mirror of
https://github.com/yusing/godoxy.git
synced 2026-01-11 21:10:30 +01:00
2835fd5fb0
Extra providers were not being properly initialized during NewProvider(), causing certificate registration and renewal scheduling to be skipped. - Add ConfigExtra type with idx field for provider indexing - Add MergeExtraConfig() for inheriting main provider settings - Add setupExtraProviders() for recursive extra provider initialization - Refactor NewProvider to return error and call setupExtraProviders() - Add provider-scoped logger with "main" or "extra[N]" name - Add batch operations: ObtainCertIfNotExistsAll(), ObtainCertAll() - Add ForceExpiryAll() with completion tracking via WaitRenewalDone() - Add RenewMode (force/ifNeeded) for controlling renewal behavior - Add PrintCertExpiriesAll() for logging all provider certificate expiries Summary of staged changes: - config.go: Added ConfigExtra type, MergeExtraConfig(), recursive validation with path uniqueness checking - provider.go: Added provider indexing, scoped logger, batch cert operations, force renewal with completion tracking, RenewMode control - setup.go: New file with setupExtraProviders() for proper extra provider initialization - setup_test.go: New tests for extra provider setup - multi_cert_test.go: New tests for multi-certificate functionality - renew.go: Updated to use new provider API with error handling - state.go: Updated to handle NewProvider error return
72 lines
1.6 KiB
Go
72 lines
1.6 KiB
Go
package certapi
|
|
|
|
import (
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/rs/zerolog/log"
|
|
"github.com/yusing/godoxy/internal/autocert"
|
|
"github.com/yusing/godoxy/internal/logging/memlogger"
|
|
apitypes "github.com/yusing/goutils/apitypes"
|
|
"github.com/yusing/goutils/http/websocket"
|
|
)
|
|
|
|
// @x-id "renew"
|
|
// @BasePath /api/v1
|
|
// @Summary Renew cert
|
|
// @Description Renew cert
|
|
// @Tags cert,websocket
|
|
// @Produce plain
|
|
// @Success 200 {object} apitypes.SuccessResponse
|
|
// @Failure 403 {object} apitypes.ErrorResponse
|
|
// @Failure 500 {object} apitypes.ErrorResponse
|
|
// @Router /cert/renew [get]
|
|
func Renew(c *gin.Context) {
|
|
autocert := autocert.ActiveProvider.Load()
|
|
if autocert == nil {
|
|
c.JSON(http.StatusNotFound, apitypes.Error("autocert is not enabled"))
|
|
return
|
|
}
|
|
|
|
manager, err := websocket.NewManagerWithUpgrade(c)
|
|
if err != nil {
|
|
c.Error(apitypes.InternalServerError(err, "failed to create websocket manager"))
|
|
return
|
|
}
|
|
defer manager.Close()
|
|
|
|
logs, cancel := memlogger.Events()
|
|
defer cancel()
|
|
|
|
go func() {
|
|
// Stream logs until WebSocket connection closes (renewal runs in background)
|
|
for {
|
|
select {
|
|
case <-manager.Context().Done():
|
|
return
|
|
case l := <-logs:
|
|
if err != nil {
|
|
return
|
|
}
|
|
|
|
err = manager.WriteData(websocket.TextMessage, l, 10*time.Second)
|
|
if err != nil {
|
|
return
|
|
}
|
|
}
|
|
}
|
|
}()
|
|
|
|
// renewal happens in background
|
|
ok := autocert.ForceExpiryAll()
|
|
if !ok {
|
|
log.Error().Msg("cert renewal already in progress")
|
|
time.Sleep(1 * time.Second) // wait for the log above to be sent
|
|
return
|
|
}
|
|
log.Info().Msg("cert force renewal requested")
|
|
|
|
autocert.WaitRenewalDone(manager.Context())
|
|
}
|