From af51d1605fdb933518e5e0e61082fe93548c0916 Mon Sep 17 00:00:00 2001
From: Hendrik Jäger <gitcommit@henk.geekmail.org>
Date: Thu, 1 Feb 2024 21:16:53 +0100
Subject: only do auth if not still valid

---
 macir.rb | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'macir.rb')

diff --git a/macir.rb b/macir.rb
index 57ec69e..64e9d81 100644
--- a/macir.rb
+++ b/macir.rb
@@ -110,7 +110,7 @@ def wait_for_challenge_propagation( domain, challenge )
     begin
       p 'Querying ACME challenge record'
       result = res.query_no_validation_or_recursion( "_acme-challenge." + domain, "TXT" )
-      p result
+      # p result
       propagated = result.answer.any? do |answer|
         answer.rdata[0] == challenge.record_content
       end
@@ -187,6 +187,8 @@ config['certs'].each_pair do |cert_name, cert_opts|
 
   p "Creating order object for cert #{cert_name}"
   order = client.new_order(identifiers: cert_opts['domain_names'] )
+  p 'order status'
+  p order.status
   if order.status != 'ready'
     p 'Order is not ready, we need to authorize first'
 
@@ -194,6 +196,11 @@ config['certs'].each_pair do |cert_name, cert_opts|
     order.authorizations.each do |auth|
       p "Processing authorization for #{auth.domain}"
       p "Finding challenge type for #{auth.domain}"
+      if auth.status == 'valid'
+        p "Authorization for #{auth.domain} is still valid, skipping"
+        next
+      end
+
       challenge = auth.dns01
       deploy_dns01_challenge_token( auth.domain, challenge, config['domains'][auth.domain]['primary_ns'], config )
       wait_for_challenge_propagation( auth.domain, challenge )
-- 
cgit v1.2.3