Unmanage certificates when no longer needed
This commit is contained in:
Simon Ser
parent
b2d456d17e
commit
f8542ebcee
17
server.go
17
server.go
|
|
@ -119,7 +119,6 @@ func (srv *Server) Start() error {
|
||||||
|
|
||||||
func (srv *Server) Stop() {
|
func (srv *Server) Stop() {
|
||||||
srv.cancelACME()
|
srv.cancelACME()
|
||||||
// TODO: clean cached unmanaged certs
|
|
||||||
for _, ln := range srv.Listeners {
|
for _, ln := range srv.Listeners {
|
||||||
ln.Stop()
|
ln.Stop()
|
||||||
}
|
}
|
||||||
|
|
@ -154,7 +153,6 @@ func (srv *Server) Replace(old *Server) error {
|
||||||
}
|
}
|
||||||
return fmt.Errorf("failed to start ACME: %v", err)
|
return fmt.Errorf("failed to start ACME: %v", err)
|
||||||
}
|
}
|
||||||
// TODO: clean cached unmanaged certs
|
|
||||||
|
|
||||||
// Take over existing listeners and terminate old ones
|
// Take over existing listeners and terminate old ones
|
||||||
for addr, oldLn := range old.Listeners {
|
for addr, oldLn := range old.Listeners {
|
||||||
|
|
@ -165,6 +163,21 @@ func (srv *Server) Replace(old *Server) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Cleanup managed certs which are no longer used
|
||||||
|
managed := make(map[string]struct{}, len(old.ManagedNames))
|
||||||
|
for _, name := range srv.ManagedNames {
|
||||||
|
managed[name] = struct{}{}
|
||||||
|
}
|
||||||
|
unmanage := make([]string, 0, len(old.ManagedNames))
|
||||||
|
for _, name := range old.ManagedNames {
|
||||||
|
if _, ok := managed[name]; !ok {
|
||||||
|
unmanage = append(unmanage, name)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
srv.ACMEConfig.Unmanage(unmanage)
|
||||||
|
|
||||||
|
// TODO: evict unused unmanaged certs from the cache
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue