUMsQ0FBQTtRQUNoRSxJQUFJLENBQUMsV0FBVyxDQUFDLFlBQVksQ0FBQyxVQUFVLENBQUMsYUFBYSxDQUFDLEVBQUUsS0FBSyxDQUFDLENBQUE7UUFDL0QsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDO1lBQ1osSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFBO1FBQ2xCLENBQUMsQ0FBQyxDQUFBO1FBQ0YsTUFBTSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUE7SUFDdkIsQ0FBQztDQUNKO0FBdENELDRDQXNDQztBQUVEOztHQUVHO0FBQ0gsSUFBSSxRQUFRLEdBQUc7SUFDWCxJQUFJLElBQUksR0FBRyxPQUFPLENBQUMsQ0FBQyxDQUFDLEtBQUssRUFBRSxDQUFBO0lBQzVCLElBQUksWUFBWSxHQUFHLEtBQUssQ0FBQTtJQUN4QixJQUFJLFVBQVUsR0FBRyxDQUFDLENBQUE7SUFDbEIsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUMsZ0JBQWdCLEdBQUcsQ0FBQyxZQUFZLEdBQUcsSUFBSSxDQUFDLENBQUMsUUFBUSxFQUFFLEdBQUcsZUFBZSxDQUFDLENBQUE7SUFDNUYsSUFBSSxlQUFlLEdBQUc7UUFDbEIsVUFBVSxDQUFDO1lBQ1AsRUFBRSxDQUFDLENBQUMsWUFBWSxJQUFJLFVBQVUsQ0FBQyxDQUFDLENBQUM7Z0JBQzdCLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLGNBQWMsQ0FBQyxDQUFBO2dCQUNwQyxJQUFJLENBQUMsT0FBTyxFQUFFLENBQUE7WUFDbEIsQ0FBQztZQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNKLFVBQVUsR0FBRyxVQUFVLEdBQUcsSUFBSSxDQUFBO2dCQUM5QixPQUFPLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQyxnQkFBZ0I7c0JBQ2hDLENBQUMsQ0FBQyxZQUFZLEdBQUcsVUFBVSxDQUFDLEdBQUcsSUFBSSxDQUFDLENBQUMsUUFBUSxFQUFFO3NCQUMvQyxlQUFlLENBQ3BCLENBQUE7Z0JBQ0QsZUFBZSxFQUFFLENBQUE7WUFDckIsQ0FBQztRQUNMLENBQUMsRUFBRSxJQUFJLENBQUMsQ0FBQTtJQUNaLENBQUMsQ0FBQTtJQUNELGVBQWUsRUFBRSxDQUFBO0lBQ2pCLE1BQU0sQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFBO0FBQ3ZCLENBQUMsQ0FBQTtBQUVEOztHQUVHO0FBQ0gsSUFBSSxVQUFVLEdBQUcsQ0FBQyxhQUFxQjtJQUNuQyxNQUFNLENBQUMsa0JBQWtCLEdBQUcsYUFBYSxDQUFBO0FBQzdDLENBQUMsQ0FBQSJ9

26
dist/cert.classes.letsencrypt.d.ts vendored Normal file
View File

@ -0,0 +1,26 @@
/// <reference types="q" />
import * as q from 'q';
import { ChallengeHandler } from './cert.classes.challengehandler';
export declare type TLeEnv = 'production' | 'staging';
export interface ILetsencryptConstructorOptions {
leEnv: TLeEnv;
challengeHandler: ChallengeHandler;
sslDir: string;
}
export declare class Letsencrypt {
leEnv: TLeEnv;
challengeHandler: ChallengeHandler;
sslDir: string;
private _leInstance;
private _leServerUrl;
constructor(optionsArg: ILetsencryptConstructorOptions);
/**
* register a domain
*/
registerDomain(domainNameArg: string): q.Promise<{}>;
private _leCopyToDestination(domainNameArg);
/**
* translates to the format expected by letsencrypt node implementation
*/
private _leChallengeHandler();
}

