Delete certificates that can't be renewed

[gohai]

The current released version will attempt a daily renewal forever once a domain's certificate has been stored. But domain holder's might move their domains elsewhere at any point, meaning that this renewal might never again succeed.

To limit the resources we spend daily on attempting a renewal for those, give up after the certificate has expired, and delete it from storage.

[gohai]

We'll be giving this light testing in the next couple of days, but would appreciate any comments you might have already.

[brianlund]

Just for comparison, the way I did it was to just check if expiry date had passed and if so, delete the cert:

  -- Attempt to retrieve expiry date from storage. If it is not found try renewal.
  -- If expiry date is found, we attempt renewal if it's within 30 days.
  if cert["expiry"] then
    local now = ngx.now()


    if now > cert["expiry"] then
      storage:delete_cert(domain)
      ngx.log(ngx.ERR, "auto-ssl: this cert is expired and deleted: ", domain)
      renew_check_cert_unlock(domain, storage, local_lock, distributed_lock_value)
      return
    end

We start attempting to renew quite a while before expiry so I figured that would be enough of a buffer.

[gohai]

Thanks @brianlund - I am doing similar in the PR, except that I also thought I better offer a way to clear certificates that don't yet have the expiration set. Only for those it's counting the number of times we attempted (but) failed in renewal, basically emulating the same logic of deleting the cert after a month, when it had expired.

But I can see that providing those two ways (and keeping the legacy one around forever) is perhaps not too elegant - we have a seizable amount of certificates in storage, so clearing them and counting on them having expiry set is not an option unfortunately. In a couple of months most of them will have of course this information - except for the once that are "stuck", tragically.

I see two options if we did not want to cary the count-renewal-attempts:

• Document the fact that "stuck" domains created before version 0.12 need to be deleted manually from Redis.
• Add code to get all keys for a given prefix - this way we could find the most recent "backup" cert that gets saved, take the timestamp from it, and use it as expiry (if not already set). This way we'd always have the expiration date, which would also speed up renewals in the first two months for people who're migrating from pre-0.12.