Comments (7)
@DoobleD yes that will definitely be possible
from lua-resty-acme.
There isn't a WIP, but I'm curious on how to make this generic (not 100% sure about what you trying to do yet :) ). That being
said, PRs are welcomed!
from lua-resty-acme.
I'll try one then. :)
To give some explanation, what I'm trying to do is improve performance for our use case. What's costly/slow for us is querying our "is domain whitelisted" HTTP endpoint everytime in domain_whitelist_callback
.
One way to avoid that as much as possible is to rely on the LRU cache internally used by the plugin. If the cert is in cache, it means the domain was allowed less than 1h ago (the LRU cache TTL is 1h). That's good enough, no need for us to call our endpoint.
We could alternatively look up the storage, but our storage type is file, and that's more costly too than looking up in the LRU cache.
The only downside is that if the domain is no longer allowed, its cert is still being served for 1h, until the cert is removed from cache. But that's ok for us. And that's another reason to not look up in storage instead, as file storage is permanent. 1h of wrongly continuing to serve the cert is fine, but continuing forever would be very bad.
from lua-resty-acme.
@DoobleD yes you can access storage
in the domain_whitelist_callback
function, cosocket API should be available there.
from lua-resty-acme.
@DoobleD yes you can access
storage
in thedomain_whitelist_callback
function, cosocket API should be available there.
Thank you for the reply @fffonion. I'm not looking to access the storage (file in my case), but really the LRU cache used to cache certs. Is that possible?
from lua-resty-acme.
Thank you @fffonion! Is that in the works already? If not, I'll be happy to try a PR. :)
from lua-resty-acme.
Hanlded with #96. Thanks for merging!
from lua-resty-acme.
Related Issues (20)
- 按照Synopsis的步骤操作之后,没有生效,访问网站发现使用的是fallback证书,如何查找原因呢? HOT 4
- During renewal, errors on list() operation from consul storage is not logged: instead results in runtime error
- dns-01 challenge HOT 3
- How do I use ZeroSSL? HOT 3
- Error while trying to use subdomain with "_" simbol HOT 2
- How to use it? HOT 3
- -
- - HOT 1
- ZeroSSL integration failing to create account HOT 5
- How to configure other storage configs when in DB-less? HOT 2
- Zerossl config api_uri but error ngx.timer HOT 5
- Storage adapter not connect redis HOT 1
- -
- BoringSSL not working HTTP3 HOT 2
- error during acme login HOT 2
- get_certkey_parsed: Pass stale certificate if getting certificate from storage fails HOT 2
- Problem with update locks HOT 4
- Option to delete none whitelisted domains in certificate update HOT 2
- Ability to block the first request until certs are created? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lua-resty-acme.