From e4fcbedec564dc2441bfbaf141040804c91ce399 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vladim=C3=ADr=20Magyar?= <vladimir@mgyar.me>
Date: Tue, 11 Jan 2022 10:44:09 +0100
Subject: [PATCH] Remake to SIGHUP

---
 keypair_reloader.go | 38 +++++++++++---------------------------
 1 file changed, 11 insertions(+), 27 deletions(-)

diff --git a/keypair_reloader.go b/keypair_reloader.go
index dd54deb..1bedf20 100644
--- a/keypair_reloader.go
+++ b/keypair_reloader.go
@@ -4,10 +4,10 @@ import (
 	"crypto/tls"
 	"log"
 	"net/http"
-	"path/filepath"
+	"os"
+	"os/signal"
 	"sync"
-
-	"github.com/fsnotify/fsnotify"
+	"syscall"
 )
 
 type keypairReloader struct {
@@ -17,7 +17,7 @@ type keypairReloader struct {
 	keyPath  string
 }
 
-func NewKeypairReloader(certPath, keyPath string) (*keypairReloader, error) {
+func newKeypairReloader(certPath, keyPath string) (*keypairReloader, error) {
 	result := &keypairReloader{
 		certPath: certPath,
 		keyPath:  keyPath,
@@ -27,32 +27,16 @@ func NewKeypairReloader(certPath, keyPath string) (*keypairReloader, error) {
 		return nil, err
 	}
 	result.cert = &cert
-	watcher, err := fsnotify.NewWatcher()
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer watcher.Close()
 	go func() {
-		for {
-			select {
-			case event, ok := <-watcher.Events:
-				if !ok {
-					return
-				}
-				log.Printf("INFO: File modified %s, reloading TLS certificate and key from %q and %q", event.Name, certPath, keyPath)
-				if err := result.maybeReload(); err != nil {
-					log.Printf("ERROR: Keeping old TLS certificate because the new one could not be loaded: %v", err)
-				}
-			case err, ok := <-watcher.Errors:
-				if !ok {
-					return
-				}
-				log.Println("ERROR:", err)
+		c := make(chan os.Signal, 1)
+		signal.Notify(c, syscall.SIGHUP)
+		for range c {
+			log.Printf("INFO: Received SIGHUP, reloading TLS certificate and key from %q and %q", certPath, keyPath)
+			if err := result.maybeReload(); err != nil {
+				log.Printf("ERROR: Keeping old TLS certificate because the new one could not be loaded: %v", err)
 			}
 		}
 	}()
-	log.Printf("INFO: watching tls cerst at: %s", filepath.Dir(certPath))
-	watcher.Add(filepath.Dir(certPath))
 	return result, nil
 }
 
@@ -77,7 +61,7 @@ func (kpr *keypairReloader) GetCertificateFunc() func(*tls.ClientHelloInfo) (*tl
 
 func WithKeyPairReloader(certPath, keyPath string) func(*http.Server) {
 	return func(srv *http.Server) {
-		kpr, err := NewKeypairReloader(certPath, keyPath)
+		kpr, err := newKeypairReloader(certPath, keyPath)
 		if err != nil {
 			log.Fatal(err)
 		}
-- 
2.38.5