136
dist/cert.classes.letsencrypt.js vendored Normal file
View File

File diff suppressed because one or more lines are too long

4
dist/cert.paths.d.ts vendored Normal file
View File

@ -0,0 +1,4 @@
export declare let projectDir: string;
export declare let assetDir: string;
export declare let defaultSslDir: string;
export declare let leConfigDir: string;

10
dist/cert.paths.js vendored Normal file
View File

@ -0,0 +1,10 @@
"use strict";
const plugins = require("./cert.plugins");
// dirs
exports.projectDir = plugins.path.join(__dirname, '../');
exports.assetDir = plugins.path.join(exports.projectDir, 'assets');
exports.defaultSslDir = plugins.path.join(exports.assetDir, 'defaultSslDir');
exports.leConfigDir = plugins.path.join(exports.assetDir, 'letsencrypt');
plugins.smartfile.fs.ensureDirSync(exports.leConfigDir);
plugins.smartfile.fs.ensureDirSync(exports.defaultSslDir);
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5wYXRocy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL2NlcnQucGF0aHMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLDBDQUF5QztBQUV6QyxPQUFPO0FBQ0ksUUFBQSxVQUFVLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsU0FBUyxFQUFDLEtBQUssQ0FBQyxDQUFBO0FBQy9DLFFBQUEsUUFBUSxHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFVLEVBQUMsUUFBUSxDQUFDLENBQUE7QUFDakQsUUFBQSxhQUFhLEdBQUcsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsZ0JBQVEsRUFBQyxlQUFlLENBQUMsQ0FBQTtBQUMzRCxRQUFBLFdBQVcsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBUSxFQUFDLGFBQWEsQ0FBQyxDQUFBO0FBQ2xFLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDLGFBQWEsQ0FBQyxtQkFBVyxDQUFDLENBQUE7QUFDL0MsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUMsYUFBYSxDQUFDLHFCQUFhLENBQUMsQ0FBQSJ9

13
dist/cert.plugins.d.ts vendored Normal file
View File

@ -0,0 +1,13 @@
import 'typings-global';
import * as beautylog from 'beautylog';
import * as cflare from 'cflare';
declare let fs: any;
import * as lik from 'lik';
import * as path from 'path';
import * as q from 'q';
import * as shelljs from 'shelljs';
import * as smartcli from 'smartcli';
import * as smartfile from 'smartfile';
import * as smartgit from 'smartgit';
import * as smartstring from 'smartstring';
export { beautylog, cflare, fs, lik, path, q, shelljs, smartcli, smartfile, smartgit, smartstring };

25
dist/cert.plugins.js vendored Normal file
View File

@ -0,0 +1,25 @@
"use strict";
require("typings-global");
const beautylog = require("beautylog");
exports.beautylog = beautylog;
const cflare = require("cflare");
exports.cflare = cflare;
let fs = require('fs-extra');
exports.fs = fs;
const lik = require("lik");
exports.lik = lik;
const path = require("path");
exports.path = path;
const q = require("q");
exports.q = q;
const shelljs = require("shelljs");
exports.shelljs = shelljs;
const smartcli = require("smartcli");
exports.smartcli = smartcli;
const smartfile = require("smartfile");
exports.smartfile = smartfile;
const smartgit = require("smartgit");
exports.smartgit = smartgit;
const smartstring = require("smartstring");
exports.smartstring = smartstring;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2VydC5wbHVnaW5zLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvY2VydC5wbHVnaW5zLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQSwwQkFBdUI7QUFDdkIsdUNBQXNDO0FBYWxDLDhCQUFTO0FBWmIsaUNBQWdDO0FBYTVCLHdCQUFNO0FBWlYsSUFBSSxFQUFFLEdBQUcsT0FBTyxDQUFDLFVBQVUsQ0FBQyxDQUFBO0FBYXhCLGdCQUFFO0FBWk4sMkJBQTBCO0FBYXRCLGtCQUFHO0FBWlAsNkJBQTRCO0FBYXhCLG9CQUFJO0FBWlIsdUJBQXNCO0FBYWxCLGNBQUM7QUFaTCxtQ0FBa0M7QUFhOUIsMEJBQU87QUFaWCxxQ0FBb0M7QUFhaEMsNEJBQVE7QUFaWix1Q0FBc0M7QUFhbEMsOEJBQVM7QUFaYixxQ0FBb0M7QUFhaEMsNEJBQVE7QUFaWiwyQ0FBMEM7QUFhdEMsa0NBQVcifQ==

