|
|
|
@ -187,7 +187,7 @@ impl ManagerImpl { |
|
|
|
|
task_stack.push_spawn(|canceller| { |
|
|
|
|
let manager = manager.clone(); |
|
|
|
|
async move { |
|
|
|
|
manager.sync_all_domains(canceller).await; |
|
|
|
|
manager.sync_all_domains_job(canceller).await; |
|
|
|
|
Ok(()) |
|
|
|
|
} |
|
|
|
|
}); |
|
|
|
@ -204,7 +204,7 @@ impl ManagerImpl { |
|
|
|
|
self.origin_store.sync(origin_descr) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
async fn sync_domain_certs(&self, domain: &domain::Name) -> unexpected::Result<()> { |
|
|
|
|
fn sync_domain_gemini_cert(&self, domain: &domain::Name) -> unexpected::Result<()> { |
|
|
|
|
if let Some(ref gemini_store) = self.gemini_store { |
|
|
|
|
log::info!("Syncing gemini certificate for domain {domain}"); |
|
|
|
|
if let Some(_) = gemini_store.get_certificate(domain).or_unexpected()? { |
|
|
|
@ -218,7 +218,10 @@ impl ManagerImpl { |
|
|
|
|
|
|
|
|
|
gemini_store.set_certificate(domain, pkey, cert)?; |
|
|
|
|
} |
|
|
|
|
Ok(()) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
async fn sync_domain_https_cert(&self, domain: &domain::Name) -> unexpected::Result<()> { |
|
|
|
|
if let Some(ref acme_manager) = self.acme_manager { |
|
|
|
|
log::info!("Syncing HTTPS certificate for domain {domain}"); |
|
|
|
|
acme_manager.sync_domain(domain.clone()).await?; |
|
|
|
@ -227,20 +230,23 @@ impl ManagerImpl { |
|
|
|
|
Ok(()) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
async fn sync_all_domains_once(&self) -> unexpected::Result<()> { |
|
|
|
|
async fn sync_all_domains(&self) -> unexpected::Result<()> { |
|
|
|
|
let domains = self |
|
|
|
|
.all_domains() |
|
|
|
|
.or_unexpected_while("fetching all domains")? |
|
|
|
|
.into_iter(); |
|
|
|
|
|
|
|
|
|
for ManagedDomain { domain, .. } in domains { |
|
|
|
|
let settings = match self |
|
|
|
|
let (settings, https_cert, gemini_cert) = match self |
|
|
|
|
.get_settings(&domain) |
|
|
|
|
.map_unexpected_while(|| format!("fetching settings for {domain}"))? |
|
|
|
|
{ |
|
|
|
|
GetSettingsResult::Stored(settings) => Some(settings), |
|
|
|
|
GetSettingsResult::Builtin(config) => Some(config.settings), |
|
|
|
|
GetSettingsResult::Proxied(_) => None, |
|
|
|
|
GetSettingsResult::Stored(settings) => (Some(settings), true, true), |
|
|
|
|
GetSettingsResult::Builtin(config) => (Some(config.settings), true, true), |
|
|
|
|
|
|
|
|
|
// A proxied domain never needs gemini certs, since gemini requests will be
|
|
|
|
|
// transparently proxied to the backing server anyway.
|
|
|
|
|
GetSettingsResult::Proxied(config) => (None, !config.https_disabled, false), |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
if let Some(settings) = settings { |
|
|
|
@ -253,20 +259,27 @@ impl ManagerImpl { |
|
|
|
|
})?; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
self.sync_domain_certs(&domain) |
|
|
|
|
.await |
|
|
|
|
.map_unexpected_while(|| format!("syncing certs for domain {domain}",))?; |
|
|
|
|
if gemini_cert { |
|
|
|
|
self.sync_domain_gemini_cert(&domain) |
|
|
|
|
.map_unexpected_while(|| format!("syncing gemini cert for domain {domain}"))?; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if https_cert { |
|
|
|
|
self.sync_domain_https_cert(&domain) |
|
|
|
|
.await |
|
|
|
|
.map_unexpected_while(|| format!("syncing https cert for domain {domain}",))?; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
Ok(()) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
async fn sync_all_domains(&self, canceller: CancellationToken) { |
|
|
|
|
async fn sync_all_domains_job(&self, canceller: CancellationToken) { |
|
|
|
|
let mut interval = tokio::time::interval(tokio::time::Duration::from_secs(20 * 60)); |
|
|
|
|
loop { |
|
|
|
|
tokio::select! { |
|
|
|
|
_ = canceller.cancelled() => return, |
|
|
|
|
_ = interval.tick() => if let Err(err) = self.sync_all_domains_once().await { |
|
|
|
|
_ = interval.tick() => if let Err(err) = self.sync_all_domains().await { |
|
|
|
|
log::error!("Failed to sync all domains: {err}") |
|
|
|
|
}, |
|
|
|
|
} |
|
|
|
@ -326,10 +339,16 @@ impl Manager for ManagerImpl { |
|
|
|
|
.or_unexpected_while("calculating config hash")?; |
|
|
|
|
|
|
|
|
|
self.domain_checker.check_domain(&domain, &hash).await?; |
|
|
|
|
|
|
|
|
|
self.sync_domain_origin(&domain, &settings.origin_descr)?; |
|
|
|
|
self.sync_domain_certs(&domain) |
|
|
|
|
|
|
|
|
|
self.sync_domain_gemini_cert(&domain) |
|
|
|
|
.or_unexpected_while("syncing domain gemini cert")?; |
|
|
|
|
|
|
|
|
|
self.sync_domain_https_cert(&domain) |
|
|
|
|
.await |
|
|
|
|
.or_unexpected_while("syncing domain certs")?; |
|
|
|
|
.or_unexpected_while("syncing domain https cert")?; |
|
|
|
|
|
|
|
|
|
self.domain_store.set(&domain, &settings)?; |
|
|
|
|
|
|
|
|
|
Ok(()) |
|
|
|
|