Mirror
/
acmed
mirror of https://github.com/breard-r/acmed.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Renew certificates in parallel

pull/5/head
Rodolphe Breard 6 years ago
parent
08c9410028
commit
1cffa14c20
4 changed files with 46 additions and 31 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      CHANGELOG.md
  2. 2
      acmed/src/certificate.rs
  3. 2
      acmed/src/main.rs
  4. 72
      acmed/src/main_event_loop.rs

1
CHANGELOG.md
View File

@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- In hooks, the `stdin_str` has been added in replacement of the previous `stdin` behavior.
### Changed
- Certificates are renewed in parallel.
- Hooks are now cleaned right after the current challenge has been validated instead of after the certificate's retrieval.
- In hooks, the `stdin` field now refers to the path of the file that should be written into the hook's standard input.
- The logging format has been re-written.

2
acmed/src/certificate.rs
View File

@ -41,7 +41,7 @@ impl fmt::Display for Algorithm {
}
}
#[derive(Debug)]
#[derive(Clone, Debug)]
pub struct Certificate {
pub account: Account,
pub domains: Vec<Domain>,

2
acmed/src/main.rs
View File

@ -119,7 +119,7 @@ fn main() {
);
let config_file = matches.value_of("config").unwrap_or(DEFAULT_CONFIG_FILE);
let mut srv = match MainEventLoop::new(&config_file, &root_certs) {
let srv = match MainEventLoop::new(&config_file, &root_certs) {
Ok(s) => s,
Err(e) => {
error!("{}", e);

72
acmed/src/main_event_loop.rs
View File

@ -5,6 +5,24 @@ use acme_common::error::Error;
use std::thread;
use std::time::Duration;
fn renew_certificate(crt: &Certificate, root_certs: &[String]) {
let (status, is_success) = match request_certificate(crt, root_certs) {
Ok(_) => ("Success.".to_string(), true),
Err(e) => {
let e = e.prefix("Unable to renew the certificate");
crt.warn(&e.message);
(e.message, false)
}
};
match crt.call_post_operation_hooks(&status, is_success) {
Ok(_) => {}
Err(e) => {
let e = e.prefix("Post-operation hook error");
crt.warn(&e.message);
}
};
}
pub struct MainEventLoop {
certs: Vec<Certificate>,
root_certs: Vec<String>,
@ -46,37 +64,33 @@ impl MainEventLoop {
})
}
pub fn run(&mut self) {
pub fn run(&self) {
loop {
for crt in self.certs.iter_mut() {
match crt.should_renew() {
Ok(sr) => {
if sr {
let (status, is_success) =
match request_certificate(crt, &self.root_certs) {
Ok(_) => ("Success.".to_string(), true),
Err(e) => {
let e = e.prefix("Unable to renew the certificate");
crt.warn(&e.message);
(e.message, false)
}
};
match crt.call_post_operation_hooks(&status, is_success) {
Ok(_) => {}
Err(e) => {
let e = e.prefix("Post-operation hook error");
crt.warn(&e.message);
}
};
}
}
Err(e) => {
crt.warn(&e.message);
}
};
}
self.renew_certificates();
thread::sleep(Duration::from_secs(crate::DEFAULT_SLEEP_TIME));
}
}
fn renew_certificates(&self) {
let mut handles = vec![];
for crt in self.certs.iter() {
match crt.should_renew() {
Ok(true) => {
let root_certs = self.root_certs.clone();
let cert = (*crt).clone();
let handler = thread::spawn(move || {
renew_certificate(&cert, &root_certs);
});
handles.push(handler);
}
Ok(false) => {}
Err(e) => {
crt.warn(&e.message);
}
};
}
for handler in handles {
let _ = handler.join();
}
}
}
Write Preview
Loading…
Cancel
Save