Architectural shift to using context for config and module state

3 files changed, 23 insertions, 20 deletions

diff --git a/modules/caddytls/acmemanager.go b/modules/caddytls/acmemanager.go
index 40e2d24..59fc7c3 100644
--- a/modules/caddytls/acmemanager.go
+++ b/modules/caddytls/acmemanager.go
@@ -40,10 +40,10 @@ func (m *acmeManagerMaker) newManager(interactive bool) (certmagic.Manager, erro
 	return nil, nil
 }
 
-func (m *acmeManagerMaker) Provision() error {
+func (m *acmeManagerMaker) Provision(ctx caddy2.Context) error {
 	// DNS providers
 	if m.Challenges.DNS != nil {
-		val, err := caddy2.LoadModuleInline("provider", "tls.dns", m.Challenges.DNS)
+		val, err := ctx.LoadModuleInline("provider", "tls.dns", m.Challenges.DNS)
 		if err != nil {
 			return fmt.Errorf("loading TLS storage module: %s", err)
 		}
@@ -53,7 +53,7 @@ func (m *acmeManagerMaker) Provision() error {
 
 	// policy-specific storage implementation
 	if m.Storage != nil {
-		val, err := caddy2.LoadModuleInline("system", "caddy.storage", m.Storage)
+		val, err := ctx.LoadModuleInline("system", "caddy.storage", m.Storage)
 		if err != nil {
 			return fmt.Errorf("loading TLS storage module: %s", err)
 		}
@@ -93,10 +93,10 @@ func (m *acmeManagerMaker) setDefaults() {
 // makeCertMagicConfig converts m into a certmagic.Config, because
 // this is a special case where the default manager is the certmagic
 // Config and not a separate manager.
-func (m *acmeManagerMaker) makeCertMagicConfig() certmagic.Config {
+func (m *acmeManagerMaker) makeCertMagicConfig(ctx caddy2.Context) certmagic.Config {
 	storage := m.storage
 	if storage == nil {
-		storage = caddy2.GetStorage()
+		storage = ctx.Storage()
 	}
 
 	var ond *certmagic.OnDemandConfig
diff --git a/modules/caddytls/connpolicy.go b/modules/caddytls/connpolicy.go
index bdbd79f..45fe83a 100644
--- a/modules/caddytls/connpolicy.go
+++ b/modules/caddytls/connpolicy.go
@@ -18,11 +18,11 @@ type ConnectionPolicies []*ConnectionPolicy
 // TLSConfig converts the group of policies to a standard-lib-compatible
 // TLS configuration which selects the first matching policy based on
 // the ClientHello.
-func (cp ConnectionPolicies) TLSConfig(handle caddy2.Handle) (*tls.Config, error) {
+func (cp ConnectionPolicies) TLSConfig(ctx caddy2.Context) (*tls.Config, error) {
 	// connection policy matchers
 	for i, pol := range cp {
 		for modName, rawMsg := range pol.MatchersRaw {
-			val, err := caddy2.LoadModule("tls.handshake_match."+modName, rawMsg)
+			val, err := ctx.LoadModule("tls.handshake_match."+modName, rawMsg)
 			if err != nil {
 				return nil, fmt.Errorf("loading handshake matcher module '%s': %s", modName, err)
 			}
@@ -33,7 +33,7 @@ func (cp ConnectionPolicies) TLSConfig(handle caddy2.Handle) (*tls.Config, error
 
 	// pre-build standard TLS configs so we don't have to at handshake-time
 	for i := range cp {
-		err := cp[i].buildStandardTLSConfig(handle)
+		err := cp[i].buildStandardTLSConfig(ctx)
 		if err != nil {
 			return nil, fmt.Errorf("connection policy %d: building standard TLS config: %s", i, err)
 		}
@@ -74,8 +74,8 @@ type ConnectionPolicy struct {
 	stdTLSConfig *tls.Config
 }
 
-func (cp *ConnectionPolicy) buildStandardTLSConfig(handle caddy2.Handle) error {
-	tlsAppIface, err := handle.App("tls")
+func (cp *ConnectionPolicy) buildStandardTLSConfig(ctx caddy2.Context) error {
+	tlsAppIface, err := ctx.App("tls")
 	if err != nil {
 		return fmt.Errorf("getting tls app: %v", err)
 	}
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go
index fbc850c..4743e6b 100644
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@@ -26,10 +26,13 @@ type TLS struct {
 
 	certificateLoaders []CertificateLoader
 	certCache          *certmagic.Cache
+	ctx                caddy2.Context
 }
 
