enhance(auto-cert): update ignore condition

2026-05-06 22:12:23 +08:00 · 2025-06-28 08:33:21 +08:00
parent 69250a6cbe
commit ccebcfdf66
2 changed files with 12 additions and 3 deletions
--- a/.devcontainer/pebble-test/config/pebble-config.json
+++ b/.devcontainer/pebble-test/config/pebble-config.json
@@ -20,7 +20,7 @@
      },
      "shortlived": {
        "description": "A short-lived cert profile, without actual enforcement",
-        "validityPeriod": 518400
+        "validityPeriod": 7776000
      }
    }
  }
--- a/internal/cert/auto_cert.go
+++ b/internal/cert/auto_cert.go
@@ -61,8 +61,17 @@ func autoCert(certModel *model.Cert) {
 		notification.Error("Renew Certificate Error", strings.Join(certModel.Domains, ", "), nil)
 		return
 	}
-	if int(time.Now().Sub(certInfo.NotBefore).Hours()/24) < settings.CertSettings.GetCertRenewalInterval() {
-		// not after settings.ServerSettings.RenewalInterval, ignore
+
+	// Calculate certificate age (days since NotBefore)
+	certAge := int(time.Since(certInfo.NotBefore).Hours() / 24)
+	// Calculate days until expiration
+	daysUntilExpiration := int(time.Until(certInfo.NotAfter).Hours() / 24)
+
+	// Skip renewal only if:
+	// 1. Certificate age is less than renewal interval AND
+	// 2. Certificate has more than 6 days remaining before expiration
+	if certAge < settings.CertSettings.GetCertRenewalInterval() && daysUntilExpiration > 6 {
+		// Certificate is too young and not expiring soon, ignore
 		return
 	}