Add more debug logging

This commit is contained in:
Melon 2024-09-21 14:31:23 +01:00
parent 76baa5f33f
commit 37964ad546
Signed by: melon
GPG Key ID: 6C9D970C50D26A25
4 changed files with 25 additions and 13 deletions

View File

@ -14,7 +14,6 @@ import (
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
"github.com/mrmelon54/exit-reload" "github.com/mrmelon54/exit-reload"
"gopkg.in/yaml.v3" "gopkg.in/yaml.v3"
"log"
"os" "os"
"path/filepath" "path/filepath"
"sync" "sync"
@ -67,13 +66,13 @@ func normalLoad(conf startUpConfig, wd string) {
// load the MJWT RSA public key from a pem encoded file // load the MJWT RSA public key from a pem encoded file
mJwtVerify, err := mjwt.NewKeyStoreFromPath(filepath.Join(wd, "keys")) mJwtVerify, err := mjwt.NewKeyStoreFromPath(filepath.Join(wd, "keys"))
if err != nil { if err != nil {
log.Fatalf("[Orchid] Failed to load MJWT verifier public key from file '%s': %s", filepath.Join(wd, "keys"), err) logger.Logger.Fatal("Failed to load MJWT verifier public key from file", "path", filepath.Join(wd, "keys"), "err", err)
} }
// open sqlite database // open sqlite database
db, err := orchid.InitDB(filepath.Join(wd, "orchid.db.sqlite")) db, err := orchid.InitDB(filepath.Join(wd, "orchid.db.sqlite"))
if err != nil { if err != nil {
log.Fatal("[Orchid] Failed to open database:", err) logger.Logger.Fatal("Failed to open database", "err", err)
} }
certDir := filepath.Join(wd, "renewal-certs") certDir := filepath.Join(wd, "renewal-certs")
@ -82,11 +81,11 @@ func normalLoad(conf startUpConfig, wd string) {
wg := &sync.WaitGroup{} wg := &sync.WaitGroup{}
acmeProv, err := httpAcme.NewHttpAcmeProvider(filepath.Join(wd, "tokens.yml"), conf.Acme.PresentUrl, conf.Acme.CleanUpUrl, conf.Acme.RefreshUrl) acmeProv, err := httpAcme.NewHttpAcmeProvider(filepath.Join(wd, "tokens.yml"), conf.Acme.PresentUrl, conf.Acme.CleanUpUrl, conf.Acme.RefreshUrl)
if err != nil { if err != nil {
log.Fatal("[Orchid] HTTP Acme Error:", err) logger.Logger.Fatal("HTTP Acme Error", "err", err)
} }
renewalService, err := renewal.NewService(wg, db, acmeProv, conf.LE, certDir, keyDir) renewalService, err := renewal.NewService(wg, db, acmeProv, conf.LE, certDir, keyDir)
if err != nil { if err != nil {
log.Fatal("[Orchid] Service Error:", err) logger.Logger.Fatal("Service Error", "err", err)
} }
srv := servers.NewApiServer(conf.Listen, db, mJwtVerify, conf.Domains) srv := servers.NewApiServer(conf.Listen, db, mJwtVerify, conf.Domains)
logger.Logger.Info("Starting API server", "listen", srv.Addr) logger.Logger.Info("Starting API server", "listen", srv.Addr)