1
dist/index.d.ts vendored Normal file
View File

@ -0,0 +1 @@
export * from './cert.classes.cert';

6
dist/index.js vendored Normal file
View File

@ -0,0 +1,6 @@
"use strict";
function __export(m) {
for (var p in m) if (!exports.hasOwnProperty(p)) exports[p] = m[p];
}
__export(require("./cert.classes.cert"));
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEseUNBQW1DIn0=

5
npmextra.json Normal file
View File

@ -0,0 +1,5 @@
{
"npmts": {
"mode": "default"
}
}

36
package.json
View File

@ -1,14 +1,17 @@
{ {
"name": "cert", "name": "cert",
"version": "0.0.1", "version": "1.0.8",
"description": "automatic cert generation for coreos clusters", "description": "Easily obain SSL certificates from LetsEncrypt. Supports DNS-01 challenge. TypeScript ready.",
"main": "dist/index.js", "main": "dist/index.js",
"typings": "dist/index.d.ts",
"scripts": { "scripts": {
"test": "(npmts)" "test": "(npm run cleanTest && npmts --nodocs)",
"cleanTest": "(rm -rf ./test/assets)",
"compile": "(npmts --notest)"
}, },
"repository": { "repository": {
"type": "git", "type": "git",
"url": "git+https://github.com/pushrocks/cert.git" "url": "git+https://gitlab.com/pushrocks/cert.git"
}, },
"keywords": [ "keywords": [
"coreos", "coreos",
@ -19,10 +22,29 @@
"author": "Lossless GmbH", "author": "Lossless GmbH",
"license": "MIT", "license": "MIT",
"bugs": { "bugs": {
"url": "https://github.com/pushrocks/cert/issues" "url": "https://gitlab.com/pushrocks/cert/issues"
}, },
"homepage": "https://github.com/pushrocks/cert#readme", "homepage": "https://gitlab.com/pushrocks/cert#readme",
"dependencies": { "dependencies": {
"letsencrypt": "^1.4.4" "@types/minimatch": "2.x.x",
"@types/q": "0.0.32",
"beautylog": "^6.0.0",
"cflare": "0.0.10",
"fs-extra": "^1.0.0",
"lik": "^1.0.27",
"q": "^1.4.1",
"smartacme": "^1.0.2",
"smartcli": "^2.0.1",
"smartfile": "^4.1.1",
"smartgit": "1.0.5",
"smartstring": "^2.0.22",
"typings-global": "^1.0.14"
},
"devDependencies": {
"@types/should": "^8.1.30",
"npmts-g": "^5.2.10",
"qenv": "^1.1.1",
"should": "^11.1.2",
"typings-test": "^1.0.3"
} }
} }

1656
pnpm-lock.yaml generated Normal file
View File

File diff suppressed because it is too large Load Diff

3
qenv.yml Normal file
View File

@ -0,0 +1,3 @@
vars:
- CF_EMAIL
- CF_KEY

1
test/test.d.ts vendored Normal file
View File

@ -0,0 +1 @@
import 'typings-test';

