import * as plugins from '../plugins.js'; import * as authInterfaces from '../data/auth.js'; export type TCertificateStatus = 'valid' | 'expiring' | 'expired' | 'provisioning' | 'failed' | 'unknown'; export type TCertificateSource = 'acme' | 'provision-function' | 'static' | 'none'; export interface ICertificateInfo { domain: string; routeNames: string[]; status: TCertificateStatus; source: TCertificateSource; tlsMode: 'terminate' | 'terminate-and-reencrypt' | 'passthrough'; expiryDate?: string; // ISO string issuer?: string; issuedAt?: string; // ISO string error?: string; // if status === 'failed' canReprovision: boolean; // true for acme/provision-function routes backoffInfo?: { failures: number; retryAfter?: string; // ISO string lastError?: string; }; } export interface IReq_GetCertificateOverview extends plugins.typedrequestInterfaces.implementsTR< plugins.typedrequestInterfaces.ITypedRequest, IReq_GetCertificateOverview > { method: 'getCertificateOverview'; request: { identity?: authInterfaces.IIdentity; }; response: { certificates: ICertificateInfo[]; summary: { total: number; valid: number; expiring: number; expired: number; failed: number; unknown: number; }; }; } // Legacy route-based reprovision (kept for backward compat) export interface IReq_ReprovisionCertificate extends plugins.typedrequestInterfaces.implementsTR< plugins.typedrequestInterfaces.ITypedRequest, IReq_ReprovisionCertificate > { method: 'reprovisionCertificate'; request: { identity?: authInterfaces.IIdentity; routeName: string; }; response: { success: boolean; message?: string; }; } // Domain-based reprovision (preferred) export interface IReq_ReprovisionCertificateDomain extends plugins.typedrequestInterfaces.implementsTR< plugins.typedrequestInterfaces.ITypedRequest, IReq_ReprovisionCertificateDomain > { method: 'reprovisionCertificateDomain'; request: { identity?: authInterfaces.IIdentity; domain: string; }; response: { success: boolean; message?: string; }; }