fix expired cert renewal (#8)

* loosen sinatra dependency for broader compatibility * fix for expired order/cert renewal
anchordotdev · Apr 11, 2024 · 4f05e65 · 4f05e65
1 parent 8fc99cb
commit 4f05e65
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/lib/puma/acme/plugin.rb b/lib/puma/acme/plugin.rb
@@ -124,7 +124,7 @@ def provision(cert, poll_interval:)
           @manager.account!
         end
 
-        if cert.order.nil?
+        if cert.order.nil? || cert.order.expired?
           @logger.debug 'Acme: creating order'
           @manager.order!(cert)
         else

diff --git a/lib/puma/acme/structs.rb b/lib/puma/acme/structs.rb
@@ -67,8 +67,12 @@ def names
         identifiers&.map(&:value)
       end
 
+      def expired?(now: Time.now.utc)
+        x509.not_after > now
+      end
+
       def usable?(now: Time.now.utc)
-        !cert_pem.nil? && !key_pem.nil? && x509.not_after > now
+        !cert_pem.nil? && !key_pem.nil? && !expired?(now: now)
       end
 
       def renewable?(renew_in, now: Time.now.utc)
@@ -129,6 +133,10 @@ def self.from(acme_order)
 
         new(acme_order.to_h.slice(*members).merge(identifiers: identifiers, authorizations: authorizations))
       end
+
+      def expired?(now: Time.now.utc)
+        not_after > now
+      end
     end
   end
 end
diff --git a/puma-acme.gemspec b/puma-acme.gemspec
@@ -24,7 +24,7 @@ Gem::Specification.new do |s|
   s.add_runtime_dependency 'acme-client', '~> 2.0.13'
   s.add_runtime_dependency 'pstore', '~> 0.1'
   s.add_runtime_dependency 'puma', '~> 6.0'
-  s.add_runtime_dependency 'sinatra', '~> 4.0'
+  s.add_runtime_dependency 'sinatra', '>= 3.2'
 
   s.add_development_dependency 'http.rb', '~> 0.12'
   s.add_development_dependency 'minitest', '~> 5.14'