From 417952fae44246b842e36e26960f3cfea6be76b5 Mon Sep 17 00:00:00 2001
From: Manager Bot <manager@myjekyllblog.net>
Date: Mon, 7 Nov 2022 19:57:17 +0000
Subject: [PATCH] Better docs and cleanup.

---
 Web/lib/MJB/Web/Task/CreateSSLCert.pm | 13 ++++++++++++-
 Web/lib/MJB/Web/Task/SyncSSLCerts.pm  | 13 ++++++++++++-
 Web/lib/MJB/Web/Task/WildCardSSL.pm   | 13 ++++++++++++-
 3 files changed, 36 insertions(+), 3 deletions(-)

diff --git a/Web/lib/MJB/Web/Task/CreateSSLCert.pm b/Web/lib/MJB/Web/Task/CreateSSLCert.pm
index 7890786..ec2bc95 100644
--- a/Web/lib/MJB/Web/Task/CreateSSLCert.pm
+++ b/Web/lib/MJB/Web/Task/CreateSSLCert.pm
@@ -2,8 +2,15 @@ package MJB::Web::Task::CreateSSLCert;
 use Mojo::Base 'MJB::Web::Task', -signatures;
 use IPC::Run3;
 
+#==
+# This task creates SSL certificates on the certbot server, and then syncs them
+# with the webservers.
+#
+# Certs are created with HTTP challenges.
+#== 
+
 sub run ( $job, $blog_id ) {
-    $job->note( _mds_template => 'build_static' );
+    $job->note( _mds_template => 'create_ssl_cert' );
 
     my $blog      = $job->app->db->blog( $blog_id );
 
@@ -12,10 +19,14 @@ sub run ( $job, $blog_id ) {
         qw(sudo certbot certonly --standalone -d), $blog->domain->name, qw(--agree-tos --register-unsafely-without-email)
     ]);
     
+    $job->note( is_create_done => 1 );
+    
     # Push the SSL Certs to all hosts
     my $result_sync = $job->system_command( [
         qw(sudo letsencrypt-cert-push)
     ]);
+    
+    $job->note( is_sync_done => 1 );
 
     $job->finish();
 }
diff --git a/Web/lib/MJB/Web/Task/SyncSSLCerts.pm b/Web/lib/MJB/Web/Task/SyncSSLCerts.pm
index feddf12..df0d7bc 100644
--- a/Web/lib/MJB/Web/Task/SyncSSLCerts.pm
+++ b/Web/lib/MJB/Web/Task/SyncSSLCerts.pm
@@ -2,12 +2,23 @@ package MJB::Web::Task::SyncSSLCerts;
 use Mojo::Base 'MJB::Web::Task', -signatures;
 use IPC::Run3;
 
+#==
+# This task pushes all of the let's encrypt ssl certs from certbot to
+# the webservers.  It can be used after certificates have been renewed
+# to ensure they are on the webservers.
+#
+# It should be in the certbot queue.
+#==
+
 sub run ( $job ) {
-    $job->note( _mds_template => 'build_static' );
+    $job->note( _mds_template => 'sync_ssl_certs' );
 
     # Push the SSL Certificates
     my $result = $job->system_command( [ 'sudo', 'letsencrypt-cert-push' ] );
 
+    $job->note( is_sync_done => 1 );
+    
+
     $job->finish();
 }
 
diff --git a/Web/lib/MJB/Web/Task/WildCardSSL.pm b/Web/lib/MJB/Web/Task/WildCardSSL.pm
index 828b5de..19d80d3 100644
--- a/Web/lib/MJB/Web/Task/WildCardSSL.pm
+++ b/Web/lib/MJB/Web/Task/WildCardSSL.pm
@@ -2,8 +2,15 @@ package MJB::Web::Task::WildCardSSL;
 use Mojo::Base 'MJB::Web::Task', -signatures;
 use IPC::Run3;
 
+#==
+# This task creates a wildcard ssl certificate for a hosted domain.
+#
+# It is currently limited to supporting only linode for dns challenges, but should be
+# easy to expand to support other --dns- plugins.
+#== 
+
 sub run ( $job, $hosted_domain_id ) {
-    $job->note( _mds_template => 'build_static' );
+    $job->note( _mds_template => 'wildcard_ssl' );
 
     my $domain = $job->app->db->hosted_domain( $hosted_domain_id );
 
@@ -12,10 +19,14 @@ sub run ( $job, $hosted_domain_id ) {
         qw(sudo certbot certonly --dns-linode --dns-linode-credentials /etc/letsencrypt/.secrets/linode.ini -d ), '*.' . $domain->name, qw(--agree-tos --register-unsafely-without-email)
     ]);
     
+    $job->note( is_create_done => 1 );
+    
     # Push the SSL Certs to all hosts
     my $result_sync = $job->system_command( [
         qw(sudo letsencrypt-cert-push)
     ]);
+    
+    $job->note( is_sync_done => 1 );
 
     $job->finish();
 }