Check cache from domain_whitelist_callback? about lua-resty-acme HOT 7 CLOSED

@DoobleD yes that will definitely be possible

from lua-resty-acme.

There isn't a WIP, but I'm curious on how to make this generic (not 100% sure about what you trying to do yet :) ). That being
said, PRs are welcomed!

from lua-resty-acme.

I'll try one then. :)

To give some explanation, what I'm trying to do is improve performance for our use case. What's costly/slow for us is querying our "is domain whitelisted" HTTP endpoint everytime in domain_whitelist_callback.

One way to avoid that as much as possible is to rely on the LRU cache internally used by the plugin. If the cert is in cache, it means the domain was allowed less than 1h ago (the LRU cache TTL is 1h). That's good enough, no need for us to call our endpoint.

We could alternatively look up the storage, but our storage type is file, and that's more costly too than looking up in the LRU cache.

The only downside is that if the domain is no longer allowed, its cert is still being served for 1h, until the cert is removed from cache. But that's ok for us. And that's another reason to not look up in storage instead, as file storage is permanent. 1h of wrongly continuing to serve the cert is fine, but continuing forever would be very bad.

from lua-resty-acme.

@DoobleD yes you can access storage in the domain_whitelist_callback function, cosocket API should be available there.

from lua-resty-acme.

@DoobleD yes you can access storage in the domain_whitelist_callback function, cosocket API should be available there.

Thank you for the reply @fffonion. I'm not looking to access the storage (file in my case), but really the LRU cache used to cache certs. Is that possible?

from lua-resty-acme.

Thank you @fffonion! Is that in the works already? If not, I'll be happy to try a PR. :)

from lua-resty-acme.

Hanlded with #96. Thanks for merging!

from lua-resty-acme.