Make auto-renew use built-in renew function

This commit is contained in:
Stephen Crosby 2023-12-14 16:21:08 -08:00
parent e08a4d4490
commit fe4bd9fed6

View File

@ -30,6 +30,7 @@ const internalCertificate = {
intervalTimeout: 1000 * 60 * 60, // 1 hour
interval: null,
intervalProcessing: false,
renewBeforeExpirationBy: [7, 'days'],
initTimer: () => {
logger.info('Let\'s Encrypt Renewal Timer initialized');
@ -46,58 +47,41 @@ const internalCertificate = {
internalCertificate.intervalProcessing = true;
logger.info('Renewing SSL certs close to expiry...');
const cmd = certbotCommand + ' renew --non-interactive --quiet ' +
'--config "' + letsencryptConfig + '" ' +
'--work-dir "/tmp/letsencrypt-lib" ' +
'--logs-dir "/tmp/letsencrypt-log" ' +
'--preferred-challenges "dns,http" ' +
'--disable-hook-validation ' +
(letsencryptStaging ? '--staging' : '');
const expirationThreshold = moment().add(internalCertificate.renewBeforeExpirationBy[0], internalCertificate.renewBeforeExpirationBy[1]).format('YYYY-MM-DD HH:mm:ss');
return utils.exec(cmd)
.then((result) => {
if (result) {
logger.info('Renew Result: ' + result);
}
return internalNginx.reload()
.then(() => {
logger.info('Renew Complete');
return result;
});
})
.then(() => {
// Now go and fetch all the letsencrypt certs from the db and query the files and update expiry times
return certificateModel
// Fetch all the letsencrypt certs from the db that will expire within 7 days
certificateModel
.query()
.where('is_deleted', 0)
.andWhere('provider', 'letsencrypt')
.andWhere('expires_on', '<', expirationThreshold)
.then((certificates) => {
if (certificates && certificates.length) {
if (!certificates || !certificates.length) {
return null;
}
let promises = [];
certificates.map(function (certificate) {
promises.push(
internalCertificate.getCertificateInfoFromFile('/etc/letsencrypt/live/npm-' + certificate.id + '/fullchain.pem')
.then((cert_info) => {
return certificateModel
.query()
.where('id', certificate.id)
.andWhere('provider', 'letsencrypt')
.patch({
expires_on: moment(cert_info.dates.to, 'X').format('YYYY-MM-DD HH:mm:ss')
});
})
certificates.forEach(function (certificate) {
const promise = internalCertificate
.renew(
{
can: () =>
Promise.resolve({
permission_visibility: 'all',
}),
},
{ id: certificate.id },
)
.catch((err) => {
// Don't want to stop the train here, just log the error
logger.error(err.message);
})
);
});
promises.push(promise);
});
return Promise.all(promises);
}
});
})
.then(() => {
internalCertificate.intervalProcessing = false;