 // Provision sets up the configuration for the TLS app.
-func (t *TLS) Provision() error {
+func (t *TLS) Provision(ctx caddy2.Context) error {
+	t.ctx = ctx
+
 	// set up the certificate cache
 	// TODO: this makes a new cache every time; better to only make a new
 	// cache (or even better, add/remove only what is necessary) if the
@@ -41,7 +44,7 @@ func (t *TLS) Provision() error {
 	})
 
 	for i, ap := range t.Automation.Policies {
-		val, err := caddy2.LoadModuleInline("module", "tls.management", ap.Management)
+		val, err := ctx.LoadModuleInline("module", "tls.management", ap.Management)
 		if err != nil {
 			return fmt.Errorf("loading TLS automation management module: %s", err)
 		}
@@ -54,7 +57,7 @@ func (t *TLS) Provision() error {
 		if modName == automateKey {
 			continue // special case; these will be loaded in later
 		}
-		val, err := caddy2.LoadModule("tls.certificates."+modName, rawMsg)
+		val, err := ctx.LoadModule("tls.certificates."+modName, rawMsg)
 		if err != nil {
 			return fmt.Errorf("loading certificate module '%s': %s", modName, err)
 		}
@@ -65,7 +68,7 @@ func (t *TLS) Provision() error {
 }
 
 // Start activates the TLS module.
-func (t *TLS) Start(handle caddy2.Handle) error {
+func (t *TLS) Start() error {
 	// load manual/static (unmanaged) certificates
 	for _, loader := range t.certificateLoaders {
 		certs, err := loader.LoadCertificates()
@@ -73,7 +76,7 @@ func (t *TLS) Start(handle caddy2.Handle) error {
 			return fmt.Errorf("loading certificates: %v", err)
 		}
 		magic := certmagic.New(t.certCache, certmagic.Config{
-			Storage: caddy2.GetStorage(),
+			Storage: t.ctx.Storage(),
 		})
 		for _, cert := range certs {
 			err := magic.CacheUnmanagedTLSCertificate(cert)
@@ -114,7 +117,7 @@ func (t *TLS) Stop() error {
 func (t *TLS) Manage(names []string) error {
 	for _, name := range names {
 		ap := t.getAutomationPolicyForName(name)
-		magic := certmagic.New(t.certCache, ap.makeCertMagicConfig())
+		magic := certmagic.New(t.certCache, ap.makeCertMagicConfig(t.ctx))
 		err := magic.Manage([]string{name})
 		if err != nil {
 			return fmt.Errorf("automate: manage %s: %v", name, err)
@@ -130,13 +133,13 @@ func (t *TLS) HandleHTTPChallenge(w http.ResponseWriter, r *http.Request) bool {
 		return false
 	}
 	ap := t.getAutomationPolicyForName(r.Host)
-	magic := certmagic.New(t.certCache, ap.makeCertMagicConfig())
+	magic := certmagic.New(t.certCache, ap.makeCertMagicConfig(t.ctx))
 	return magic.HandleHTTPChallenge(w, r)
 }
 
 func (t *TLS) getConfigForName(name string) (certmagic.Config, error) {
 	ap := t.getAutomationPolicyForName(name)
-	return ap.makeCertMagicConfig(), nil
+	return ap.makeCertMagicConfig(t.ctx), nil
 }
 
 func (t *TLS) getAutomationPolicyForName(name string) AutomationPolicy {
@@ -178,12 +181,12 @@ type AutomationPolicy struct {
 	management ManagerMaker
 }
 
-func (ap AutomationPolicy) makeCertMagicConfig() certmagic.Config {
+func (ap AutomationPolicy) makeCertMagicConfig(ctx caddy2.Context) certmagic.Config {
 	// default manager (ACME) is a special case because of how CertMagic is designed
 	// TODO: refactor certmagic so that ACME manager is not a special case by extracting
 	// its config fields out of the certmagic.Config struct, or something...
 	if acmeMgmt, ok := ap.management.(*acmeManagerMaker); ok {
-		return acmeMgmt.makeCertMagicConfig()
+		return acmeMgmt.makeCertMagicConfig(ctx)
 	}
 
 	return certmagic.Config{