forked from Deuxfleurs/tricot
Better locking
This commit is contained in:
parent
9119c2f45c
commit
e8b789f5e0
1 changed files with 9 additions and 4 deletions
|
@ -87,6 +87,9 @@ impl CertStore {
|
|||
info!("Renewing certificate for {}", domain);
|
||||
|
||||
// ---- Acquire lock ----
|
||||
// the lock is acquired for fifteen minutes,
|
||||
// so that in case of an error we won't retry before
|
||||
// that delay expires
|
||||
|
||||
let lock_path = format!("renew_lock/{}", domain);
|
||||
let lock_name = format!("tricot/renew:{}@{}", domain, self.consul.local_node.clone());
|
||||
|
@ -94,12 +97,14 @@ impl CertStore {
|
|||
.consul
|
||||
.create_session(&ConsulSessionRequest {
|
||||
name: lock_name.clone(),
|
||||
node: Some(self.consul.local_node.clone()),
|
||||
lock_delay: Some("30s".into()),
|
||||
ttl: Some("1m".into()),
|
||||
node: None,
|
||||
lock_delay: Some("15m".into()),
|
||||
ttl: Some("30m".into()),
|
||||
behavior: Some("delete".into()),
|
||||
})
|
||||
.await?;
|
||||
debug!("Lock session: {}", session);
|
||||
|
||||
if !self
|
||||
.consul
|
||||
.acquire(&lock_path, lock_name.clone().into(), &session)
|
||||
|
@ -141,7 +146,7 @@ impl CertStore {
|
|||
let chall = auths[0].http_challenge().unwrap();
|
||||
let chall_key = format!("challenge/{}", chall.http_token());
|
||||
self.consul
|
||||
.kv_put(&chall_key, chall.http_proof()?.into())
|
||||
.acquire(&chall_key, chall.http_proof()?.into(), &session)
|
||||
.await?;
|
||||
|
||||
info!("Validating challenge");
|
||||
|
|
Loading…
Reference in a new issue