New double-tiered cache setup

Author: ruerdev

README.md

@@ -30,15 +30,25 @@ return [
         // Cache store to use (null = default store)
         'store' => env('CLOUDFLARE_CACHE_STORE', null),
 
-        // Cache keys used to store IP ranges
+        // Primary cache keys ("current" – refreshed list) and fallback ("last_good" – permanent)
         'keys' => [
-            'all' => 'cloudflare:ips',
-            'v4' => 'cloudflare:ips:v4',
-            'v6' => 'cloudflare:ips:v6',
+            'current' => [
+                'all' => 'cloudflare:ips:current',
+                'v4' => 'cloudflare:ips:v4:current',
+                'v6' => 'cloudflare:ips:v6:current',
+            ],
+            'last_good' => [
+                'all' => 'cloudflare:ips:last_good',
+                'v4' => 'cloudflare:ips:v4:last_good',
+                'v6' => 'cloudflare:ips:v6:last_good',
+            ],
         ],
 
-        // Time to live in seconds (null = forever)
-        'ttl' => env('CLOUDFLARE_CACHE_TTL', 60 * 60 * 24), // 24 hours
+        // Time to live in seconds for the "current" list (null = forever). Default: 7 days.
+        'ttl' => env('CLOUDFLARE_CACHE_TTL', 60 * 60 * 24 * 7),
+
+        // Allow falling back to the last known good list when current is missing/expired.
+        'allow_stale' => env('CLOUDFLARE_ALLOW_STALE', true),
     ],
 
     // HTTP client settings for fetching IP ranges from Cloudflare
@@ -65,7 +75,7 @@ return [
 - Fetches Cloudflare IP ranges from:
 	- https://www.cloudflare.com/ips-v4
 	- https://www.cloudflare.com/ips-v6
-- Caches the lists for 24h by default
+- Caches the lists (default 7 days) and keeps a permanent fallback copy
 - Provides a command to keep the list up-to-date: `php artisan cloudflare:refresh`
 - Interact with the lists in your code via the `LaravelCloudflare` service:
     - `ipv4()`: get IPv4 addresses
@@ -92,21 +102,29 @@ use Illuminate\Support\Facades\Schedule;
 Schedule::command('cloudflare:refresh')->twiceDaily(); // or ->daily(), ->hourly(), etc.
 ```
 
-3. Add the list of IPs to the `TrustProxies` middleware in `bootstrap/app.php`:
+3. Trust Cloudflare proxies in `bootstrap/app.php`:
 
 ```php
 use Sorane\LaravelCloudflare\LaravelCloudflare;
 
 ->withMiddleware(function (Middleware $middleware) {
-    $cloudflareIps = app(LaravelCloudflare::class)->all();
-    $ipsToTrust = [
-        // Add other IPs you want to trust here
-        ...$cloudflareIps,
-    ];
-    $middleware->trustProxies(at: $ipsToTrust);
+    // Your other middleware interactions here...
+
+    app()->booted(function () use ($middleware) {
+        $cloudflareIps = app(LaravelCloudflare::class)->all();
+        $ipsToTrust = [
+            ...$cloudflareIps,
+            // Add any other proxies you want to trust here
+        ];
+        $middleware->trustProxies(at: $ipsToTrust);
+    });
 })
 ```
 
+Note: Use `app()->booted()` to ensure the application is fully booted and the cache is accessible.
+
+Note 2: The `all()` method can never return an empty array, if you've at least once successfully run `cloudflare:refresh`. Read more about the caching design below.
+
 4. Use the `cache-info` command to see information about the currently cached IPs.
 
