dont renew unless timeleft < 30 days

certs/certs.go

@@ -5,7 +5,9 @@ import (
 	"log"
 	"os"
 	"strings"
+	"time"
 
+	"github.com/go-acme/lego/v4/certcrypto"
 	"github.com/go-acme/lego/v4/certificate"
 	"github.com/go-acme/lego/v4/challenge/dns01"
 	"github.com/go-acme/lego/v4/lego"
@@ -20,7 +22,19 @@ type certsClient struct {
 func (c *certsClient) RequestCertificate() {
 	log.Println("requesting a certificate")
 	if c.lastCertificate != nil {
-		c.RenewCertificate()
+		certificates, err := certcrypto.ParsePEMBundle(c.lastCertificate.Certificate)
+		if err != nil {
+			log.Fatal(err)
+		}
+
+		x509Cert := certificates[0]
+		timeLeft := x509Cert.NotAfter.Sub(time.Now().UTC())
+		if timeLeft > time.Hour*24*30 {
+			log.Printf("%d days left before expiration, will not renew", int(timeLeft.Hours()/24))
+			return
+		}
+
+		c.renewCertificate()
 		return
 	}
 
@@ -38,7 +52,7 @@ func (c *certsClient) RequestCertificate() {
 	log.Printf("%#v\n", certificates)
 }
 
-func (c *certsClient) RenewCertificate() {
+func (c *certsClient) renewCertificate() {
 	log.Println("renewing currently existing certificate")
 	certificates, err := c.legoClient.Certificate.Renew(*c.lastCertificate, true, false, "")
 	if err != nil {

main.go

@@ -2,7 +2,6 @@ package main
 
 import (
 	"flag"
-	"log"
 	"strings"
 	"time"
 
@@ -23,7 +22,6 @@ func main() {
 
 	go func() {
 		account := certs.LoadAccount()
-		log.Println(account.Registration.Body.Contact)
 		certsClient := certs.NewCertsClient(n, account)
 
 		time.Sleep(5 * time.Second)
@@ -32,7 +30,7 @@ func main() {
 		for {
 			// renew certificate every month
 			time.Sleep(30 * 24 * time.Hour)
-			certsClient.RenewCertificate()
+			certsClient.RequestCertificate()
 		}
 	}()