1. 25 Jun, 2019 1 commit
  2. 06 Jun, 2019 1 commit
    • Vladimir Shushlin's avatar
      Add pages domains acme orders · c3338c92
      Vladimir Shushlin authored
      Extract acme double to helper
      Create ACME challanges for pages domains
      * Create order & challange through API
      * save them to database
      * request challenge validation
      We're saving order and challenge as one entity,
      that wouldn't be correct if we would order certificates for
      several domains simultaneously, but we always order certificate
      per domain
      Add controller for processing acme challenges redirected from pages
      Don't save acme challenge url - we don't use it
      Validate acme challenge attributes
      Encrypt private_key in acme orders
  3. 31 May, 2019 1 commit
    • Vladimir Shushlin's avatar
      Generate lets_encrypt_private_key on the fly · 39e21fb2
      Vladimir Shushlin authored
      Remove migration generating lets encrypt key
      Don't generate private_key if database is readonly
      For reference:
      This reverts commit 988a7f70489b99383b95e9f271a2caf6bb5b3a44.
      This reverts commit 21acbe531592d55caf0e5b8716a3b551dafd6233.
  4. 28 May, 2019 1 commit
    • Vladimir Shushlin's avatar
      Store Let's Encrypt private key in settings · 4687ff7c
      Vladimir Shushlin authored
      Storing this key in secrets.yml was a bad idea,
      it would require users using HA setups to manually
      replicate secrets across nodes during update,
      it also needed support from omnibus package
      * Revert "Generate Let's Encrypt private key"
        This reverts commit 444959bf.
      * Add Let's Encrypt private key to settings
        as encrypted attribute
      * Generate Let's Encrypt private key
        in database migration
  5. 16 May, 2019 1 commit
    • Vladimir Shushlin's avatar
      Add Let's Encrypt client · 3c33724e
      Vladimir Shushlin authored
      Part of adding Let's Encrypt certificates for pages domains
      Add acme-client gem
      Client is being initialized by private key stored in secrets.yml
      Let's Encrypt account is being created lazily.
      If it's already created, Acme::Client just gets account_kid by
      calling new_account method
      Make Let's Encrypt client an instance
      Wrap order and challenge classes