aboutsummaryrefslogtreecommitdiff
path: root/src/acme.rs
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2021-12-06 23:40:41 +0100
committerAlex Auvolat <alex@adnab.me>2021-12-06 23:40:41 +0100
commit61e6df6209b3c55e4c07c6baf2fabfba23a474f1 (patch)
treec74b70ab503ea3fab0342a5192eb5c969bd6692e /src/acme.rs
parent2895a8ae2e99f11290800c14f038feda90e1787a (diff)
downloadtricot-61e6df6209b3c55e4c07c6baf2fabfba23a474f1.tar.gz
tricot-61e6df6209b3c55e4c07c6baf2fabfba23a474f1.zip
not much
Diffstat (limited to 'src/acme.rs')
-rw-r--r--src/acme.rs41
1 files changed, 41 insertions, 0 deletions
diff --git a/src/acme.rs b/src/acme.rs
new file mode 100644
index 0000000..c6dbc5b
--- /dev/null
+++ b/src/acme.rs
@@ -0,0 +1,41 @@
+use std::collections::HashSet;
+
+use log::*;
+use anyhow::Result;
+use tokio::{sync::watch, time::sleep};
+
+use acme_micro::{Error, Certificate, Directory, DirectoryUrl};
+use acme_micro::create_p384_key;
+
+use crate::consul::Consul;
+use crate::proxy_config::ProxyConfig;
+
+pub async fn acme_task(mut consul: Consul, mut rx_proxy_config: watch::Receiver<ProxyConfig>) {
+ while rx_proxy_config.changed().await.is_ok() {
+ let mut domains: HashSet<String> = HashSet::new();
+
+ for ent in rx_proxy_config.borrow().entries.iter() {
+ domains.insert(ent.host.clone());
+ }
+ info!("Ensuring we have certs for domains: {:#?}", domains);
+
+ let results = futures::future::join_all(
+ domains.iter()
+ .map(|dom| renew_cert(dom, &consul))
+ ).await;
+
+ for (res, dom) in results.iter().zip(domains.iter()) {
+ if let Err(e) = res {
+ error!("{}: {}", dom, e);
+ }
+ }
+ }
+}
+
+async fn renew_cert(dom: &str, consul: &Consul) -> Result<()> {
+ let dir = Directory::from_url(DirectoryUrl::LetsEncrypt)?;
+ let contact = vec!["mailto:alex@adnab.me".to_string()];
+ let acc = dir.register_account(contact.clone())?;
+ // TODO
+ unimplemented!()
+}