Fix acme renew panic
Signed-off-by: Emile Vauge <emile@vauge.com>
This commit is contained in:
parent
733cbb5304
commit
af41c79798
1 changed files with 17 additions and 2 deletions
19
acme/acme.go
19
acme/acme.go
|
@ -142,6 +142,22 @@ type DomainsCertificate struct {
|
||||||
tlsCert *tls.Certificate
|
tlsCert *tls.Certificate
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (dc *DomainsCertificate) needRenew() bool {
|
||||||
|
for _, c := range dc.tlsCert.Certificate {
|
||||||
|
crt, err := x509.ParseCertificate(c)
|
||||||
|
if err != nil {
|
||||||
|
// If there's an error, we assume the cert is broken, and needs update
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
// <= 7 days left, renew certificate
|
||||||
|
if crt.NotAfter.Before(time.Now().Add(time.Duration(24 * 7 * time.Hour))) {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
// ACME allows to connect to lets encrypt and retrieve certs
|
// ACME allows to connect to lets encrypt and retrieve certs
|
||||||
type ACME struct {
|
type ACME struct {
|
||||||
Email string
|
Email string
|
||||||
|
@ -289,8 +305,7 @@ func (a *ACME) retrieveCertificates(client *acme.Client, account *Account) {
|
||||||
|
|
||||||
func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
|
func (a *ACME) renewCertificates(client *acme.Client, account *Account) error {
|
||||||
for _, certificateResource := range account.DomainsCertificate.Certs {
|
for _, certificateResource := range account.DomainsCertificate.Certs {
|
||||||
// <= 7 days left, renew certificate
|
if certificateResource.needRenew() {
|
||||||
if certificateResource.tlsCert.Leaf.NotAfter.Before(time.Now().Add(time.Duration(24 * 7 * time.Hour))) {
|
|
||||||
log.Debugf("Renewing certificate %+v", certificateResource.Domains)
|
log.Debugf("Renewing certificate %+v", certificateResource.Domains)
|
||||||
renewedCert, err := client.RenewCertificate(acme.CertificateResource{
|
renewedCert, err := client.RenewCertificate(acme.CertificateResource{
|
||||||
Domain: certificateResource.Certificate.Domain,
|
Domain: certificateResource.Certificate.Domain,
|
||||||
|
|
Loading…
Reference in a new issue