fix: dont init certificates with self-signed by default

stapler/cert_manager.py

@@ -37,7 +37,7 @@ class CertManager:
         self.with_certbot: bool = params.with_certbot
         self.last_file_change: int | float = 0
 
-    def init(self, hosts: list[str]) -> None:
+    def init(self) -> None:
         self.logger.debug("Initializing...")
         if not self.certbot_www.exists():
             self.certbot_www.mkdir(parents=True)
@@ -45,8 +45,6 @@ class CertManager:
         if not self.self_signed_path.exists():
             self.self_signed_path.mkdir(parents=True)
             self.logger.debug("Created %s", self.self_signed_path)
-        for host in hosts:
-            self.init_cert(host)
 
     def exists(self, host: str) -> bool:
         return self.__exists_certbot(host) or self.__exists_self_signed(host)

stapler/server.py

@@ -50,7 +50,7 @@ class StaplerServer:
         self.logger.info("Starting up...")
         self.registry.load_pages()
         if self.params.with_certificates:
-            self.cert_manager.init(self.__get_all_hosts())
+            self.cert_manager.init()
         self.data_dir.init()
         self.token_manager.init()
 
@@ -152,7 +152,7 @@ class StaplerServer:
             self.logger.warning("Cannot renew without certificates")
             return 1
         self.registry.load_pages()
-        self.cert_manager.init(self.__get_all_hosts())
+        self.cert_manager.init()
         for host in self.__get_all_hosts():
             self.cert_manager.create_or_update(host)
         return 0

tests/test_cert_manager.py

@@ -35,18 +35,10 @@ class TestRegistry(BaseTestCase):
             self.patch("shutil.which", count=0),
             self.patch("subprocess.check_output", count=0),
         ):
-            self.cert_manager.init([])
+            self.cert_manager.init()
             assert self.self_signed_path.is_dir()
             assert self.certbot_www.is_dir()
 
-    def test_init_with_hosts(self) -> None:
-        with (
-            self.patch("shutil.which", count=0),
-            self.patch("subprocess.check_output", count=0),
-        ):
-            self._make_self_signed("example.com")
-            self.cert_manager.init(["example.com"])
-
     def test_exists_self_signed(self) -> None:
         self._make_self_signed("example.com")
         assert self.cert_manager.exists("example.com")

tests/test_server.py

@@ -26,10 +26,8 @@ class TestStaplerServer(BaseTestCase):
     def test_renew(self) -> None:
         with (
             self.mock_call(self.registry.load_pages),
-            self.mock_calls(
-                self.registry.get_hosts, [[], []], [["host_1"], ["host_1"]]
-            ),
-            self.mock_call(self.cert_manager.init, [["localhost", "host_1"]]),
+            self.mock_calls(self.registry.get_hosts, [[]], [["host_1"]]),
+            self.mock_call(self.cert_manager.init),
             self.mock_calls(
                 self.cert_manager.create_or_update, [["localhost"], ["host_1"]]
             ),
@@ -70,8 +68,7 @@ class TestStaplerServer(BaseTestCase):
         self.cert_manager.sni_callback = unittest.mock.Mock()
         with (
             self.mock_call(self.registry.load_pages),
-            self.mock_call(self.registry.get_hosts, [], []),
-            self.mock_call(self.cert_manager.init, [["localhost"]]),
+            self.mock_call(self.cert_manager.init),
             self.mock_call(self.data_dir.init),
             self.mock_call(self.token_manager.init),
             self.patch("ssl.create_default_context", return_value=self.context_mock),