minor improvements
This commit is contained in:
crapStone
crapStone
parent
b5ad34e0af
commit
d9c3ebcd0e
|
|
@ -28,8 +28,6 @@ import (
|
|||
|
||||
var ErrUserRateLimitExceeded = errors.New("rate limit exceeded: 10 certificates per user per 24 hours")
|
||||
|
||||
var keyCache *lru.Cache[string, tls.Certificate]
|
||||
|
||||
// TLSConfig returns the configuration for generating, serving and cleaning up Let's Encrypt certificates.
|
||||
func TLSConfig(mainDomainSuffix string,
|
||||
giteaClient *gitea.Client,
|
||||
|
|
@ -40,6 +38,12 @@ func TLSConfig(mainDomainSuffix string,
|
|||
noDNS01 bool,
|
||||
rawDomain string,
|
||||
) *tls.Config {
|
||||
|
||||
keyCache, err := lru.New[string, tls.Certificate](32)
|
||||
if err != nil {
|
||||
panic(err) // This should only happen if 32 < 0 at the time of writing, which should be reason enough to panic.
|
||||
}
|
||||
|
||||
return &tls.Config{
|
||||
// check DNS name & get certificate from Let's Encrypt
|
||||
GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
||||
|
|
@ -109,14 +113,6 @@ func TLSConfig(mainDomainSuffix string,
|
|||
}
|
||||
}
|
||||
|
||||
if keyCache == nil {
|
||||
var err error
|
||||
keyCache, err = lru.New[string, tls.Certificate](4096)
|
||||
if err != nil {
|
||||
panic(err) // This should only happen if 4096 < 0 at the time of writing, which should be reason enough to panic.
|
||||
}
|
||||
}
|
||||
|
||||
if tlsCertificate, ok := keyCache.Get(domain); ok {
|
||||
// we can use an existing certificate object
|
||||
return &tlsCertificate, nil
|
||||
|
|
|
|||
|
|
@ -5,19 +5,14 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
lru "github.com/hashicorp/golang-lru/v2"
|
||||
"github.com/hashicorp/golang-lru/v2/expirable"
|
||||
)
|
||||
|
||||
type lookupCacheEntry struct {
|
||||
cachedName string
|
||||
timestamp time.Time
|
||||
}
|
||||
const lookupCacheValidity = 30 * time.Second
|
||||
const defaultPagesRepo = "pages"
|
||||
|
||||
var lookupCacheValidity = 30 * time.Second
|
||||
|
||||
var lookupCache *lru.Cache[string, lookupCacheEntry]
|
||||
|
||||
var defaultPagesRepo = "pages"
|
||||
// TODO(): refactor to not use global variables
|
||||
var lookupCache *expirable.LRU[string, string] = expirable.NewLRU[string, string](4096, nil, lookupCacheValidity)
|
||||
|
||||
// GetTargetFromDNS searches for CNAME or TXT entries on the request domain ending with MainDomainSuffix.
|
||||
// If everything is fine, it returns the target data.
|
||||
|
|
@ -26,14 +21,8 @@ func GetTargetFromDNS(domain, mainDomainSuffix, firstDefaultBranch string) (targ
|
|||
var cname string
|
||||
var err error
|
||||
|
||||
if lookupCache == nil {
|
||||
lookupCache, err = lru.New[string, lookupCacheEntry](4096)
|
||||
if err != nil {
|
||||
panic(err) // This should only happen if 4096 < 0 at the time of writing, which should be reason enough to panic.
|
||||
}
|
||||
}
|
||||
if entry, ok := lookupCache.Get(domain); ok && time.Now().Before(entry.timestamp.Add(lookupCacheValidity)) {
|
||||
cname = entry.cachedName
|
||||
if entry, ok := lookupCache.Get(domain); ok {
|
||||
cname = entry
|
||||
} else {
|
||||
cname, err = net.LookupCNAME(domain)
|
||||
cname = strings.TrimSuffix(cname, ".")
|
||||
|
|
@ -51,10 +40,7 @@ func GetTargetFromDNS(domain, mainDomainSuffix, firstDefaultBranch string) (targ
|
|||
}
|
||||
}
|
||||
}
|
||||
_ = lookupCache.Add(domain, lookupCacheEntry{
|
||||
cname,
|
||||
time.Now(),
|
||||
})
|
||||
_ = lookupCache.Add(domain, cname)
|
||||
}
|
||||
if cname == "" {
|
||||
return
|
||||
|
|
|
|||
Loading…
Reference in New Issue