From 73ead1627bce5c307d88b03d914726145b497708 Mon Sep 17 00:00:00 2001
From: klemek <klemek.dev@proton.me>
Date: Sun, 12 Apr 2026 23:31:00 +0200
Subject: [PATCH] feat: create certificate on demand

---
 Makefile       | 2 +-
 README.md      | 7 +++----
 src/handler.py | 9 ++++++---
 src/server.py  | 7 ++++++-
 4 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/Makefile b/Makefile
index 0762f13..23918c4 100644
--- a/Makefile
+++ b/Makefile
@@ -62,7 +62,7 @@ docker-build: ## docker build
 
 .PHONY: docker-run
 docker-run: docker-build ## docker run
-	@$(DOCKER) run -it -p $(PORT):8080 -v ./data:/data $(DOCKER_TAG) --debug --no-certbot run --token $(TOKEN)
+	@$(DOCKER) run -it -p $(PORT):8080 -v ./data:/data $(DOCKER_TAG) --debug --no-certbot --token $(TOKEN) run
 
 # ACTIONS
 
diff --git a/README.md b/README.md
index c1fd933..082f10a 100644
--- a/README.md
+++ b/README.md
@@ -93,13 +93,12 @@ curl -X DELETE \
 - [x] better logger
 - [x] renew command
 - [x] https mode w/ multiple hosts
-- [ ] restart command (on new/deleted host)
-- [ ] proper doc
-- [ ] log visits (and store accross sessions)
-- [ ] deliver visits in /page/visits
+- [x] create certificate on request
+- [ ] certbot symlink certificates for unique path
 - [x] better error page
 - [ ] add favicon.ico + special path
 - [ ] [http.server security](https://docs.python.org/3/library/http.server.html#http-server-security)
+- [ ] proper doc
 
 ### Makefile targets
 
diff --git a/src/handler.py b/src/handler.py
index f36b35e..a0bf881 100644
--- a/src/handler.py
+++ b/src/handler.py
@@ -8,7 +8,7 @@ import re
 import tarfile
 import typing
 
-from . import data_dir, logs, project
+from . import cert, data_dir, logs, project
 
 if typing.TYPE_CHECKING:
     from . import params, registry
@@ -27,6 +27,7 @@ class RequestHandler(http.server.SimpleHTTPRequestHandler):
         *args: typing.Any,
         params: params.Parameters,
         registry: registry.Registry,
+        cert_manager: cert.CertManager,
         **kwargs: dict[str, typing.Any],
     ) -> None:
         self.logger = logging.getLogger(self.__class__.__name__)
@@ -35,6 +36,7 @@ class RequestHandler(http.server.SimpleHTTPRequestHandler):
         self.data_dir = data_dir.DataDir(params.data_dir)
         self.max_size_bytes = params.max_size_bytes
         self.registry = registry
+        self.cert_manager = cert_manager
         self.certbot_www = os.path.realpath(params.certbot_www)
         self.out_size = 0
         super().__init__(*args, directory=params.data_dir, **kwargs)
@@ -79,9 +81,10 @@ class RequestHandler(http.server.SimpleHTTPRequestHandler):
             http.HTTPStatus.CREATED,
             f"Resource /{sub_path}/ updated",
         )
-        if host is not None:
-            self.registry.set_host(sub_path, host)
         self.registry.add(sub_path)
+        if host is not None and self.cert_manager.create_or_update(host):
+            self.registry.set_host(sub_path, host)
+            self.registry.add(sub_path)
         return None
 
     def do_DELETE(self) -> None:
diff --git a/src/server.py b/src/server.py
index f015b56..87634bc 100644
--- a/src/server.py
+++ b/src/server.py
@@ -18,7 +18,12 @@ class StaplerServer:
         self.default_host = params.host.split(":", maxsplit=2)[0]
 
     def request_handler(self, *args: typing.Any) -> http.server.BaseHTTPRequestHandler:
-        return handler.RequestHandler(*args, params=self.params, registry=self.registry)
+        return handler.RequestHandler(
+            *args,
+            params=self.params,
+            registry=self.registry,
+            cert_manager=self.cert_manager,
+        )
 
     def __get_all_hosts(self) -> list[str]:
         return [self.default_host, *self.registry.get_hosts()]