27 lines
1.8 KiB
Markdown
27 lines
1.8 KiB
Markdown
## Plan: Centralize Certificate Renewal for all certificates
|
|
|
|
- [ ] Remove renewal logic from Port80Handler
|
|
- Delete `startRenewalTimer()` and `checkForRenewals()` methods
|
|
- Remove `renewThresholdDays` and `renewCheckIntervalHours` options from `IPort80HandlerOptions`
|
|
- [ ] Expose certificate status from Port80Handler
|
|
- Ensure `getDomainCertificateStatus()` returns `{certObtained, expiryDate}` for each domain
|
|
- [ ] Add renewal settings to SmartProxy
|
|
- Extend `port80HandlerConfig` to include `renewThresholdDays` and `renewCheckIntervalHours`
|
|
- [ ] Implement renewal scheduler in SmartProxy using taskbuffer
|
|
- Add dependency on `@push.rocks/taskbuffer` and import `{ Task, TaskManager }` in `SmartProxy`
|
|
- Add `performRenewals()` to iterate domains and trigger renewals where `daysRemaining <= renewThresholdDays`
|
|
- Instantiate a `TaskManager` and define a `Task` that wraps `performRenewals()`
|
|
- Use `taskManager.addAndScheduleTask(task, cronExpr)` to schedule renewals, building `cronExpr` from `renewCheckIntervalHours` (e.g. `0 0 */${renewCheckIntervalHours} * * *`)
|
|
- Call `taskManager.start()` in `SmartProxy.start()`
|
|
- [ ] Clean shutdown handling
|
|
- Call `taskManager.stop()` in `SmartProxy.stop()` alongside other cleanup
|
|
- [ ] Throttling and safety
|
|
- Skip domains already in `obtainingInProgress`
|
|
- Optionally batch or stagger renewal calls for large domain sets
|
|
- [ ] Tests
|
|
- Unit test `performRenewals()`, mocking `getDomainCertificateStatus()` to simulate expiring certificates
|
|
- Integration test using an in-memory `Port80Handler` to verify that scheduled renewals invoke `obtainCertificate()` correctly
|
|
- [ ] Documentation
|
|
- Update `readme.plan.md` (this section)
|
|
- Update `README.md` and code comments to document new renewal settings and workflow
|