43
test/test.js Normal file
View File

@ -0,0 +1,43 @@
"use strict";
require("typings-test");
const should = require("should");
const qenv_1 = require("qenv");
const path = require("path");
const q = require("q");
const cert = require("../dist/index");
let testQenv = new qenv_1.Qenv(process.cwd(), process.cwd() + '/.nogit');
let testCert;
describe('cert', function () {
describe('Cert', function () {
it('should create a new Cert object from class', function () {
testCert = new cert.Cert({
cfEmail: process.env.CF_EMAIL,
cfKey: process.env.CF_KEY,
sslDirPath: path.join(process.cwd(), 'test/assets'),
gitOriginRepo: 'git@gitlab.com:sandboxzone/sandbox-sslorigin.git',
leEnv: 'staging'
});
should(testCert).be.instanceof(cert.Cert);
});
it('should run class Cert.setup() successful', function (done) {
this.timeout(40000);
testCert.setup().then(() => {
done();
});
});
it('should get a valid certificate', function (done) {
this.timeout(1200000);
let promiseArray = [];
function getRandomArbitrary(min, max) {
return Math.floor(Math.random() * (max - min) + min);
}
promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1, 100000)}.bleu.de`));
// promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1,100000)}.bleu.de`))
// promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1,100000)}.bleu.de`))
q.all(promiseArray).then(() => {
done();
});
});
});
});
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVzdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInRlc3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IjtBQUFBLHdCQUFxQjtBQUNyQixpQ0FBZ0M7QUFDaEMsK0JBQXlCO0FBQ3pCLDZCQUE2QjtBQUM3Qix1QkFBdUI7QUFDdkIsc0NBQXFDO0FBR3JDLElBQUksUUFBUSxHQUFHLElBQUksV0FBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsRUFBRSxPQUFPLENBQUMsR0FBRyxFQUFFLEdBQUcsU0FBUyxDQUFDLENBQUE7QUFFakUsSUFBSSxRQUFtQixDQUFBO0FBRXZCLFFBQVEsQ0FBQyxNQUFNLEVBQUM7SUFDWixRQUFRLENBQUMsTUFBTSxFQUFDO1FBQ1osRUFBRSxDQUFDLDRDQUE0QyxFQUFDO1lBQzVDLFFBQVEsR0FBRyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUM7Z0JBQ3JCLE9BQU8sRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLFFBQVE7Z0JBQzdCLEtBQUssRUFBRSxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU07Z0JBQ3pCLFVBQVUsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLEVBQUUsRUFBQyxhQUFhLENBQUM7Z0JBQ2xELGFBQWEsRUFBRSxrREFBa0Q7Z0JBQ2pFLEtBQUssRUFBRSxTQUFTO2FBQ25CLENBQUMsQ0FBQTtZQUNGLE1BQU0sQ0FBQyxRQUFRLENBQUMsQ0FBQyxFQUFFLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQTtRQUM3QyxDQUFDLENBQUMsQ0FBQTtRQUNGLEVBQUUsQ0FBQywwQ0FBMEMsRUFBRSxVQUFTLElBQUk7WUFDeEQsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQTtZQUNuQixRQUFRLENBQUMsS0FBSyxFQUFFLENBQUMsSUFBSSxDQUFDO2dCQUNsQixJQUFJLEVBQUUsQ0FBQTtZQUNWLENBQUMsQ0FBQyxDQUFBO1FBQ04sQ0FBQyxDQUFDLENBQUE7UUFDRixFQUFFLENBQUMsZ0NBQWdDLEVBQUMsVUFBUyxJQUFJO1lBQzdDLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLENBQUE7WUFDckIsSUFBSSxZQUFZLEdBQUcsRUFBRSxDQUFBO1lBQ3JCLDRCQUE0QixHQUFHLEVBQUUsR0FBRztnQkFDaEMsTUFBTSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUMsSUFBSSxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUMsR0FBRyxHQUFHLEdBQUcsQ0FBQyxHQUFHLEdBQUcsQ0FBQyxDQUFBO1lBQ3hELENBQUM7WUFDRCxZQUFZLENBQUMsSUFBSSxDQUFDLFFBQVEsQ0FBQyxjQUFjLENBQUMsVUFBVSxrQkFBa0IsQ0FBQyxDQUFDLEVBQUMsTUFBTSxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUE7WUFDNUYsK0ZBQStGO1lBQy9GLCtGQUErRjtZQUMvRixDQUFDLENBQUMsR0FBRyxDQUFDLFlBQVksQ0FBQyxDQUFDLElBQUksQ0FBQztnQkFDckIsSUFBSSxFQUFFLENBQUE7WUFDVixDQUFDLENBQUMsQ0FBQTtRQUNOLENBQUMsQ0FBQyxDQUFBO0lBQ04sQ0FBQyxDQUFDLENBQUE7QUFDTixDQUFDLENBQUMsQ0FBQSJ9

