mirror of
https://github.com/yusing/godoxy.git
synced 2026-04-20 07:21:26 +02:00
fix(autocert): ensure extra certificate registration and renewal scheduling
Extra providers were not being properly initialized during NewProvider(), causing certificate registration and renewal scheduling to be skipped. - Add ConfigExtra type with idx field for provider indexing - Add MergeExtraConfig() for inheriting main provider settings - Add setupExtraProviders() for recursive extra provider initialization - Refactor NewProvider to return error and call setupExtraProviders() - Add provider-scoped logger with "main" or "extra[N]" name - Add batch operations: ObtainCertIfNotExistsAll(), ObtainCertAll() - Add ForceExpiryAll() with completion tracking via WaitRenewalDone() - Add RenewMode (force/ifNeeded) for controlling renewal behavior - Add PrintCertExpiriesAll() for logging all provider certificate expiries Summary of staged changes: - config.go: Added ConfigExtra type, MergeExtraConfig(), recursive validation with path uniqueness checking - provider.go: Added provider indexing, scoped logger, batch cert operations, force renewal with completion tracking, RenewMode control - setup.go: New file with setupExtraProviders() for proper extra provider initialization - setup_test.go: New tests for extra provider setup - multi_cert_test.go: New tests for multi-certificate functionality - renew.go: Updated to use new provider API with error handling - state.go: Updated to handle NewProvider error return
This commit is contained in:
yusing
@@ -1,101 +1,30 @@
|
||||
package autocert
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"github.com/rs/zerolog/log"
|
||||
gperr "github.com/yusing/goutils/errs"
|
||||
strutils "github.com/yusing/goutils/strings"
|
||||
)
|
||||
|
||||
func (p *Provider) Setup() (err error) {
|
||||
if err = p.LoadCert(); err != nil {
|
||||
if !errors.Is(err, os.ErrNotExist) { // ignore if cert doesn't exist
|
||||
return err
|
||||
}
|
||||
log.Debug().Msg("obtaining cert due to error loading cert")
|
||||
if err = p.ObtainCert(); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
if err = p.setupExtraProviders(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
for _, expiry := range p.GetExpiries() {
|
||||
log.Info().Msg("certificate expire on " + strutils.FormatTime(expiry))
|
||||
break
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *Provider) setupExtraProviders() error {
|
||||
p.extraProviders = nil
|
||||
func (p *Provider) setupExtraProviders() gperr.Error {
|
||||
p.sniMatcher = sniMatcher{}
|
||||
if len(p.cfg.Extra) == 0 {
|
||||
p.rebuildSNIMatcher()
|
||||
return nil
|
||||
}
|
||||
|
||||
for i := range p.cfg.Extra {
|
||||
merged := mergeExtraConfig(p.cfg, &p.cfg.Extra[i])
|
||||
user, legoCfg, err := merged.GetLegoConfig()
|
||||
p.extraProviders = make([]*Provider, 0, len(p.cfg.Extra))
|
||||
|
||||
errs := gperr.NewBuilder("setup extra providers error")
|
||||
for _, extra := range p.cfg.Extra {
|
||||
user, legoCfg, err := extra.AsConfig().GetLegoConfig()
|
||||
if err != nil {
|
||||
return err.Subjectf("extra[%d]", i)
|
||||
errs.Add(p.fmtError(err))
|
||||
continue
|
||||
}
|
||||
ep := NewProvider(&merged, user, legoCfg)
|
||||
if err := ep.Setup(); err != nil {
|
||||
return gperr.PrependSubject(fmt.Sprintf("extra[%d]", i), err)
|
||||
ep, err := NewProvider(extra.AsConfig(), user, legoCfg)
|
||||
if err != nil {
|
||||
errs.Add(p.fmtError(err))
|
||||
continue
|
||||
}
|
||||
p.extraProviders = append(p.extraProviders, ep)
|
||||
}
|
||||
p.rebuildSNIMatcher()
|
||||
return nil
|
||||
}
|
||||
|
||||
func mergeExtraConfig(mainCfg *Config, extraCfg *Config) Config {
|
||||
merged := *mainCfg
|
||||
merged.Extra = nil
|
||||
merged.CertPath = extraCfg.CertPath
|
||||
merged.KeyPath = extraCfg.KeyPath
|
||||
|
||||
if merged.Email == "" {
|
||||
merged.Email = mainCfg.Email
|
||||
}
|
||||
|
||||
if len(extraCfg.Domains) > 0 {
|
||||
merged.Domains = extraCfg.Domains
|
||||
}
|
||||
if extraCfg.ACMEKeyPath != "" {
|
||||
merged.ACMEKeyPath = extraCfg.ACMEKeyPath
|
||||
}
|
||||
if extraCfg.Provider != "" {
|
||||
merged.Provider = extraCfg.Provider
|
||||
}
|
||||
if len(extraCfg.Options) > 0 {
|
||||
merged.Options = extraCfg.Options
|
||||
}
|
||||
if len(extraCfg.Resolvers) > 0 {
|
||||
merged.Resolvers = extraCfg.Resolvers
|
||||
}
|
||||
if extraCfg.CADirURL != "" {
|
||||
merged.CADirURL = extraCfg.CADirURL
|
||||
}
|
||||
if len(extraCfg.CACerts) > 0 {
|
||||
merged.CACerts = extraCfg.CACerts
|
||||
}
|
||||
if extraCfg.EABKid != "" {
|
||||
merged.EABKid = extraCfg.EABKid
|
||||
}
|
||||
if extraCfg.EABHmac != "" {
|
||||
merged.EABHmac = extraCfg.EABHmac
|
||||
}
|
||||
if extraCfg.HTTPClient != nil {
|
||||
merged.HTTPClient = extraCfg.HTTPClient
|
||||
}
|
||||
return merged
|
||||
return errs.Error()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user