View File

@ -201,6 +201,8 @@ var ErrAlreadyRenewing = errors.New("already renewing")
// renewalRoutine is the main loop which makes used of certTicker to constantly // renewalRoutine is the main loop which makes used of certTicker to constantly
// check if the existing certificates are up-to-date. // check if the existing certificates are up-to-date.
func (s *Service) renewalRoutine(wg *sync.WaitGroup) { func (s *Service) renewalRoutine(wg *sync.WaitGroup) {
Logger.Debug("Starting renewalRoutine")
// Upon leaving the function stop the ticker and clear the WaitGroup. // Upon leaving the function stop the ticker and clear the WaitGroup.
defer func() { defer func() {
s.certTicker.Stop() s.certTicker.Stop()
@ -226,6 +228,8 @@ func (s *Service) renewalRoutine(wg *sync.WaitGroup) {
// Exit if certDone has closed // Exit if certDone has closed
return return
case <-s.certTicker.C: case <-s.certTicker.C:
Logger.Debug("Ticking certificate renewal")
// Start a new check in a separate routine // Start a new check in a separate routine
go func() { go func() {
// run a renewal check and log errors, but ignore ErrAlreadyRenewing // run a renewal check and log errors, but ignore ErrAlreadyRenewing
@ -246,6 +250,8 @@ func (s *Service) renewalCheck() error {
} }
defer s.renewLock.Unlock() defer s.renewLock.Unlock()
Logger.Debug("Running renewalCheck")
// check for running out certificates in the database // check for running out certificates in the database
localData, err := s.findNextCertificateToRenew() localData, err := s.findNextCertificateToRenew()
if err != nil { if err != nil {
@ -254,12 +260,14 @@ func (s *Service) renewalCheck() error {
// no certificates to update // no certificates to update
if localData == nil { if localData == nil {
Logger.Debug("No certificates to update")
return nil return nil
} }
// renew the certificate from the collected data // renew the certificate from the collected data
err = s.renewCert(localData) err = s.renewCert(localData)
if err != nil { if err != nil {
Logger.Debug("Failed to renew certificate", "err", err)
return err return err
} }
@ -392,6 +400,7 @@ func (s *Service) getPrivateKey(id int64) (*rsa.PrivateKey, error) {
func (s *Service) renewCert(localData *localCertData) error { func (s *Service) renewCert(localData *localCertData) error {
// database synchronous state // database synchronous state
s.setRenewing(localData.id, true, false) s.setRenewing(localData.id, true, false)
Logger.Debug("No certificates to update")
// run internal renewal code and log errors // run internal renewal code and log errors
cert, certBytes, err := s.renewCertInternal(localData) cert, certBytes, err := s.renewCertInternal(localData)

View File

@ -10,8 +10,10 @@ import (
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"github.com/1f349/orchid" "github.com/1f349/orchid"
"github.com/1f349/orchid/logger"
"github.com/1f349/orchid/pebble" "github.com/1f349/orchid/pebble"
"github.com/1f349/orchid/test" "github.com/1f349/orchid/test"
"github.com/charmbracelet/log"
"github.com/go-acme/lego/v4/lego" "github.com/go-acme/lego/v4/lego"
"github.com/google/uuid" "github.com/google/uuid"
_ "github.com/mattn/go-sqlite3" _ "github.com/mattn/go-sqlite3"
@ -71,7 +73,7 @@ func setupPebbleSuite(tb testing.TB) (*certgen.CertGen, func()) {
assert.NoError(tb, os.WriteFile(filepath.Join(pebbleTmp, "certs", "localhost", "cert.pem"), serverTls.GetCertPem(), os.ModePerm)) assert.NoError(tb, os.WriteFile(filepath.Join(pebbleTmp, "certs", "localhost", "cert.pem"), serverTls.GetCertPem(), os.ModePerm))
assert.NoError(tb, os.WriteFile(filepath.Join(pebbleTmp, "certs", "localhost", "key.pem"), serverTls.GetKeyPem(), os.ModePerm)) assert.NoError(tb, os.WriteFile(filepath.Join(pebbleTmp, "certs", "localhost", "key.pem"), serverTls.GetKeyPem(), os.ModePerm))
dnsServer := test.MakeFakeDnsProv("127.0.0.34:5053") // 127.0.0.34:53 dnsServer := test.MakeFakeDnsProv("127.243.243.34:5053") // 127.243.243.34:53
dnsServer.AddRecursiveSOA("example.test.") dnsServer.AddRecursiveSOA("example.test.")
go dnsServer.Start() go dnsServer.Start()
testDnsOptions = dnsServer testDnsOptions = dnsServer
@ -140,6 +142,8 @@ func deconstructPebbleTest(t *testing.T, service *Service) {
} }
func TestPebbleRenewal(t *testing.T) { func TestPebbleRenewal(t *testing.T) {
logger.Logger.SetLevel(log.DebugLevel)
if testing.Short() { if testing.Short() {
t.Skip("Skipping renewal tests in short mode") t.Skip("Skipping renewal tests in short mode")
} }