45
test/test.ts Normal file
View File

@ -0,0 +1,45 @@
import 'typings-test'
import * as should from 'should'
import {Qenv} from 'qenv'
import path = require('path')
import q = require('q')
import * as cert from '../dist/index'
let testQenv = new Qenv(process.cwd(), process.cwd() + '/.nogit')
let testCert: cert.Cert
describe('cert',function(){
describe('Cert',function(){
it('should create a new Cert object from class',function(){
testCert = new cert.Cert({
cfEmail: process.env.CF_EMAIL,
cfKey: process.env.CF_KEY,
sslDirPath: path.join(process.cwd(),'test/assets'),
gitOriginRepo: 'git@gitlab.com:sandboxzone/sandbox-sslorigin.git',
leEnv: 'staging'
})
should(testCert).be.instanceof(cert.Cert)
})
it('should run class Cert.setup() successful', function(done){
this.timeout(40000)
testCert.setup().then(() => {
done()
})
})
it('should get a valid certificate',function(done){
this.timeout(1200000)
let promiseArray = []
function getRandomArbitrary(min, max) {
return Math.floor(Math.random() * (max - min) + min)
}
promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1,100000)}.bleu.de`))
// promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1,100000)}.bleu.de`))
// promiseArray.push(testCert.addCertificate(`testing${getRandomArbitrary(1,100000)}.bleu.de`))
q.all(promiseArray).then(() => {
done()
})
})
})
})

98
ts/cert.classes.cert.ts Normal file
View File

@ -0,0 +1,98 @@
import * as q from 'q'
import { Stringmap, Objectmap } from 'lik'
import * as plugins from './cert.plugins'
import * as paths from './cert.paths'
// classes
import { Certificate } from './cert.classes.certificate'
import { CertRepo } from './cert.classes.certrepo'
import { Letsencrypt, TLeEnv } from './cert.classes.letsencrypt'
import { ChallengeHandler } from './cert.classes.challengehandler'
export interface ICertConstructorOptions {
cfEmail: string,
cfKey: string,
sslDirPath?: string,
gitOriginRepo?: string,
leEnv?: TLeEnv
}
export class Cert {
domainStringRequestMap = new Stringmap()
certificateMap = new Objectmap<Certificate>()
letsencrypt: Letsencrypt
private _challengeHandler: ChallengeHandler
private _certRepo: CertRepo
/**
* Constructor for Cert object
*/
constructor(optionsArg: ICertConstructorOptions) {
// set up challengehandler
this._challengeHandler = new ChallengeHandler({
cfEmail: optionsArg.cfEmail,
cfKey: optionsArg.cfKey
})
// setup Letsencrypt
this.letsencrypt = new Letsencrypt({
leEnv: optionsArg.leEnv,
sslDir: optionsArg.sslDirPath,
challengeHandler: this._challengeHandler
})
this._certRepo = new CertRepo({
sslDirPath: optionsArg.sslDirPath,
remoteGitUrl: optionsArg.gitOriginRepo,
certInstance: this
})
}
/**
* setup the Cert instanceof
* @executes ASYNC
* @return Promise
*/
setup() {
return this._certRepo.setup()
}
/**
* adds a Certificate for a given domain
*/
addCertificate(domainNameArg: string, optionsArg: { force: boolean } = { force: false }) {
let done = q.defer()
let certificateForDomain = this.certificateMap.find((certificate) => {
return certificate.domainName === domainNameArg
})
if (certificateForDomain instanceof Certificate) {
certificateForDomain.renew()
.then(done.resolve)
} else {
certificateForDomain = new Certificate({
certInstance: this,
domainName: domainNameArg
})
certificateForDomain.renew()
.then(done.resolve)
}
return done.promise
}
/**
* cleans up old certificates
*/
cleanOldCertificates() {
}
/**
* executes the current batch of jobs
*/
deploy() {
}
}

