add wait logic for other plugins generating certs

daywalker90 · Dec 17, 2024 · 1cdfd8c · 1cdfd8c
1 parent ceed9a0
commit 1cdfd8c
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 11 deletions.
diff --git a/src/certs.rs b/src/certs.rs
@@ -2,7 +2,7 @@ use anyhow::Error;
 use rcgen::{CertificateParams, DistinguishedName, KeyPair};
 use std::fs;
 use std::net::IpAddr;
-use std::path::PathBuf;
+use std::path::{Path, PathBuf};
 
 pub fn generate_certificates(certs_path: &PathBuf, rest_host: &str) -> Result<(), Error> {
     /* Generate the CA certificate */
@@ -74,3 +74,19 @@ pub fn generate_certificates(certs_path: &PathBuf, rest_host: &str) -> Result<()
 
     Ok(())
 }
+
+pub fn do_certificates_exist(cert_dir: &Path) -> bool {
+    let required_files = [
+        "server.pem",
+        "server-key.pem",
+        "client.pem",
+        "client-key.pem",
+        "ca.pem",
+        "ca-key.pem",
+    ];
+
+    required_files.iter().all(|file| {
+        let path = cert_dir.join(file);
+        path.exists() && path.metadata().map(|m| m.len() > 0).unwrap_or(false)
+    })
+}
diff --git a/src/main.rs b/src/main.rs
@@ -1,4 +1,4 @@
-use std::{net::SocketAddr, str::FromStr};
+use std::{net::SocketAddr, str::FromStr, time::Duration};
 
 use axum::{
     http::{HeaderName, HeaderValue},
@@ -7,15 +7,18 @@ use axum::{
     Extension, Router,
 };
 use axum_server::tls_rustls::RustlsConfig;
-use certs::generate_certificates;
+use certs::{do_certificates_exist, generate_certificates};
 use cln_plugin::Builder;
 use handlers::{
     call_rpc_method, handle_notification, header_inspection_middleware, list_methods,
     socketio_on_connect,
 };
 use options::*;
 use socketioxide::SocketIo;
-use tokio::sync::mpsc::{self, Receiver, Sender};
+use tokio::{
+    sync::mpsc::{self, Receiver, Sender},
+    time,
+};
 use tower::ServiceBuilder;
 use tower_http::set_header::SetResponseHeaderLayer;
 use utoipa::{
@@ -142,13 +145,16 @@ async fn main() -> Result<(), anyhow::Error> {
 
     match clnrest_options.protocol {
         ClnrestProtocol::Https => {
-            if !clnrest_options.certs.join("server.pem").exists()
-                || !clnrest_options.certs.join("server-key.pem").exists()
-                || !clnrest_options.certs.join("client.pem").exists()
-                || !clnrest_options.certs.join("client-key.pem").exists()
-                || !clnrest_options.certs.join("ca.pem").exists()
-                || !clnrest_options.certs.join("ca-key.pem").exists()
-            {
+            let max_retries = 10;
+            let mut retries = 0;
+            while retries < max_retries && !do_certificates_exist(&clnrest_options.certs) {
+                log::debug!("Certificates incomplete. Retrying...");
+                time::sleep(Duration::from_millis(500)).await;
+                retries += 1;
+            }
+
+            if !do_certificates_exist(&clnrest_options.certs) {
+                log::debug!("Certificates still not existing after retries. Generating...");
                 generate_certificates(&clnrest_options.certs, &plugin.option(&OPT_CLNREST_HOST)?)?;
             }