Module: Bullion

Extended by:

Dry::Configurable

Defined in:

lib/bullion.rb,
lib/bullion/service.rb,
lib/bullion/version.rb,
lib/bullion/acme/error.rb,
lib/bullion/helpers/ssl.rb,
lib/bullion/services/ca.rb,
lib/bullion/helpers/acme.rb,
lib/bullion/models/nonce.rb,
lib/bullion/models/order.rb,
lib/bullion/services/ping.rb,
lib/bullion/models/account.rb,
lib/bullion/helpers/service.rb,
lib/bullion/challenge_client.rb,
lib/bullion/models/challenge.rb,
lib/bullion/models/order_csr.rb,
lib/bullion/models/certificate.rb,
lib/bullion/models/authorization.rb,
lib/bullion/challenge_clients/dns.rb,
lib/bullion/challenge_clients/http.rb,
lib/bullion/rspec/challenge_clients/dns.rb,
lib/bullion/rspec/challenge_clients/http.rb

Overview

The top-level module for Bullion

Defined Under Namespace

Modules: Acme, ChallengeClients, Helpers, Models, RSpec, Services Classes: ChallengeClient, ConfigError, Error, Service

Constant Summary

LOGGER =

Set up logging

Logger.new($stdout)

MetricsRegistry =

Prometheus::Client.registry

VERSION =

"0.9.0"

Class Method Summary

• .ca_cert ⇒ Object
• .ca_cert_file ⇒ Object
• .ca_key ⇒ Object
• .rotate_keys! ⇒ Object

  rubocop:disable Naming/PredicateMethod.

• .validate_config! ⇒ Object

  Ensures configuration settings are valid.

Class Method Details

.ca_cert ⇒ Object

# File 'lib/bullion.rb', line 78

def self.ca_cert
  @ca_cert ||= OpenSSL::X509::Certificate.new(ca_cert_file)
end

.ca_cert_file ⇒ Object

# File 'lib/bullion.rb', line 74

def self.ca_cert_file
  @ca_cert_file ||= File.read(config.ca.cert_path)
end

.ca_key ⇒ Object

# File 'lib/bullion.rb', line 70

def self.ca_key
  @ca_key ||= OpenSSL::PKey::RSA.new(File.read(config.ca.key_path), config.ca.secret)
end

.rotate_keys! ⇒ Object

rubocop:disable Naming/PredicateMethod

# File 'lib/bullion.rb', line 82

def self.rotate_keys! # rubocop:disable Naming/PredicateMethod
  @ca_key = nil
  @ca_cert = nil
  ca_key
  ca_cert
  true
end

.validate_config! ⇒ Object

Ensures configuration settings are valid

Raises:

• (ConfigError)

See Also:

• https://support.apple.com/en-us/HT211025

# File 'lib/bullion.rb', line 92

def self.validate_config! # rubocop:disable Metrics/AbcSize
  raise ConfigError, "Invalid Key Passphrase" unless config.ca.secret.is_a?(String)

  unless File.readable?(config.ca.key_path)
    raise ConfigError,
          "Invalid Key Path: #{config.ca.key_path}"
  end
  unless File.readable?(config.ca.cert_path)
    raise ConfigError,
          "Invalid Cert Path: #{config.ca.cert_path}"
  end
  if 60 * 60 * 24 * 397 < config.ca.cert_validity_duration
    raise ConfigError,
          "Cert Validity Too Long"
  end
  if 60 * 60 * 24 * 2 > config.ca.cert_validity_duration
    raise ConfigError,
          "Cert Validity Too Short"
  end
  raise ConfigError, "Missing DATABASE_URL" unless config.db_url
end