diff options
author | Ian <ViViDboarder@gmail.com> | 2020-11-23 12:58:26 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-23 13:58:26 -0700 |
commit | c5197f59991df7fbe6b921a2a84483d108525d03 (patch) | |
tree | 7799b7655f1d93bf43594e9d29b4108af830d978 /modules/caddypki/ca.go | |
parent | 06ba006f9bb7fe4fe8fb97bbda594f3c438cb6ad (diff) |
acme_server: fix reload of acme database (#3874)
* acme_server: Refactor database creation apart from authority creation
This is a WIP commit that doesn't really offer anything other than
setting us up for using a UsagePool to gracefully reload acme_server
configs.
* Implement UsagePool
* Remove unused context
* Fix initializing non-ACME CA
This will handle cases where a DB is not provided
* Sanitize acme db path and clean debug logs
* Move regex to package level to prevent recompiling
Diffstat (limited to 'modules/caddypki/ca.go')
-rw-r--r-- | modules/caddypki/ca.go | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/modules/caddypki/ca.go b/modules/caddypki/ca.go index f95c9a0..5e76676 100644 --- a/modules/caddypki/ca.go +++ b/modules/caddypki/ca.go @@ -195,14 +195,18 @@ func (ca CA) NewAuthority(authorityConfig AuthorityConfig) (*authority.Authority issuerKey = ca.IntermediateKey() } - auth, err := authority.NewEmbedded( + opts := []authority.Option{ authority.WithConfig(&authority.Config{ AuthorityConfig: authorityConfig.AuthConfig, - DB: authorityConfig.DB, }), authority.WithX509Signer(issuerCert, issuerKey.(crypto.Signer)), authority.WithX509RootCerts(rootCert), - ) + } + // Add a database if we have one + if authorityConfig.DB != nil { + opts = append(opts, authority.WithDatabase(*authorityConfig.DB)) + } + auth, err := authority.NewEmbedded(opts...) if err != nil { return nil, fmt.Errorf("initializing certificate authority: %v", err) } @@ -382,7 +386,7 @@ type AuthorityConfig struct { SignWithRoot bool // TODO: should we just embed the underlying authority.Config struct type? - DB *db.Config + DB *db.AuthDB AuthConfig *authority.AuthConfig } |