129
ts/cert.classes.certificate.ts Normal file
View File

@ -0,0 +1,129 @@
import * as q from 'q'
import * as plugins from './cert.plugins'
import * as paths from './cert.paths'
// import classes
import { Cert } from './cert.classes.cert'
import { Letsencrypt } from './cert.classes.letsencrypt'
import { CertRepo } from './cert.classes.certrepo'
export interface ICertificateFsConfig {
domainName: string
creationTime: number
expiryTime: number
}
export interface ICertificateConstructorOptions {
domainName: string,
certInstance: Cert
}
export type TCertificateStatus = 'unregistered' | 'valid' | 'expiring' | 'expired'
export class Certificate {
domainName: string
certInstance: Cert
domainData: plugins.smartstring.Domain
creationDate: Date = null
expiryDate: Date = null
publicKey: string = null
privKey: string = null
/**
* run when creating a new instance of Certificate
*/
constructor(optionsArg: ICertificateConstructorOptions) {
this.domainName = optionsArg.domainName
this.domainData = new plugins.smartstring.Domain(this.domainName)
this.certInstance = optionsArg.certInstance
}
/**
* the status of the Certificate
*/
get status(): TCertificateStatus {
let validTimeRemaining: number = 0
if (this.creationDate !== null && this.expiryDate !== null) {
validTimeRemaining = this.expiryDate.getTime() - Date.now()
}
let MonthMilliseconds = 2629746000
if (this.publicKey === null || this.privKey === null) {
return 'unregistered'
} else if (validTimeRemaining >= MonthMilliseconds) {
return 'valid'
} else if (validTimeRemaining < MonthMilliseconds && validTimeRemaining >= 0) {
return 'expiring'
} else {
return 'expired'
}
}
get sameZoneRequesting(): boolean {
return this.certInstance.domainStringRequestMap.checkMinimatch('*' + this.domainData.zoneName)
}
/**
* schedule a retry of certificate request
*/
scheduleRetry() {
let done = plugins.q.defer()
setTimeout(() => {
this.renew()
.then(done.resolve)
}, 60000)
return done.promise
}
/**
* renew certificate if needed
*/
renew(force: boolean = false) {
let done = q.defer()
if (this.status === 'valid') {
plugins.beautylog.log('Certificate still valid for more than 1 month, so it is not renewed now')
done.resolve()
} else if (this.status === 'expiring' || this.status === 'expired' || this.status === 'unregistered') {
plugins.beautylog.info('Certificate not valid currently, going to renew now!')
if (this.sameZoneRequesting) {
this.certInstance.domainStringRequestMap.registerUntilTrue(
() => {
return !this.sameZoneRequesting
},
() => {
this.renew().then(done.resolve)
}
)
} else {
this.certInstance.letsencrypt.registerDomain(this.domainName)
.then(() => {
return this.syncFs()
})
.then(() => {
done.resolve()
}).catch((err) => { console.log(err) })
}
} else {
throw Error(`weird status for certificate with domain name ${this.domainName}`)
}
done.resolve()
return done.promise
}
/**
* syncFs syncs the certificate with disk
*/
syncFs() {
let configJsonMemory: ICertificateFsConfig = {
domainName: this.domainName,
creationTime: this.creationDate.getTime(),
expiryTime: this.expiryDate.getTime()
}
}
/**
* deletes the certificate
*/
delete() { }
}

