Switch to try-once Consul lock

Try to fix deadlock from #18

cmd/main.go

@@ -0,0 +1,37 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/hashicorp/consul/api"
+
+	"github.com/pteich/caddy-tlsconsul"
+)
+
+func main() {
+	cs := storageconsul.New()
+
+	cs.Prefix = "caddy2-streamurls"
+	cs.AESKey = []byte("sabc4ever-1234567890-caddytls-32")
+
+	consulConfig := api.DefaultConfig()
+	consulConfig.Address = "consul.streamabc.link:8500"
+	consulConfig.Token = "78a023fa-113d-5f86-602e-1485cacf1cc3"
+	client, err := api.NewClient(consulConfig)
+	if err != nil {
+		panic(err)
+	}
+	cs.ConsulClient = client
+
+	c, err := cs.Load("/certificates/acme-v02.api.letsencrypt.org-directory/caddytest.quantumcast.cloud/caddytest.quantumcast.cloud.crt")
+	if err != nil {
+		panic(err)
+	}
+
+	sd, err := cs.DecryptStorageData(c)
+	if err != nil {
+		panic(err)
+	}
+
+	fmt.Printf("########%s", string(sd.Value))
+}

go.sum

@@ -387,6 +387,7 @@ github.com/klauspost/compress v1.4.0/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0
 github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/compress v1.13.0/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
 github.com/klauspost/cpuid v0.0.0-20180405133222-e7e905edc00e/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
+github.com/klauspost/cpuid v1.2.0 h1:NMpwD2G9JSFOE1/TJjGSo5zG7Yb2bTe7eq1jH+irmeE=
 github.com/klauspost/cpuid v1.2.0/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/cpuid/v2 v2.0.6/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.0.7 h1:U89pAFid7wpIWvTFJnMKgU+Sabb7DLEgHI7Xt8apo3Y=

module.go

@@ -25,7 +25,7 @@ func (ConsulStorage) CaddyModule() caddy.ModuleInfo {
 // Provision is called by Caddy to prepare the module
 func (cs *ConsulStorage) Provision(ctx caddy.Context) error {
 	cs.logger = ctx.Logger(cs).Sugar()
-	cs.logger.Infof("TLS storage is using Consul at %cs", cs.Address)
+	cs.logger.Infof("TLS storage is using Consul at %s", cs.Address)
 
 	// override default values from ENV
 	if aesKey := os.Getenv(EnvNameAESKey); aesKey != "" {

storage.go

@@ -54,12 +54,19 @@ func (cs *ConsulStorage) prefixKey(key string) string {
 
 // Lock acquires a distributed lock for the given key or blocks until it gets one
 func (cs *ConsulStorage) Lock(ctx context.Context, key string) error {
+	cs.logger.Debugf("trying lock for %s", key)
+
 	if _, isLocked := cs.GetLock(key); isLocked {
 		return nil
 	}
 
-	// prepare the lock
-	lock, err := cs.ConsulClient.LockKey(cs.prefixKey(key))
+	// prepare the distributed lock
+	cs.logger.Debugf("creating Consul lock for %s", key)
+	lock, err := cs.ConsulClient.LockOpts(&consul.LockOptions{
+		Key:          cs.prefixKey(key),
+		LockWaitTime: time.Duration(cs.Timeout) * time.Second,
+		LockTryOnce:  true,
+	})
 	if err != nil {
 		return errors.Wrapf(err, "could not create lock for %s", cs.prefixKey(key))
 	}
@@ -142,6 +149,8 @@ func (cs ConsulStorage) Store(key string, value []byte) error {
 
 // Load retrieves the value for a key from Consul KV
 func (cs ConsulStorage) Load(key string) ([]byte, error) {
+	cs.logger.Debugf("loading data from Consul for %s", key)
+
 	kv, _, err := cs.ConsulClient.KV().Get(cs.prefixKey(key), &consul.QueryOptions{RequireConsistent: true})
 	if err != nil {
 		return nil, errors.Wrapf(err, "unable to obtain data for %s", cs.prefixKey(key))
@@ -159,6 +168,8 @@ func (cs ConsulStorage) Load(key string) ([]byte, error) {
 
 // Delete a key from Consul KV
 func (cs ConsulStorage) Delete(key string) error {
+	cs.logger.Debugf("deleting key %s from Consul", key)
+
 	// first obtain existing keypair
 	kv, _, err := cs.ConsulClient.KV().Get(cs.prefixKey(key), &consul.QueryOptions{RequireConsistent: true})
 	if err != nil {