feat(acme): Integrate SmartAcme DNS-01 handling and add certificate provisioning for SmartProxy

2026-02-13 12:12:01 +00:00
parent 85b6c4fa51
commit ca112c3e42
6 changed files with 57 additions and 19 deletions
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@serve.zone/dcrouter',
-  version: '5.0.7',
+  version: '5.1.0',
  description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }
--- a/ts/classes.dcrouter.ts
+++ b/ts/classes.dcrouter.ts
@@ -171,6 +171,7 @@ export class DcRouter {

  // Core services
  public smartProxy?: plugins.smartproxy.SmartProxy;
+  public smartAcme?: plugins.smartacme.SmartAcme;
  public dnsServer?: plugins.smartdns.dnsServerMod.DnsServer;
  public emailServer?: UnifiedEmailServer;
  public radiusServer?: RadiusServer;
@@ -429,12 +430,34 @@ export class DcRouter {
        acme: acmeConfig
      };
      
-      // If we have DNS challenge handlers, enhance the config
+      // If we have DNS challenge handlers, create SmartAcme and wire to certProvisionFunction
      if (challengeHandlers.length > 0) {
-        // We'll need to pass this to SmartProxy somehow
-        // For now, we'll set it as a property
-        (smartProxyConfig as any).acmeChallengeHandlers = challengeHandlers;
-        (smartProxyConfig as any).acmeChallengePriority = ['dns-01', 'http-01'];
+        this.smartAcme = new plugins.smartacme.SmartAcme({
+          accountEmail: acmeConfig?.accountEmail || this.options.tls?.contactEmail || 'admin@example.com',
+          certManager: new plugins.smartacme.certmanagers.MemoryCertManager(),
+          environment: 'production',
+          challengeHandlers: challengeHandlers,
+          challengePriority: ['dns-01'],
+        });
+        await this.smartAcme.start();
+
+        smartProxyConfig.certProvisionFunction = async (domain: string) => {
+          try {
+            const cert = await this.smartAcme.getCertificateForDomain(domain);
+            return {
+              id: cert.id,
+              domainName: cert.domainName,
+              created: cert.created,
+              validUntil: cert.validUntil,
+              privateKey: cert.privateKey,
+              publicKey: cert.publicKey,
+              csr: cert.csr,
+            };
+          } catch (err) {
+            console.error(`[DcRouter] SmartAcme DNS-01 failed for ${domain}, falling back to http-01:`, err.message);
+            return 'http01';
+          }
+        };
      }
      
      // Create SmartProxy instance
@@ -652,6 +675,9 @@ export class DcRouter {
        // Stop unified email server if running
        this.emailServer ? this.emailServer.stop().catch(err => console.error('Error stopping email server:', err)) : Promise.resolve(),

+        // Stop SmartAcme if running
+        this.smartAcme ? this.smartAcme.stop().catch(err => console.error('Error stopping SmartAcme:', err)) : Promise.resolve(),
+
        // Stop HTTP SmartProxy if running
        this.smartProxy ? this.smartProxy.stop().catch(err => console.error('Error stopping SmartProxy:', err)) : Promise.resolve(),