adjusted default checkInterval to every two days, dont trigger reload via SIGHUP when using dns provider

2025-10-16 12:35:34 +00:00 · 2020-02-14 12:48:30 +01:00 · 2020-02-14 12:48:30 +01:00 · c7296f5b4d
commit c7296f5b4d
parent e438243530
4 changed files with 20 additions and 13 deletions
--- a/TODO.md
+++ b/TODO.md
@ -1,3 +1,4 @@
 # TODO

 - add unit tests
+- add example for configuring DNS challenge
--- a/config.go
+++ b/config.go
@ -29,8 +29,8 @@ var (
 var Default = &Config{
 	// 30 Days before expiration
 	RenewBefore: 30 * 24,
-	// Once a week
-	CheckInterval: 7 * 24 * time.Hour,
+	// every two days
+	CheckInterval: 2 * 24 * time.Hour,
 	SSLEmail:      "",
 	DirectoryURL:  "https://acme-v02.api.letsencrypt.org/directory",
 	HTTPAddress:   ":80",
--- a/renew.go
+++ b/renew.go
@ -19,7 +19,7 @@ import (
 	"github.com/go-acme/lego/v3/certificate"
 )

-func renew(cert *certificate.Resource) error {
+func renew(cert *certificate.Resource, cfg *Config) error {

 	// Input certificate is PEM encoded. Decode it here as we may need the decoded
 	// cert later on in the renewal process. The input may be a bundle or a single certificate.
@ -88,12 +88,18 @@ func renew(cert *certificate.Resource) error {
 			return fmt.Errorf("simplecert: failed to write new cert to disk: %s", err)
 		}

-		log.Println("[INFO] simplecert: wrote new cert to disk! triggering reload via SIGHUP")
+		log.Println("[INFO] simplecert: wrote new cert to disk!")

-		// trigger reload by sending our process a SIGHUP
-		err = syscall.Kill(os.Getpid(), syscall.SIGHUP)
-		if err != nil {
-			return fmt.Errorf("simplecert: failed to trigger reload of renewed certificate: %s", err)
+		// if not using a DNS provider: trigger reload via SIGHUP
+		if cfg.DNSProvider == "" {
+
+			log.Println("[INFO] triggering reload via SIGHUP")
+
+			// trigger reload by sending our process a SIGHUP
+			err = syscall.Kill(os.Getpid(), syscall.SIGHUP)
+			if err != nil {
+				return fmt.Errorf("simplecert: failed to trigger reload of renewed certificate: %s", err)
+			}
 		}
 	}

@ -103,7 +109,7 @@ func renew(cert *certificate.Resource) error {
 // take care of checking the cert in the configured interval
 // and renew if timeLeft is less than or equal to renewBefore
 // when initially started, the certificate is checked against the thresholds and renewed if neccessary
-func renewalRoutine(cr *certificate.Resource) {
+func renewalRoutine(cr *certificate.Resource, cfg *Config) {

 	for {
 		// sleep for duration of checkInterval
@ -115,7 +121,7 @@ func renewalRoutine(cr *certificate.Resource) {
 		}

 		// renew the certificate
-		err := renew(cr)
+		err := renew(cr, cfg)
 		if err != nil { // something went wrong.

 			// call handler if set
--- a/simplecert.go
+++ b/simplecert.go
@ -132,13 +132,13 @@ func Init(cfg *Config, cleanup func()) (*CertReloader, error) {
 		cert := getACMECertResource(cr)

 		// renew cert if necessary
-		errRenew := renew(cert)
+		errRenew := renew(cert, cfg)
 		if errRenew != nil {
 			log.Fatal("[FATAL] failed to renew cached cert on startup: ", errRenew)
 		}

 		// kickoff renewal routine
-		go renewalRoutine(cert)
+		go renewalRoutine(cert, cfg)

 		return NewCertReloader(certFilePath, keyFilePath, logFile, cleanup)
 	}
@ -185,7 +185,7 @@ obtainNewCert:
 	log.Println("[INFO] simplecert: wrote new cert to disk!")

 	// kickoff renewal routine
-	go renewalRoutine(cert)
+	go renewalRoutine(cert, cfg)

 	return NewCertReloader(certFilePath, keyFilePath, logFile, cleanup)
 }