This repository has been archived by the owner on Oct 27, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 21
/
Copy pathacme-client-pool.go
90 lines (79 loc) · 2.15 KB
/
acme-client-pool.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package main
import (
"context"
"crypto"
"crypto/tls"
"net/http"
"sync/atomic"
"time"
"github.com/Sirupsen/logrus"
"github.com/hlandau/acme/acmeapi"
)
const (
ACMECLIENT_ACCEPT_RULES_INTERVAL = time.Hour * 24 // Accept rules once per day
)
type acmeClientPool struct {
privateKey crypto.PrivateKey
serverAddress string
ch chan bool
rulesAcceptNextTime atomic.Value
}
func NewAcmeClientPool(maxCount int, key crypto.PrivateKey, serverAddress string) *acmeClientPool {
res := &acmeClientPool{
privateKey: key,
serverAddress: serverAddress,
}
res.ch = make(chan bool, maxCount)
for i := 0; i < maxCount; i++ {
res.ch <- false
}
return res
}
func (pool *acmeClientPool) Get(ctx context.Context) (*acmeapi.Client, error) {
logrus.Debugf("Get acme client from pool. It has free %v of %v", len(pool.ch), cap(pool.ch))
<-pool.ch
logrus.Debug("Lock client in pool")
client := &acmeapi.Client{
AccountKey: pool.privateKey,
DirectoryURL: pool.serverAddress,
}
if *acmeSslCheckDisable {
client.HTTPClient = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{
//nolint:gas
InsecureSkipVerify: true,
},
},
}
}
rulesAcceptNextTime, _ := pool.rulesAcceptNextTime.Load().(time.Time)
if rulesAcceptNextTime.Before(time.Now()) {
reg := &acmeapi.Registration{}
logrus.Debugf("Expire accept rules timeout. Start agree with current rules")
for {
// repeat until success or context timeout
reg.AgreementURI = reg.LatestAgreementURI
logrus.Debug("Try agree with terms:", reg.LatestAgreementURI)
err := client.UpsertRegistration(reg, ctx)
if err != nil {
logrus.Debugf("Can't agree with terms: %v", err)
}
if reg.AgreementURI != "" && err == nil {
nextTime := time.Now().Add(ACMECLIENT_ACCEPT_RULES_INTERVAL)
pool.rulesAcceptNextTime.Store(nextTime)
logrus.Infof("Agreed with terms: %v. Next agree: %v", reg.LatestAgreementURI, nextTime)
break
}
if ctx.Err() != nil {
pool.ch <- false
return nil, err
}
}
}
return client, nil
}
func (pool *acmeClientPool) Put(*acmeapi.Client) {
logrus.Debug("Put acme client in pool")
pool.ch <- false
}