Add signalling on update

README.adoc

@@ -38,6 +38,13 @@ values are:
 +
 The default value is `P384`.
 
+`DOTEGE_SIGNAL_CONTAINER`::
+The name of a container that should be sent a signal when the template or certificates
+are changed. No signal is sent if not specified.
+
+`DOTEGE_SIGNAL_TYPE`::
+The type of signal to send to the `DOTEGE_SIGNAL_CONTAINER`. Defaults to `HUP`.
+
 `DOTEGE_TEMPLATE_DESTINATION`::
 Location to write the templated configuration file to. Defaults to `/data/output/haproxy.cfg`.
 

dotege.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"fmt"
 	"github.com/csmith/dotege/model"
 	"github.com/docker/docker/client"
@@ -27,6 +28,10 @@ const (
 	envAcmeKeyTypeDefault         = "P384"
 	envAcmeCacheLocationKey       = "DOTEGE_ACME_CACHE_FILE"
 	envAcmeCacheLocationDefault   = "/data/config/certs.json"
+	envSignalContainerKey         = "DOTEGE_SIGNAL_CONTAINER"
+	envSignalContainerDefault     = ""
+	envSignalTypeKey              = "DOTEGE_SIGNAL_TYPE"
+	envSignalTypeDefault          = "HUP"
 	envTemplateDestinationKey     = "DOTEGE_TEMPLATE_DESTINATION"
 	envTemplateDestinationDefault = "/data/output/haproxy.cfg"
 	envTemplateSourceKey          = "DOTEGE_TEMPLATE_SOURCE"
@@ -37,6 +42,8 @@ var (
 	logger             *zap.SugaredLogger
 	certificateManager *CertificateManager
 	config             *model.Config
+	dockerClient       *client.Client
+	containers         = make(map[string]*model.Container)
 )
 
 func requiredVar(key string) (value string) {
@@ -81,6 +88,20 @@ func createLogger() *zap.SugaredLogger {
 	return logger.Sugar()
 }
 
+func createSignalConfig() []model.ContainerSignal {
+	name := optionalVar(envSignalContainerKey, envSignalContainerDefault)
+	if name == envSignalContainerDefault {
+		return []model.ContainerSignal{}
+	} else {
+		return []model.ContainerSignal{
+			{
+				Name:   name,
+				Signal: optionalVar(envSignalTypeKey, envSignalTypeDefault),
+			},
+		}
+	}
+}
+
 func createConfig() {
 	config = &model.Config{
 		Templates: []model.TemplateConfig{
@@ -100,6 +121,7 @@ func createConfig() {
 			KeyType:       certcrypto.KeyType(optionalVar(envAcmeKeyTypeKey, envAcmeKeyTypeDefault)),
 			CacheLocation: optionalVar(envAcmeCacheLocationKey, envAcmeCacheLocationDefault),
 		},
+		Signals:                createSignalConfig(),
 		DefaultCertActions:     model.COMBINE | model.FLATTEN,
 		DefaultCertDestination: optionalVar(envCertDestinationKey, envCertDestinationDefault),
 	}
@@ -139,13 +161,13 @@ func main() {
 
 	jitterTimer := time.NewTimer(time.Minute)
 	redeployTimer := time.NewTicker(time.Hour * 24)
-	containers := make(map[string]*model.Container)
 
 	go func() {
 		err := monitorContainers(dockerClient, dockerStopChan, func(container *model.Container) {
 			containers[container.Name] = container
 			jitterTimer.Reset(100 * time.Millisecond)
 			deployCertForContainer(container)
+			signalContainer()
 		}, func(name string) {
 			delete(containers, name)
 			jitterTimer.Reset(100 * time.Millisecond)
@@ -161,14 +183,18 @@ func main() {
 			select {
 			case <-jitterTimer.C:
 				hostnames := getHostnames(containers, *config)
-				templateGenerator.Generate(Context{
+				updated := templateGenerator.Generate(Context{
 					Containers: containers,
 					Hostnames:  hostnames,
 				})
+				if updated {
+					signalContainer()
+				}
 			case <-redeployTimer.C:
 				logger.Info("Performing periodic certificate refresh")
 				for _, container := range containers {
 					deployCertForContainer(container)
+					signalContainer()
 				}
 			}
 		}
@@ -183,6 +209,20 @@ func main() {
 	}
 }
 
+func signalContainer() {
+	for _, s := range config.Signals {
+		container, ok := containers[s.Name]
+		if ok {
+			err := dockerClient.ContainerKill(context.Background(), container.Id, s.Signal)
+			if err != nil {
+				logger.Errorf("Unable to send signal %s to container %s: %s", s.Signal, s.Name, err.Error())
+			}
+		} else {
+			logger.Warnf("Couldn't signal container %s as it is not running", s.Name)
+		}
+	}
+}
+
 func getHostnamesForContainer(container *model.Container) []string {
 	if label, ok := container.Labels[config.Labels.Hostnames]; ok {
 		return strings.Split(strings.Replace(label, ",", " ", -1), " ")

model/model.go

@@ -54,6 +54,7 @@ type Hostname struct {
 // Config is the user-definable configuration for Dotege.
 type Config struct {
 	Templates              []TemplateConfig
+	Signals                []ContainerSignal
 	Labels                 LabelConfig
 	DefaultCertActions     CertActions
 	DefaultCertDestination string
@@ -66,6 +67,12 @@ type TemplateConfig struct {
 	Destination string
 }
 
+// ContainerSignal describes a container that should be sent a signal when the config/certs change.
+type ContainerSignal struct {
+	Name   string
+	Signal string
+}
+
 // FoundCertificate describes a certificate we've located on disk.
 type FoundCertificate struct {
 	Hostname   string

template_generator.go

@@ -58,7 +58,7 @@ func (t *TemplateGenerator) AddTemplate(config model.TemplateConfig) {
 	})
 }
 
-func (t *TemplateGenerator) Generate(context Context) {
+func (t *TemplateGenerator) Generate(context Context) (updated bool) {
 	for _, tmpl := range t.templates {
 		t.logger.Debugf("Checking for updates to %s", tmpl.config.Source)
 		builder := &strings.Builder{}
@@ -67,6 +67,7 @@ func (t *TemplateGenerator) Generate(context Context) {
 			panic(err)
 		}
 		if tmpl.content != builder.String() {
+			updated = true
 			t.logger.Infof("Writing updated template to %s", tmpl.config.Destination)
 			tmpl.content = builder.String()
 			err = ioutil.WriteFile(tmpl.config.Destination, []byte(builder.String()), 0666)
@@ -75,4 +76,5 @@ func (t *TemplateGenerator) Generate(context Context) {
 			}
 		}
 	}
+	return
 }