@abtnode/certificate-manager 1.16.20-beta-20c7fb25 → 1.16.20-beta-e32e39d7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/libs/acme-manager.js +20 -5
- package/libs/error.js +11 -0
- package/package.json +7 -7
package/libs/acme-manager.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
const { EventEmitter } = require('events');
|
|
2
|
+
const dns = require('dns');
|
|
2
3
|
const fs = require('fs');
|
|
3
4
|
const path = require('path');
|
|
4
5
|
const { Certificate } = require('@fidm/x509');
|
|
@@ -11,6 +12,7 @@ const { CERT_STATUS, CERT_SOURCE } = require('./constant');
|
|
|
11
12
|
const createQueue = require('./queue');
|
|
12
13
|
const logger = require('./logger');
|
|
13
14
|
const states = require('../states');
|
|
15
|
+
const CustomError = require('./error');
|
|
14
16
|
|
|
15
17
|
const http01 = require('./http-01').create({});
|
|
16
18
|
|
|
@@ -44,7 +46,9 @@ class Manager extends EventEmitter {
|
|
|
44
46
|
await this.createOrRenewCert({ ...data, challenges: { 'http-01': http01 } });
|
|
45
47
|
},
|
|
46
48
|
options: {
|
|
47
|
-
|
|
49
|
+
// Let's Encrypt 中对每个账户下的每个域名每个小时只允许有两次失败的 challenge,
|
|
50
|
+
// 所以这里设置为一个小于5的值
|
|
51
|
+
maxRetries: process.env.NODE_ENV === 'production' ? 2 : 0,
|
|
48
52
|
retryDelay: 10 * 1000,
|
|
49
53
|
maxTimeout: 60 * 1000, // throw timeout error after 1 minutes
|
|
50
54
|
id: (job) => this.getJobId(job),
|
|
@@ -80,7 +84,7 @@ class Manager extends EventEmitter {
|
|
|
80
84
|
await states.certificate.updateStatus(tmpDomain, CERT_STATUS.error);
|
|
81
85
|
}
|
|
82
86
|
|
|
83
|
-
this.emit('cert.error', data.job);
|
|
87
|
+
this.emit('cert.error', { ...data.job, error: data.error });
|
|
84
88
|
logger.error(`create certificate for ${tmpDomain} job failed`, { domain: tmpDomain, error: data.error });
|
|
85
89
|
});
|
|
86
90
|
}
|
|
@@ -101,6 +105,7 @@ class Manager extends EventEmitter {
|
|
|
101
105
|
}
|
|
102
106
|
|
|
103
107
|
let cert = await states.certificate.findOne({ domain });
|
|
108
|
+
|
|
104
109
|
if (!cert) {
|
|
105
110
|
cert = await states.certificate.insert({
|
|
106
111
|
domain,
|
|
@@ -138,9 +143,15 @@ class Manager extends EventEmitter {
|
|
|
138
143
|
async createOrRenewCert({ domain, subscriberEmail, force = false, challenges, metadata }) {
|
|
139
144
|
try {
|
|
140
145
|
if (!domain) {
|
|
141
|
-
throw new
|
|
146
|
+
throw new CustomError('domain is required when generate certificate');
|
|
142
147
|
}
|
|
143
148
|
|
|
149
|
+
const { address: ipAddress } = await dns.promises.lookup(domain, { family: 4 }).catch((error) => {
|
|
150
|
+
throw new CustomError(`DNS lookup failed: ${error.message}`);
|
|
151
|
+
});
|
|
152
|
+
|
|
153
|
+
logger.info('check domain dns success', { domain, ipAddress });
|
|
154
|
+
|
|
144
155
|
const cert = await states.certificate.findOne({ domain });
|
|
145
156
|
if (!cert) {
|
|
146
157
|
logger.warn(`create certificate failed: the cert ${domain} does not exist`);
|
|
@@ -191,8 +202,12 @@ class Manager extends EventEmitter {
|
|
|
191
202
|
this.emit('cert.issued', { id: cert.id, domain: data.subject, metadata });
|
|
192
203
|
return certs[0];
|
|
193
204
|
} catch (error) {
|
|
194
|
-
logger.error(`create certificate for ${domain} job failed`, error);
|
|
195
|
-
|
|
205
|
+
logger.error(`create certificate for ${domain} job failed`, { error });
|
|
206
|
+
if (error instanceof CustomError) {
|
|
207
|
+
throw error;
|
|
208
|
+
}
|
|
209
|
+
|
|
210
|
+
throw new Error('certificate manager error');
|
|
196
211
|
}
|
|
197
212
|
}
|
|
198
213
|
|
package/libs/error.js
ADDED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@abtnode/certificate-manager",
|
|
3
|
-
"version": "1.16.20-beta-
|
|
3
|
+
"version": "1.16.20-beta-e32e39d7",
|
|
4
4
|
"description": "Manage ABT Node SSL certificates",
|
|
5
5
|
"author": "polunzh <polunzh@gmail.com>",
|
|
6
6
|
"homepage": "https://github.com/ArcBlock/blocklet-server#readme",
|
|
@@ -32,11 +32,11 @@
|
|
|
32
32
|
"url": "https://github.com/ArcBlock/blocklet-server/issues"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@abtnode/cron": "1.16.20-beta-
|
|
36
|
-
"@abtnode/logger": "1.16.20-beta-
|
|
37
|
-
"@abtnode/models": "1.16.20-beta-
|
|
38
|
-
"@abtnode/queue": "1.16.20-beta-
|
|
39
|
-
"@abtnode/util": "1.16.20-beta-
|
|
35
|
+
"@abtnode/cron": "1.16.20-beta-e32e39d7",
|
|
36
|
+
"@abtnode/logger": "1.16.20-beta-e32e39d7",
|
|
37
|
+
"@abtnode/models": "1.16.20-beta-e32e39d7",
|
|
38
|
+
"@abtnode/queue": "1.16.20-beta-e32e39d7",
|
|
39
|
+
"@abtnode/util": "1.16.20-beta-e32e39d7",
|
|
40
40
|
"@fidm/x509": "^1.2.1",
|
|
41
41
|
"@greenlock/manager": "^3.1.0",
|
|
42
42
|
"@root/acme": "^3.1.0",
|
|
@@ -49,5 +49,5 @@
|
|
|
49
49
|
"lodash.get": "^4.4.2",
|
|
50
50
|
"punycode": "^2.1.1"
|
|
51
51
|
},
|
|
52
|
-
"gitHead": "
|
|
52
|
+
"gitHead": "01ff4e9304b150d7c12872d417b81327792ad8e5"
|
|
53
53
|
}
|