Skip to content
Snippets Groups Projects

V3

Open V3
v3 into master
Open ale requested to merge v3 into master
Viewing commit cf50081e
Prev Next
Show latest version
4 files
+ 37
19
Compare changes
  • Side-by-side
  • Inline
Files
4
  • cf50081e
    ale
    Store errors in the task entries · cf50081e
    ale authored 
    Specify a "reason" for the scheduled tasks, which will allow us to
retrieve the last error for a specific certificate.
database.go
+ 18
9
@@ -3,6 +3,7 @@ package acmeserver
import (
"database/sql"
"errors"
"fmt"
"log"
"strings"
"time"
@@ -21,7 +22,8 @@ CREATE TABLE tasks (
certificate TEXT,
chain TEXT,
private_key TEXT,
not_after INTEGER
not_after INTEGER,
reason TEXT
)
`, `
CREATE INDEX idx_tasks_id_op ON tasks(id, op)
@@ -100,9 +102,10 @@ func scanTask(rows scanSource) (int64, *Task, error) {
var cert sql.NullString
var chain sql.NullString
var pkey sql.NullString
var reason sql.NullString
var notAfter sql.NullInt64
err := rows.Scan(&tid, &t.Hash, &t.Op, &deadline, &t.FailureCount, &cert, &chain, &pkey, &notAfter, &t.Path, &namesList)
err := rows.Scan(&tid, &t.Hash, &t.Op, &deadline, &t.FailureCount, &reason, &cert, &chain, &pkey, &notAfter, &t.Path, &namesList)
if errors.Is(err, sql.ErrNoRows) {
return 0, nil, nil
}
@@ -124,12 +127,15 @@ func scanTask(rows scanSource) (int64, *Task, error) {
if notAfter.Valid {
t.Credentials.NotAfter = time.Unix(notAfter.Int64, 0)
}
if reason.Valid {
t.Reason = reason.String
}
return tid, &t, nil
}
func popTask(tx *sql.Tx, now int64) (*Task, error) {
row := tx.QueryRow(`SELECT t.tid, t.id, t.op, t.deadline, t.failure_count, t.certificate, t.chain, t.private_key, t.not_after, c.path, c.names_list
row := tx.QueryRow(`SELECT t.tid, t.id, t.op, t.deadline, t.failure_count, t.reason, t.certificate, t.chain, t.private_key, t.not_after, c.path, c.names_list
FROM tasks AS t INNER JOIN config AS c ON t.id = c.id
WHERE t.deadline <= ?
ORDER BY t.deadline ASC LIMIT 1`, now)
@@ -151,12 +157,14 @@ func pushTask(tx *sql.Tx, t *Task, now time.Time) error {
}
log.Printf("pushing task %s", t.debugString())
_, err := tx.Exec(
"INSERT INTO tasks (id, op, deadline, failure_count, certificate, chain, private_key, not_after) VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
t.Hash, t.Op, t.Deadline.Unix(), t.FailureCount,
if _, err := tx.Exec(
"INSERT INTO tasks (id, op, deadline, failure_count, reason, certificate, chain, private_key, not_after) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)",
t.Hash, t.Op, t.Deadline.Unix(), t.FailureCount, t.Reason,
t.Credentials.Certificate, t.Credentials.FullChain, t.Credentials.PrivateKey, t.Credentials.NotAfter.Unix(),
)
return err
); err != nil {
return fmt.Errorf("could not write task to database: %w", err)
}
return nil
}
func deleteTasks(tx *sql.Tx, hash uint64, op string) error {
@@ -176,7 +184,8 @@ func forceRenewal(tx *sql.Tx, hash uint64) error {
IntentCert: IntentCert{
Hash: hash,
},
Op: OpRenew,
Op: OpRenew,
Reason: "manually forced renewal",
}
return pushTask(tx, renewal.runImmediately(now), now)
}