77
ts/cert.classes.certrepo.ts Normal file
View File

@ -0,0 +1,77 @@
import * as q from 'q'
import { GitRepo } from 'smartgit'
import * as plugins from './cert.plugins'
import * as paths from './cert.paths'
import { Cert } from './cert.classes.cert'
import { Certificate } from './cert.classes.certificate'
export interface ICertRepoConstructorOptions {
sslDirPath: string
remoteGitUrl: string
certInstance: Cert
}
export class CertRepo {
private _sslDirPath: string
private _remoteGitUrl: string
private gitRepo: GitRepo
private _certInstance: Cert
constructor(optionsArg: ICertRepoConstructorOptions) {
this._sslDirPath = optionsArg.sslDirPath
this._remoteGitUrl = optionsArg.remoteGitUrl
this._certInstance = optionsArg.certInstance
// setup sslDir
if (!this._sslDirPath) {
this._sslDirPath = paths.defaultSslDir
}
}
/**
* setup the Cert instance
*/
setup() {
// setup Git
let done = q.defer()
if (this._remoteGitUrl) {
plugins.smartfile.fs.ensureEmptyDirSync(paths.defaultSslDir)
plugins.smartgit.createRepoFromClone(this._remoteGitUrl, paths.defaultSslDir)
.then(gitRepoArg => {
this.gitRepo = gitRepoArg
done.resolve()
})
}
return done.promise
}
/**
* syncs an objectmap of Certificates with repo
*/
syncFs() {
let done = q.defer()
done.resolve()
return done.promise
}
/**
* Pulls already requested certificates from git origin
*/
sslGitOriginPull = () => {
if (this.gitRepo) {
this.gitRepo.pull('origin', 'master')
}
}
/**
* Pushes all new requested certificates to git origin
*/
sslGitOriginAddCommitPush = () => {
if (this._remoteGitUrl) {
this.gitRepo.addAll()
this.gitRepo.commit('added new SSL certificates and deleted obsolete ones.')
this.gitRepo.push('origin', 'master')
}
}
}

84
ts/cert.classes.challengehandler.ts Normal file
View File

@ -0,0 +1,84 @@
import * as plugins from './cert.plugins'
import * as paths from './cert.paths'
export interface IChallengehandlerConstructorOptions {
cfEmail: string,
cfKey: string,
}
/**
* class ChallengeHandler handles challenges
*/
export class ChallengeHandler {
private _cfInstance: plugins.cflare.CflareAccount
constructor(optionsArg: IChallengehandlerConstructorOptions) {
this._cfInstance = new plugins.cflare.CflareAccount()
this._cfInstance.auth({
email: optionsArg.cfEmail,
key: optionsArg.cfKey
})
}
/**
* set a challenge
*/
setChallenge(domainNameArg: string, challengeArg: string) {
let done = plugins.q.defer()
plugins.beautylog.log('setting challenge for ' + domainNameArg)
this._cfInstance.createRecord(prefixName(domainNameArg), 'TXT', challengeArg).then(() => {
plugins.beautylog.ok('Challenge has been set!')
plugins.beautylog.info('We need to cool down to let DNS propagate to edge locations!')
cooldown().then(() => {
done.resolve()
})
})
return done.promise
}
/**
* cleans a challenge
*/
cleanChallenge(domainNameArg) {
let done = plugins.q.defer()
plugins.beautylog.log('cleaning challenge for ' + domainNameArg)
this._cfInstance.removeRecord(prefixName(domainNameArg), 'TXT')
cooldown().then(() => {
done.resolve()
})
return done.promise
}
}
/**
* cooldown timer for letting DNS settle before answering the challengerequest
*/
let cooldown = () => {
let done = plugins.q.defer()
let cooldowntime = 60000
let passedTime = 0
plugins.beautylog.log('Cooling down! ' + (cooldowntime / 1000).toString() + ' seconds left')
let coolDownCounter = () => {
setTimeout(() => {
if (cooldowntime <= passedTime) {
plugins.beautylog.ok('Cooled down!')
done.resolve()
} else {
passedTime = passedTime + 5000
plugins.beautylog.log('Cooling down! '
+ ((cooldowntime - passedTime) / 1000).toString()
+ ' seconds left'
)
coolDownCounter()
}
}, 5000)
}
coolDownCounter()
return done.promise
}
/**
* prefix a domain name to make sure it complies with letsencrypt
*/
let prefixName = (domainNameArg: string): string => {
return '_acme-challenge.' + domainNameArg
}