 ```bash
@@ -126,6 +144,33 @@ $allIps = $cloudflare->all();
 $cacheInfo = $cloudflare->cacheInfo();
 ```
 
+## Caching design (current + last_good)
+
+To avoid network calls during request handling and still remain resilient if Cloudflare is temporarily unreachable, the package maintains two cache layers:
+
+* current – the actively refreshed list with a configurable TTL (default 7 days).
+* last_good – a permanent (forever) copy updated only after a fully successful refresh (both IPv4 and IPv6 lists fetched). It is never cleared on a failed refresh.
+
+Lookup order for `ipv4()`, `ipv6()`, and `all()`:
+1. current list
+2. last_good list (when `allow_stale` is true)
+3. (logs a warning and returns an empty array only if neither exists – typically only before the very first refresh)
+
+Advantages:
+* No request latency spikes from on-demand fetching.
+* Transient network failures do not drop trusted proxy IPs – the last_good list continues to be served.
+* Safe refresh semantics: last_good updates only after a fully successful fetch of both families.
+
+Relevant config options (`config/laravel-cloudflare.php`):
+* `cache.ttl` – lifetime for current list (seconds, null = forever).
+* `cache.allow_stale` – whether to fall back to last_good when current missing.
+* Distinct key sets under `cache.keys.current` and `cache.keys.last_good`.
+
+Operational recommendation:
+* Run `cloudflare:refresh` in your deployment pipeline and via the scheduler. A single success seeds both caching layers.
+* Keep the TTL of last_good infinite (null) to ensure a fallback is always available.
+* Regularly check logs and use `cloudflare:cache-info` to monitor cache status.
+
 ## Using with Laravel Octane
 
 When you use this package to trust Cloudflare proxies via the `TrustProxies` middleware, while running behind Laravel Octane, keep the following in mind:

config/laravel-cloudflare.php

@@ -5,15 +5,25 @@
         // Cache store to use (null = default store)
         'store' => env('CLOUDFLARE_CACHE_STORE', null),
 
-        // Cache keys used to store IP ranges
+        // Primary cache keys ("current" – refreshed list) and fallback ("last_good" – permanent)
         'keys' => [
-            'all' => 'cloudflare:ips',
-            'v4' => 'cloudflare:ips:v4',
-            'v6' => 'cloudflare:ips:v6',
+            'current' => [
+                'all' => 'cloudflare:ips:current',
+                'v4' => 'cloudflare:ips:v4:current',
+                'v6' => 'cloudflare:ips:v6:current',
+            ],
+            'last_good' => [
+                'all' => 'cloudflare:ips:last_good',
+                'v4' => 'cloudflare:ips:v4:last_good',
+                'v6' => 'cloudflare:ips:v6:last_good',
+            ],
         ],
 
-        // Time to live in seconds (null = forever)
-        'ttl' => env('CLOUDFLARE_CACHE_TTL', 60 * 60 * 24), // 24 hours
+        // Time to live in seconds for the "current" list (null = forever). Default: 7 days.
+        'ttl' => env('CLOUDFLARE_CACHE_TTL', 60 * 60 * 24 * 7),
+
+        // Allow falling back to the last known good list when current is missing/expired.
+        'allow_stale' => env('CLOUDFLARE_ALLOW_STALE', true),
     ],
 
     // HTTP client settings for fetching IP ranges from Cloudflare

src/Commands/CloudflareCacheInfoCommand.php

@@ -23,24 +23,34 @@ public function handle(): int
         $this->line('Configured TTL   : '.($ttl === null ? 'forever' : ($ttl.'s')));
 
         $this->newLine();
-        $this->line('Entries:');
-
-        foreach (['v4', 'v6', 'all'] as $segment) {
-            $segmentInfo = $info['keys'][$segment];
-            $status = $segmentInfo['present'] ? 'cached' : 'missing';
-            $line = '  '
-                .str_pad($segment, 3, ' ', STR_PAD_RIGHT)
-                .' key '
-                .str_pad($segmentInfo['key'], 25, ' ', STR_PAD_RIGHT)
-                .' status: '
-                .str_pad($status, 7, ' ', STR_PAD_RIGHT)
-                .' count: '
-                .$segmentInfo['count'];
-            $this->line($line);
+        $this->line('Segments:');
+
+        foreach (['current', 'last_good'] as $group) {
+            if (! isset($info['segments'][$group])) {
+                continue;
+            }
+            $this->line("  {$group}:");
+            foreach (['v4', 'v6', 'all'] as $label) {
+                $segmentInfo = $info['segments'][$group][$label] ?? null;
+                if ($segmentInfo === null) {
+                    continue;
+                }
+                $status = $segmentInfo['present'] ? 'cached' : 'missing';
+                $line = '    '
+                    .str_pad($label, 3, ' ', STR_PAD_RIGHT)
+                    .' key '
+                    .str_pad($segmentInfo['key'], 30, ' ', STR_PAD_RIGHT)
+                    .' status: '
+                    .str_pad($status, 7, ' ', STR_PAD_RIGHT)
+                    .' count: '
+                    .$segmentInfo['count'];
+                $this->line($line);
+            }
+            $this->newLine();
         }
 
         $this->newLine();
-        $this->comment('Use cloudflare:refresh to populate or refresh the cache.');
+        $this->comment('Use cloudflare:refresh to populate or refresh the current cache (last_good updates on successful refresh).');
 
         return self::SUCCESS;
     }

src/Commands/LaravelCloudflareCommand.php

@@ -22,8 +22,8 @@ public function handle(): int
         $v6 = $service->ipv6();
         $all = $service->all();
 
-        $this->line('IPv4: '.count($v4).', IPv6: '.count($v6).', All: '.count($all));
-        $this->comment('Cloudflare IP ranges refreshed and cached.');
+        $this->line('IPv4 (current or fallback): '.count($v4).', IPv6 (current or fallback): '.count($v6).', All (current or fallback): '.count($all));
+        $this->comment('Cloudflare IP ranges refreshed (current + last_good updated on success).');
 
         return self::SUCCESS;
     }