feat(certificates): include certificate source/issuer and Rust-side status checks; pass eventComms into certProvisionFunction and record expiry information
This commit is contained in:
@@ -189,6 +189,7 @@ export class DcRouter {
|
||||
domain: string;
|
||||
expiryDate?: string;
|
||||
issuedAt?: string;
|
||||
source?: string;
|
||||
error?: string;
|
||||
}>();
|
||||
|
||||
@@ -450,9 +451,14 @@ export class DcRouter {
|
||||
});
|
||||
await this.smartAcme.start();
|
||||
|
||||
smartProxyConfig.certProvisionFunction = async (domain: string) => {
|
||||
smartProxyConfig.certProvisionFunction = async (domain, eventComms) => {
|
||||
try {
|
||||
eventComms.log(`Attempting DNS-01 via SmartAcme for ${domain}`);
|
||||
eventComms.setSource('smartacme-dns-01');
|
||||
const cert = await this.smartAcme.getCertificateForDomain(domain);
|
||||
if (cert.validUntil) {
|
||||
eventComms.setExpiryDate(new Date(cert.validUntil));
|
||||
}
|
||||
return {
|
||||
id: cert.id,
|
||||
domainName: cert.domainName,
|
||||
@@ -463,7 +469,7 @@ export class DcRouter {
|
||||
csr: cert.csr,
|
||||
};
|
||||
} catch (err) {
|
||||
console.error(`[DcRouter] SmartAcme DNS-01 failed for ${domain}, falling back to http-01:`, err.message);
|
||||
eventComms.warn(`SmartAcme DNS-01 failed for ${domain}: ${err.message}, falling back to http-01`);
|
||||
return 'http01';
|
||||
}
|
||||
};
|
||||
@@ -486,34 +492,37 @@ export class DcRouter {
|
||||
});
|
||||
|
||||
if (acmeConfig) {
|
||||
this.smartProxy.on('certificate-issued', (event) => {
|
||||
console.log(`[DcRouter] Certificate issued for ${event.domain}, expires ${event.expiryDate}`);
|
||||
this.smartProxy.on('certificate-issued', (event: plugins.smartproxy.ICertificateIssuedEvent) => {
|
||||
console.log(`[DcRouter] Certificate issued for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
|
||||
const routeName = this.findRouteNameForDomain(event.domain);
|
||||
if (routeName) {
|
||||
this.certificateStatusMap.set(routeName, {
|
||||
status: 'valid', domain: event.domain,
|
||||
expiryDate: event.expiryDate, issuedAt: new Date().toISOString(),
|
||||
source: event.source,
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
this.smartProxy.on('certificate-renewed', (event) => {
|
||||
console.log(`[DcRouter] Certificate renewed for ${event.domain}, expires ${event.expiryDate}`);
|
||||
this.smartProxy.on('certificate-renewed', (event: plugins.smartproxy.ICertificateIssuedEvent) => {
|
||||
console.log(`[DcRouter] Certificate renewed for ${event.domain} via ${event.source}, expires ${event.expiryDate}`);
|
||||
const routeName = this.findRouteNameForDomain(event.domain);
|
||||
if (routeName) {
|
||||
this.certificateStatusMap.set(routeName, {
|
||||
status: 'valid', domain: event.domain,
|
||||
expiryDate: event.expiryDate, issuedAt: new Date().toISOString(),
|
||||
source: event.source,
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
this.smartProxy.on('certificate-failed', (event) => {
|
||||
console.error(`[DcRouter] Certificate failed for ${event.domain}:`, event.error);
|
||||
this.smartProxy.on('certificate-failed', (event: plugins.smartproxy.ICertificateFailedEvent) => {
|
||||
console.error(`[DcRouter] Certificate failed for ${event.domain} (${event.source}):`, event.error);
|
||||
const routeName = this.findRouteNameForDomain(event.domain);
|
||||
if (routeName) {
|
||||
this.certificateStatusMap.set(routeName, {
|
||||
status: 'failed', domain: event.domain, error: event.error,
|
||||
source: event.source,
|
||||
});
|
||||
}
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user