48
ts/cert.classes.letsencrypt.ts Normal file
View File

@ -0,0 +1,48 @@
import * as q from 'q'
let letsencrypt = require('letsencrypt')
let leStore = require('le-store-certbot')
import * as plugins from './cert.plugins'
import * as paths from './cert.paths'
import { ChallengeHandler } from './cert.classes.challengehandler'
export type TLeEnv = 'production' | 'staging'
export interface ILetsencryptConstructorOptions {
leEnv: TLeEnv,
challengeHandler: ChallengeHandler,
sslDir: string
}
export class Letsencrypt {
leEnv: TLeEnv
challengeHandler: ChallengeHandler // this is the format we use
sslDir: string
private _leServerUrl: string
constructor(optionsArg: ILetsencryptConstructorOptions) {
// determine leEnv
this.leEnv = optionsArg.leEnv
this.challengeHandler = optionsArg.challengeHandler
this.sslDir = optionsArg.sslDir
// set letsencrypt environment
if (this.leEnv === 'production') {
this._leServerUrl = letsencrypt.productionServerUrl
} else if (this.leEnv === 'staging') {
this._leServerUrl = letsencrypt.stagingServerUrl
}
}
/**
* register a domain
*/
registerDomain(domainNameArg: string) {
plugins.beautylog.log(`trying to register domain ${domainNameArg}`)
let done = q.defer()
plugins.smartfile.fs.ensureDirSync(plugins.path.join(paths.leConfigDir, 'live', domainNameArg))
return done.promise
}
}

9
ts/cert.paths.ts Normal file
View File

@ -0,0 +1,9 @@
import * as plugins from './cert.plugins'
// dirs
export let projectDir = plugins.path.join(__dirname,'../')
export let assetDir = plugins.path.join(projectDir,'assets')
export let defaultSslDir = plugins.path.join(assetDir,'defaultSslDir')
export let leConfigDir = plugins.path.join(assetDir,'letsencrypt')
plugins.smartfile.fs.ensureDirSync(leConfigDir)
plugins.smartfile.fs.ensureDirSync(defaultSslDir)

26
ts/cert.plugins.ts Normal file
View File

@ -0,0 +1,26 @@
import 'typings-global'
import * as beautylog from 'beautylog'
import * as cflare from 'cflare'
let fs = require('fs-extra')
import * as lik from 'lik'
import * as path from 'path'
import * as q from 'q'
import * as shelljs from 'shelljs'
import * as smartcli from 'smartcli'
import * as smartfile from 'smartfile'
import * as smartgit from 'smartgit'
import * as smartstring from 'smartstring'
export {
beautylog,
cflare,
fs,
lik,
path,
q,
shelljs,
smartcli,
smartfile,
smartgit,
smartstring
}

0
ts/hook.ts
View File

1
ts/index.ts
View File

@ -0,0 +1 @@
export * from './cert.classes.cert'

0
ts/install.ts
View File

3
ts/temp Normal file
View File

@ -0,0 +1,3 @@
helpers.updateSslDirSync(this._sslDir, domainNameArg)
helpers.scheduleRetry(domainNameArg, this).then(done.resolve)
this.domainCertRequestMap.removeString(domainNameArg)