View File

@ -2,10 +2,10 @@ package test
import ( import (
"fmt" "fmt"
"github.com/1f349/orchid/logger"
"github.com/go-acme/lego/v4/challenge" "github.com/go-acme/lego/v4/challenge"
"github.com/go-acme/lego/v4/challenge/dns01" "github.com/go-acme/lego/v4/challenge/dns01"
"github.com/miekg/dns" "github.com/miekg/dns"
"log"
"strings" "strings"
) )
@ -47,13 +47,13 @@ func (f *fakeDnsProv) AddRecursiveSOA(fqdn string) {
func (f *fakeDnsProv) Present(domain, _, keyAuth string) error { func (f *fakeDnsProv) Present(domain, _, keyAuth string) error {
info := dns01.GetChallengeInfo(domain, keyAuth) info := dns01.GetChallengeInfo(domain, keyAuth)
f.mTxt[info.EffectiveFQDN] = info.Value f.mTxt[info.EffectiveFQDN] = info.Value
log.Printf("fakeDnsProv.Present(%s TXT %s)\n", info.EffectiveFQDN, info.Value) logger.Logger.Infof("fakeDnsProv.Present(%s TXT %s)", info.EffectiveFQDN, info.Value)
return nil return nil
} }
func (f *fakeDnsProv) CleanUp(domain, _, keyAuth string) error { func (f *fakeDnsProv) CleanUp(domain, _, keyAuth string) error {
info := dns01.GetChallengeInfo(domain, keyAuth) info := dns01.GetChallengeInfo(domain, keyAuth)
delete(f.mTxt, info.EffectiveFQDN) delete(f.mTxt, info.EffectiveFQDN)
log.Printf("fakeDnsProv.CleanUp(%s TXT %s)\n", info.EffectiveFQDN, info.Value) logger.Logger.Infof("fakeDnsProv.CleanUp(%s TXT %s)", info.EffectiveFQDN, info.Value)
return nil return nil
} }
func (f *fakeDnsProv) GetDnsAddrs() []string { return []string{f.Addr} } func (f *fakeDnsProv) GetDnsAddrs() []string { return []string{f.Addr} }
@ -62,7 +62,7 @@ func (f *fakeDnsProv) parseQuery(m *dns.Msg) {
for _, q := range m.Question { for _, q := range m.Question {
switch q.Qtype { switch q.Qtype {
case dns.TypeTXT: case dns.TypeTXT:
log.Printf("Looking up %s TXT record\n", q.Name) logger.Logger.Info("Looking up TXT record", "name", q.Name)
txt := f.mTxt[q.Name] txt := f.mTxt[q.Name]
if txt != "" { if txt != "" {
rr, err := dns.NewRR(fmt.Sprintf("%s 32600 IN TXT \"%s\"", q.Name, txt)) rr, err := dns.NewRR(fmt.Sprintf("%s 32600 IN TXT \"%s\"", q.Name, txt))
@ -71,7 +71,7 @@ func (f *fakeDnsProv) parseQuery(m *dns.Msg) {
} }
} }
default: default:
log.Printf("Looking up %d for %s\n", q.Qtype, q.Name) logger.Logger.Info("Looking up", "qtype", q.Qtype, "name", q.Name)
} }
} }
} }
@ -95,10 +95,10 @@ func (f *fakeDnsProv) Start() {
// start server // start server
f.srv = &dns.Server{Addr: f.Addr, Net: "udp"} f.srv = &dns.Server{Addr: f.Addr, Net: "udp"}
log.Printf("Starting fake dns service at %s\n", f.srv.Addr) logger.Logger.Info("Starting fake dns service", "addr", f.srv.Addr)
err := f.srv.ListenAndServe() err := f.srv.ListenAndServe()
if err != nil { if err != nil {
log.Fatalf("Failed to start server: %s\n ", err.Error()) logger.Logger.Fatal("Failed to start server", "err", err)
} }
} }