njs-acme icon indicating copy to clipboard operation
njs-acme copied to clipboard

Published 20 hours ago verified publisher icon nginx

Allow external cache invalidation

Open NetForce1 opened this issue 10 months ago • 0 comments

Is your feature request related to a problem? Please describe

When running nginx in a cluster with shared storage for njs-acme, you need to be able to invalidate the cache across the cluster. Otherwise only a single node will use the updated certificate.

Describe the solution you'd like

A function exported from acme.js that clears the cache. Can be either based on the request, or the whole cache. This would make it possible for the node that renews the certificate to call an enpoint at the other nodes to clear the cache.

To be able to do this, it would probably be cleanest to export a function that returns structured information (like clientAutoModeInternal), or add the ability for registering a hook that is called on certificate renewal. One can than implement calling the other nodes in some custom njs code.

NetForce1 avatar Apr 03 '24 12:04 NetForce1