diff options
| author | Matthew Holt <mholt@users.noreply.github.com> | 2019-06-26 10:57:18 -0600 |
|---|---|---|
| committer | Matthew Holt <mholt@users.noreply.github.com> | 2019-06-26 10:57:18 -0600 |
| commit | a524bcfe78e8067b8224b1794c6842d9c2c7e8cf (patch) | |
| tree | 42e7ce1c00505eeb98c6a1c88ee24cdf4bd3c5d2 /modules/caddyhttp/caddyhttp.go | |
| parent | 91b03dccb0094d96652def8a9c70016fd53d1006 (diff) | |
Enable skipping just certificate management for some auto HTTPS names
Diffstat (limited to 'modules/caddyhttp/caddyhttp.go')
| -rw-r--r-- | modules/caddyhttp/caddyhttp.go | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go index 850501f..9c80992 100644 --- a/modules/caddyhttp/caddyhttp.go +++ b/modules/caddyhttp/caddyhttp.go @@ -210,7 +210,8 @@ func (app *App) automaticHTTPS() error { for _, m := range matcherSet { if hm, ok := m.(*MatchHost); ok { for _, d := range *hm { - if certmagic.HostQualifies(d) && !srv.AutoHTTPS.HostSkipped(d) { + if certmagic.HostQualifies(d) && + !srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.Skip) { domainSet[d] = struct{}{} } } @@ -221,9 +222,12 @@ func (app *App) automaticHTTPS() error { if len(domainSet) > 0 { // marshal the domains into a slice - var domains []string + var domains, domainsForCerts []string for d := range domainSet { domains = append(domains, d) + if !srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.SkipCerts) { + domainsForCerts = append(domainsForCerts, d) + } } // ensure that these certificates are managed properly; @@ -245,13 +249,13 @@ func (app *App) automaticHTTPS() error { acmeManager.SetDefaults() tlsApp.Automation.Policies = append(tlsApp.Automation.Policies, caddytls.AutomationPolicy{ - Hosts: domains, + Hosts: domainsForCerts, Management: acmeManager, }) // manage their certificates - log.Printf("[INFO] Enabling automatic HTTPS for %v", domains) - err := tlsApp.Manage(domains) + log.Printf("[INFO] Enabling automatic HTTPS certificates for %v", domainsForCerts) + err := tlsApp.Manage(domainsForCerts) if err != nil { return fmt.Errorf("%s: managing certificate for %s: %s", srvName, domains, err) } @@ -267,6 +271,8 @@ func (app *App) automaticHTTPS() error { continue } + log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains) + // create HTTP->HTTPS redirects for _, addr := range srv.Listen { netw, host, port, err := splitListenAddr(addr) |