diff options
author | Francis Lavoie <lavofr@gmail.com> | 2022-10-04 22:58:19 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-04 20:58:19 -0600 |
commit | 2808de1e30b873f9c8f4693eae59bd56f20ebbbe (patch) | |
tree | 2d428b0b111962230aecfe86cdbd97a743d1dd4f /caddyconfig | |
parent | 253d97c93dce9a3365e67d0360b2e47dd165578e (diff) |
httpcaddyfile: Skip `automate` when `auto_https off` is specified (#5110)
Diffstat (limited to 'caddyconfig')
-rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 947512a..240cb02 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -48,6 +48,10 @@ func (st ServerType) buildTLSApp( if hsp, ok := options["https_port"].(int); ok { httpsPort = strconv.Itoa(hsp) } + autoHTTPS := "on" + if ah, ok := options["auto_https"].(string); ok { + autoHTTPS = ah + } // count how many server blocks have a TLS-enabled key with // no host, and find all hosts that share a server block with @@ -331,10 +335,12 @@ func (st ServerType) buildTLSApp( internalAP := &caddytls.AutomationPolicy{ IssuersRaw: []json.RawMessage{json.RawMessage(`{"module":"internal"}`)}, } - for h := range httpsHostsSharedWithHostlessKey { - al = append(al, h) - if !certmagic.SubjectQualifiesForPublicCert(h) { - internalAP.Subjects = append(internalAP.Subjects, h) + if autoHTTPS != "off" { + for h := range httpsHostsSharedWithHostlessKey { + al = append(al, h) + if !certmagic.SubjectQualifiesForPublicCert(h) { + internalAP.Subjects = append(internalAP.Subjects, h) + } } } if len(al) > 0 { |