diff options
author | Matt Holt <mholt@users.noreply.github.com> | 2020-07-30 15:18:14 -0600 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-07-30 15:18:14 -0600 |
commit | 6a14e2c2a8881d5e90f1ee363ec4662a3f87402b (patch) | |
tree | 3d10bdfe62e709e70e16725659e860bee20ca8e6 /modules/caddytls/automation.go | |
parent | 2bc30bb780f3b93593a2a9e42db6ab215fe12902 (diff) |
caddytls: Replace lego with acmez (#3621)
* Replace lego with acmez; upgrade CertMagic
* Update integration test
Diffstat (limited to 'modules/caddytls/automation.go')
-rw-r--r-- | modules/caddytls/automation.go | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/modules/caddytls/automation.go b/modules/caddytls/automation.go index 37d5010..502a631 100644 --- a/modules/caddytls/automation.go +++ b/modules/caddytls/automation.go @@ -22,12 +22,11 @@ import ( "github.com/caddyserver/caddy/v2" "github.com/caddyserver/certmagic" - "github.com/go-acme/lego/v3/challenge" + "github.com/mholt/acmez" "go.uber.org/zap" ) -// AutomationConfig designates configuration for the -// construction and use of ACME clients. +// AutomationConfig governs the automated management of TLS certificates. type AutomationConfig struct { // The list of automation policies. The first matching // policy will be applied for a given certificate/name. @@ -208,6 +207,7 @@ func (ap *AutomationPolicy) Provision(tlsApp *TLS) error { OnDemand: ond, Storage: storage, Issuer: ap.Issuer, // if nil, certmagic.New() will create one + Logger: tlsApp.logger, } if rev, ok := ap.Issuer.(certmagic.Revoker); ok { template.Revoker = rev @@ -244,6 +244,7 @@ type ChallengesConfig struct { // not enabled by default. This is the only challenge // type which does not require a direct connection // to Caddy from an external server. + // // NOTE: DNS providers are currently being upgraded, // and this API is subject to change, but should be // stabilized soon. @@ -281,6 +282,7 @@ type TLSALPNChallengeConfig struct { } // DNSChallengeConfig configures the ACME DNS challenge. +// // NOTE: This API is still experimental and is subject to change. type DNSChallengeConfig struct { // The DNS provider module to use which will manage @@ -290,7 +292,10 @@ type DNSChallengeConfig struct { // The TTL of the TXT record used for the DNS challenge. TTL caddy.Duration `json:"ttl,omitempty"` - provider challenge.Provider + // How long to wait for DNS record to propagate. + PropagationTimeout caddy.Duration `json:"propagation_timeout,omitempty"` + + solver acmez.Solver } // OnDemandConfig configures on-demand TLS, for obtaining |