github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-05-22 09:39:58 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enable skipping just certificate management for some auto HTTPS names

Browse Source
This commit is contained in:
Matthew Holt
2019-06-26 10:57:18 -06:00
parent 91b03dccb0
commit a524bcfe78
2 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
modules/caddyhttp/caddyhttp.go
View File

@ -210,7 +210,8 @@ func (app *App) automaticHTTPS() error {
for _, m := range matcherSet {
if hm, ok := m.(*MatchHost); ok {
for _, d := range *hm {
if certmagic.HostQualifies(d) && !srv.AutoHTTPS.HostSkipped(d) {
if certmagic.HostQualifies(d) &&
!srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.Skip) {
domainSet[d] = struct{}{}
}
}
@ -221,9 +222,12 @@ func (app *App) automaticHTTPS() error {
if len(domainSet) > 0 {
// marshal the domains into a slice
var domains []string
var domains, domainsForCerts []string
for d := range domainSet {
domains = append(domains, d)
if !srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.SkipCerts) {
domainsForCerts = append(domainsForCerts, d)
}
}
// ensure that these certificates are managed properly;
@ -245,13 +249,13 @@ func (app *App) automaticHTTPS() error {
acmeManager.SetDefaults()
tlsApp.Automation.Policies = append(tlsApp.Automation.Policies,
caddytls.AutomationPolicy{
Hosts: domains,
Hosts: domainsForCerts,
Management: acmeManager,
})
// manage their certificates
log.Printf("[INFO] Enabling automatic HTTPS for %v", domains)
err := tlsApp.Manage(domains)
log.Printf("[INFO] Enabling automatic HTTPS certificates for %v", domainsForCerts)
err := tlsApp.Manage(domainsForCerts)
if err != nil {
return fmt.Errorf("%s: managing certificate for %s: %s", srvName, domains, err)
}
@ -267,6 +271,8 @@ func (app *App) automaticHTTPS() error {
continue
}
log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains)
// create HTTP->HTTPS redirects
for _, addr := range srv.Listen {
netw, host, port, err := splitListenAddr(addr)