push.rocks/smartproxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(certificate-manager, smart-proxy): Fix race condition in ACME certificate provisioning and refactor certificate manager initialization to defer provisioning until after port listeners are active

Browse Source
This commit is contained in:
Philipp Kunz
2025-05-19 22:07:08 +00:00
parent 84c5d0a69e
commit 91018173b0
12 changed files with 623 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ts/proxies/smart-proxy/certificate-manager.ts
View File

@ -132,8 +132,9 @@ export class SmartCertManager {
}
}
// Provision certificates for all routes
await this.provisionAllCertificates();
// Skip automatic certificate provisioning during initialization
// This will be called later after ports are listening
console.log('Certificate manager initialized. Deferring certificate provisioning until after ports are listening.');
// Start renewal timer
this.startRenewalTimer();
@ -142,7 +143,7 @@ export class SmartCertManager {
/**
* Provision certificates for all routes that need them
*/
private async provisionAllCertificates(): Promise<void> {
public async provisionAllCertificates(): Promise<void> {
const certRoutes = this.routes.filter(r =>
r.action.tls?.mode === 'terminate' ||
r.action.tls?.mode === 'terminate-and-reencrypt'