示例#1
0
 def setUp(self):
     self.domain_name = "example.com"
     self.domain_dns_value = "mock-domain_dns_value"
     self.route53_key_id = "mock-key-id"
     self.route53_key_secret = "mock-key-secret"
     self.dns_class = sewer.Route53Dns(self.route53_key_id,
                                       self.route53_key_secret)
示例#2
0
def request_certificate(conf):
    dns_class = sewer.Route53Dns()
    # https://github.com/komuw/sewer/blob/43c3c8efae36489939d93096579ec54e941f67c7/sewer/client.py
    # 1. to create a new certificate:
    # Increase ACME_AUTH_STATUS_MAX_CHECKS for a timeout of about 60s.
    client = sewer.Client(domain_name=conf['domain'],
                          domain_alt_names=conf['domain_alt_names'],
                          contact_email=conf['contact_email'],
                          dns_class=dns_class,
                          account_key=load_from_s3(conf, "account.key.rsa"),
                          ACME_AUTH_STATUS_MAX_CHECKS=8)
    if is_new(conf):
        print('requesting new certificate')
        certificate = client.cert()
    else:
        print('renewing existing certificate')
        certificate = client.renew()

    # will need to switch apache to not use chain or extract it per this issue
    certificate_key = client.certificate_key
    #https://github.com/komuw/sewer/issues/97 to get chain
    # openssl x509 -in some_certificate_and_chain.crt -text -noout
    account_key = client.account_key
    print("your certificate is:", certificate)
    #print("your certificate's key is:", certificate_key)
    #print("your letsencrypt.org account key is:", account_key)
    save_certificates_to_s3(conf, certificate, certificate_key, account_key)
示例#3
0
 def test_user_given_credential(self, mock_client):
     dns_class = sewer.Route53Dns("mock-key", "mock-secret")
     mock_client.assert_called_once_with(
         "route53",
         aws_access_key_id="mock-key",
         aws_secret_access_key="mock-secret",
         config=dns_class.aws_config,
     )
示例#4
0
    def test_route53_delete_record(self, mock_client):
        dns_class = sewer.Route53Dns()
        # mock list zones paginator response
        mock_client.return_value.get_paginator.return_value.paginate.return_value = (
            self.mocked_find_zone_response())
        mock_client.return_value.change_resource_record_sets.return_value = (
            self.mocked_route53_set_record_response())

        dns_class.create_dns_record(self.domain_name, self.domain_dns_value)
        dns_class.delete_dns_record(self.domain_name, self.domain_dns_value)

        mock_client.mock_calls[4].assert_called_once_with(
            HostedZoneId="mocked-id",
            ChangeBatch=self.make_change_batch("DELETE", self.domain_name,
                                               self.domain_dns_value),
        )
示例#5
0
 def test_user_not_given_credential(self, mock_client):
     dns_class = sewer.Route53Dns()
     mock_client.assert_called_once_with("route53",
                                         config=dns_class.aws_config)