Module: Bullion

Extended by:
Dry::Configurable
Defined in:
lib/bullion.rb,
lib/bullion/service.rb,
lib/bullion/version.rb,
lib/bullion/acme/error.rb,
lib/bullion/helpers/ssl.rb,
lib/bullion/services/ca.rb,
lib/bullion/helpers/acme.rb,
lib/bullion/models/nonce.rb,
lib/bullion/models/order.rb,
lib/bullion/services/ping.rb,
lib/bullion/models/account.rb,
lib/bullion/helpers/service.rb,
lib/bullion/challenge_client.rb,
lib/bullion/models/challenge.rb,
lib/bullion/models/certificate.rb,
lib/bullion/models/authorization.rb,
lib/bullion/challenge_clients/dns.rb,
lib/bullion/challenge_clients/http.rb,
lib/bullion/rspec/challenge_clients/dns.rb,
lib/bullion/rspec/challenge_clients/http.rb

Overview

The top-level module for Bullion

Defined Under Namespace

Modules: Acme, ChallengeClients, Helpers, Models, RSpec, Services Classes: ChallengeClient, ConfigError, Error, Service

Constant Summary collapse

LOGGER =

Set up logging

Logger.new($stdout)
MetricsRegistry =
Prometheus::Client.registry
VERSION =
[
  0, # major
  7, # minor
  3 # patch
].join(".")

Class Method Summary collapse

Class Method Details

.ca_certObject



77
78
79
# File 'lib/bullion.rb', line 77

def self.ca_cert
  @ca_cert ||= OpenSSL::X509::Certificate.new(ca_cert_file)
end

.ca_cert_fileObject



73
74
75
# File 'lib/bullion.rb', line 73

def self.ca_cert_file
  @ca_cert_file ||= File.read(config.ca.cert_path)
end

.ca_keyObject



69
70
71
# File 'lib/bullion.rb', line 69

def self.ca_key
  @ca_key ||= OpenSSL::PKey::RSA.new(File.read(config.ca.key_path), config.ca.secret)
end

.rotate_keys!Object



81
82
83
84
85
86
87
# File 'lib/bullion.rb', line 81

def self.rotate_keys!
  @ca_key = nil
  @ca_cert = nil
  ca_key
  ca_cert
  true
end

.validate_config!Object

Ensures configuration settings are valid



91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
# File 'lib/bullion.rb', line 91

def self.validate_config! # rubocop:disable Metrics/AbcSize
  raise ConfigError, "Invalid Key Passphrase" unless config.ca.secret.is_a?(String)

  unless File.readable?(config.ca.key_path)
    raise ConfigError,
          "Invalid Key Path: #{config.ca.key_path}"
  end
  unless File.readable?(config.ca.cert_path)
    raise ConfigError,
          "Invalid Cert Path: #{config.ca.cert_path}"
  end
  if 60 * 60 * 24 * 397 < config.ca.cert_validity_duration
    raise ConfigError,
          "Cert Validity Too Long"
  end
  if 60 * 60 * 24 * 2 > config.ca.cert_validity_duration
    raise ConfigError,
          "Cert Validity Too Short"
  end
  raise ConfigError, "Missing DATABASE_URL" unless config.db_url
end