|
@@ -150,8 +150,9 @@ func main() {
|
150
|
150
|
doneChan := monitorSignals()
|
151
|
151
|
createConfig()
|
152
|
152
|
|
|
153
|
+ var err error
|
153
|
154
|
dockerStopChan := make(chan struct{})
|
154
|
|
- dockerClient, err := client.NewEnvClient()
|
|
155
|
+ dockerClient, err = client.NewEnvClient()
|
155
|
156
|
if err != nil {
|
156
|
157
|
panic(err)
|
157
|
158
|
}
|
|
@@ -161,14 +162,15 @@ func main() {
|
161
|
162
|
|
162
|
163
|
jitterTimer := time.NewTimer(time.Minute)
|
163
|
164
|
redeployTimer := time.NewTicker(time.Hour * 24)
|
|
165
|
+ updatedContainers := make(map[string]*model.Container)
|
164
|
166
|
|
165
|
167
|
go func() {
|
166
|
168
|
err := monitorContainers(dockerClient, dockerStopChan, func(container *model.Container) {
|
167
|
169
|
containers[container.Name] = container
|
|
170
|
+ updatedContainers[container.Name] = container
|
168
|
171
|
jitterTimer.Reset(100 * time.Millisecond)
|
169
|
|
- deployCertForContainer(container)
|
170
|
|
- signalContainer()
|
171
|
172
|
}, func(name string) {
|
|
173
|
+ delete(updatedContainers, name)
|
172
|
174
|
delete(containers, name)
|
173
|
175
|
jitterTimer.Reset(100 * time.Millisecond)
|
174
|
176
|
})
|
|
@@ -187,6 +189,13 @@ func main() {
|
187
|
189
|
Containers: containers,
|
188
|
190
|
Hostnames: hostnames,
|
189
|
191
|
})
|
|
192
|
+
|
|
193
|
+ for name, container := range updatedContainers {
|
|
194
|
+ updated = updated || deployCertForContainer(container)
|
|
195
|
+ delete(updatedContainers, name)
|
|
196
|
+ }
|
|
197
|
+
|
|
198
|
+ signalContainer()
|
190
|
199
|
if updated {
|
191
|
200
|
signalContainer()
|
192
|
201
|
}
|
|
@@ -264,28 +273,32 @@ func addAlternatives(hostname *model.Hostname, alternatives []string) {
|
264
|
273
|
}
|
265
|
274
|
}
|
266
|
275
|
|
267
|
|
-func deployCertForContainer(container *model.Container) {
|
|
276
|
+func deployCertForContainer(container *model.Container) bool {
|
268
|
277
|
hostnames := getHostnamesForContainer(container)
|
269
|
278
|
if len(hostnames) == 0 {
|
270
|
279
|
logger.Debugf("No labels found for container %s", container.Name)
|
271
|
|
- return
|
|
280
|
+ return false
|
272
|
281
|
}
|
273
|
282
|
|
274
|
283
|
err, cert := certificateManager.GetCertificate(hostnames)
|
275
|
284
|
if err != nil {
|
276
|
285
|
logger.Warnf("Unable to generate certificate for %s: %s", container.Name, err.Error())
|
|
286
|
+ return false
|
277
|
287
|
} else {
|
278
|
|
- deployCert(cert)
|
|
288
|
+ return deployCert(cert)
|
279
|
289
|
}
|
280
|
290
|
}
|
281
|
291
|
|
282
|
|
-func deployCert(certificate *SavedCertificate) {
|
|
292
|
+func deployCert(certificate *SavedCertificate) bool {
|
283
|
293
|
target := path.Join(config.DefaultCertDestination, fmt.Sprintf("%s.pem", certificate.Domains[0]))
|
284
|
294
|
|
|
295
|
+ // TODO: Check if the cert is different
|
285
|
296
|
err := ioutil.WriteFile(target, append(certificate.Certificate, certificate.PrivateKey...), 0700)
|
286
|
297
|
if err != nil {
|
287
|
298
|
logger.Warnf("Unable to write certificate %s - %s", target, err.Error())
|
|
299
|
+ return false
|
288
|
300
|
} else {
|
289
|
301
|
logger.Infof("Updated certificate file %s", target)
|
|
302
|
+ return true
|
290
|
303
|
}
|
291
|
304
|
}
|