forked from Deuxfleurs/tricot
Better locking
This commit is contained in:
parent
9119c2f45c
commit
e8b789f5e0
1 changed files with 9 additions and 4 deletions
|
@ -87,6 +87,9 @@ impl CertStore {
|
||||||
info!("Renewing certificate for {}", domain);
|
info!("Renewing certificate for {}", domain);
|
||||||
|
|
||||||
// ---- Acquire lock ----
|
// ---- Acquire lock ----
|
||||||
|
// the lock is acquired for fifteen minutes,
|
||||||
|
// so that in case of an error we won't retry before
|
||||||
|
// that delay expires
|
||||||
|
|
||||||
let lock_path = format!("renew_lock/{}", domain);
|
let lock_path = format!("renew_lock/{}", domain);
|
||||||
let lock_name = format!("tricot/renew:{}@{}", domain, self.consul.local_node.clone());
|
let lock_name = format!("tricot/renew:{}@{}", domain, self.consul.local_node.clone());
|
||||||
|
@ -94,12 +97,14 @@ impl CertStore {
|
||||||
.consul
|
.consul
|
||||||
.create_session(&ConsulSessionRequest {
|
.create_session(&ConsulSessionRequest {
|
||||||
name: lock_name.clone(),
|
name: lock_name.clone(),
|
||||||
node: Some(self.consul.local_node.clone()),
|
node: None,
|
||||||
lock_delay: Some("30s".into()),
|
lock_delay: Some("15m".into()),
|
||||||
ttl: Some("1m".into()),
|
ttl: Some("30m".into()),
|
||||||
behavior: Some("delete".into()),
|
behavior: Some("delete".into()),
|
||||||
})
|
})
|
||||||
.await?;
|
.await?;
|
||||||
|
debug!("Lock session: {}", session);
|
||||||
|
|
||||||
if !self
|
if !self
|
||||||
.consul
|
.consul
|
||||||
.acquire(&lock_path, lock_name.clone().into(), &session)
|
.acquire(&lock_path, lock_name.clone().into(), &session)
|
||||||
|
@ -141,7 +146,7 @@ impl CertStore {
|
||||||
let chall = auths[0].http_challenge().unwrap();
|
let chall = auths[0].http_challenge().unwrap();
|
||||||
let chall_key = format!("challenge/{}", chall.http_token());
|
let chall_key = format!("challenge/{}", chall.http_token());
|
||||||
self.consul
|
self.consul
|
||||||
.kv_put(&chall_key, chall.http_proof()?.into())
|
.acquire(&chall_key, chall.http_proof()?.into(), &session)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
info!("Validating challenge");
|
info!("Validating challenge");
|
||||||
|
|
Loading…
Reference in a new issue