only do auth if not still valid

diff --git a/macir.rb b/macir.rb
index 57ec69e783be82629fa3c0076e011d1999c6117d..64e9d8121dd2182908d27129c8341e94b812b4bd 100644 (file)
--- a/macir.rb
+++ b/macir.rb
@@ -110,7 +110,7 @@ def wait_for_challenge_propagation( domain, challenge )
     begin
       p 'Querying ACME challenge record'
       result = res.query_no_validation_or_recursion( "_acme-challenge." + domain, "TXT" )
-      p result
+      # p result
       propagated = result.answer.any? do |answer|
         answer.rdata[0] == challenge.record_content
       end
@@ -187,6 +187,8 @@ config['certs'].each_pair do |cert_name, cert_opts|
 
   p "Creating order object for cert #{cert_name}"
   order = client.new_order(identifiers: cert_opts['domain_names'] )
+  p 'order status'
+  p order.status
   if order.status != 'ready'
     p 'Order is not ready, we need to authorize first'
 
@@ -194,6 +196,11 @@ config['certs'].each_pair do |cert_name, cert_opts|
     order.authorizations.each do |auth|
       p "Processing authorization for #{auth.domain}"
       p "Finding challenge type for #{auth.domain}"
+      if auth.status == 'valid'
+        p "Authorization for #{auth.domain} is still valid, skipping"
+        next
+      end
+
       challenge = auth.dns01
       deploy_dns01_challenge_token( auth.domain, challenge, config['domains'][auth.domain]['primary_ns'], config )
       wait_for_challenge_propagation( auth.domain, challenge )