v11.12.3

changelog.md

@@ -1,5 +1,18 @@
 # Changelog
 
+## 2026-03-27 - 11.12.3 - fix(dcrouter)
+re-trigger auto certificate provisioning after SmartAcme becomes ready
+
+- clear certificate provisioning scheduler state before retrying startup-affected routes
+- use route updates to re-run certificate provisioning for all current auto-cert routes
+- remove the unused single-route domain lookup helper
+
+## 2026-03-27 - 11.12.2 - fix(dcrouter)
+guard auto certificate reprovisioning against unnamed routes
+
+- Only re-triggers certificate provisioning for auto-cert routes when a route name is present.
+- Prevents reprovision attempts from running with an undefined route name and reduces warning noise.
+
 ## 2026-03-27 - 11.12.1 - fix(dcrouter)
 retry auto certificate provisioning after SmartAcme becomes ready
 

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@serve.zone/dcrouter",
   "private": false,
-  "version": "11.12.1",
+  "version": "11.12.3",
   "description": "A multifaceted routing service handling mail and SMS delivery functions.",
   "type": "module",
   "exports": {

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '11.12.1',
+  version: '11.12.3',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }

ts/classes.dcrouter.ts

@@ -389,34 +389,21 @@ export class DcRouter {
               this.smartAcmeReady = true;
               logger.log('info', 'SmartAcme DNS-01 provider is now ready');
 
-              // Re-provision any certificates that failed during the startup window
-              // (before SmartAcme was ready — the certProvisionFunction returned 'http01'
-              // which fails because Rust ACME is disabled when certProvisionFunction is set)
+              // Re-trigger certificate provisioning for all auto-cert routes.
+              // During startup, certProvisionFunction returned 'http01' (SmartAcme not ready),
+              // but Rust ACME is disabled when certProvisionFunction is set — so all domains
+              // failed silently (SmartProxy doesn't emit certificate-failed for this path).
+              // Calling updateRoutes() re-triggers provisionCertificatesViaCallback internally,
+              // which calls certProvisionFunction again — now with smartAcmeReady === true.
               if (this.smartProxy) {
-                const failedDomains = [...this.certificateStatusMap.entries()]
-                  .filter(([_, status]) => status.status === 'failed')
-                  .map(([domain]) => domain);
-
-                if (failedDomains.length > 0) {
-                  logger.log('info', `Re-provisioning ${failedDomains.length} certificates that failed before SmartAcme was ready`);
-                  // Clear backoff and status for failed domains — these failures were from the startup race
-                  for (const domain of failedDomains) {
-                    if (this.certProvisionScheduler) {
-                      await this.certProvisionScheduler.clearBackoff(domain);
-                    }
-                    this.certificateStatusMap.delete(domain);
-                  }
-                  // Re-trigger provisioning for all auto-cert routes
-                  const routes = this.smartProxy.routeManager.getRoutes();
-                  for (const route of routes) {
-                    const tls = (route as any).action?.tls;
-                    if (tls && tls.certificate === 'auto') {
-                      this.smartProxy.provisionCertificate(route.name).catch((err: any) => {
-                        logger.log('warn', `Re-provision for route '${route.name}' failed: ${err?.message || err}`);
-                      });
-                    }
-                  }
+                if (this.certProvisionScheduler) {
+                  this.certProvisionScheduler.clear();
                 }
+                const currentRoutes = this.smartProxy.routeManager.getRoutes();
+                logger.log('info', `Re-triggering certificate provisioning for ${currentRoutes.length} routes`);
+                this.smartProxy.updateRoutes(currentRoutes).catch((err: any) => {
+                  logger.log('warn', `Failed to re-trigger cert provisioning: ${err?.message || err}`);
+                });
               }
             }
           })
@@ -1160,23 +1147,6 @@ export class DcRouter {
     return false;
   }
 
-  /**
-   * Find the first route name that matches a given domain
-   */
-  private findRouteNameForDomain(domain: string): string | undefined {
-    if (!this.smartProxy) return undefined;
-    for (const route of this.smartProxy.routeManager.getRoutes()) {
-      if (!route.match.domains || !route.name) continue;
-      const routeDomains = Array.isArray(route.match.domains)
-        ? route.match.domains
-        : [route.match.domains];
-      for (const pattern of routeDomains) {
-        if (this.isDomainMatch(domain, pattern)) return route.name;
-      }
-    }
-    return undefined;
-  }
-
   /**
    * Find ALL route names that match a given domain
    */

ts_web/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@serve.zone/dcrouter',
-  version: '11.12.1',
+  version: '11.12.3',
   description: 'A multifaceted routing service handling mail and SMS delivery functions.'
 }