summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2023-08-09 11:15:01 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2023-08-09 11:15:01 -0600
commit080db938170ce154def7c6eb860634ffc6168c1c (patch)
tree9325776215e8d3b2f0a0d979191591f8fca2ecfc /modules
parenta8492c064df48bb1b2830fb82cf740cfeba4b2b2 (diff)
caddytls: Update docs for on-demand config
Diffstat (limited to 'modules')
-rw-r--r--modules/caddytls/automation.go35
1 files changed, 19 insertions, 16 deletions
diff --git a/modules/caddytls/automation.go b/modules/caddytls/automation.go
index 114d7aa..1416f4f 100644
--- a/modules/caddytls/automation.go
+++ b/modules/caddytls/automation.go
@@ -459,29 +459,32 @@ type DNSChallengeConfig struct {
// Caddy can "ask" if it should be allowed to manage
// certificates for a given hostname.
type OnDemandConfig struct {
- // An optional rate limit to throttle the
- // issuance of certificates from handshakes.
- RateLimit *RateLimit `json:"rate_limit,omitempty"`
-
- // REQUIRED. If Caddy needs to obtain/renew a certificate
- // during a TLS handshake, it will perform a quick
- // HTTP request to this URL to check if it should be
- // allowed to try to get a certificate for the name
- // in the "domain" query string parameter, like so:
- // `?domain=example.com`. The endpoint must return a
- // 200 OK status if a certificate is allowed;
- // anything else will cause it to be denied.
+ // REQUIRED. If Caddy needs to load a certificate from
+ // storage or obtain/renew a certificate during a TLS
+ // handshake, it will perform a quick HTTP request to
+ // this URL to check if it should be allowed to try to
+ // get a certificate for the name in the "domain" query
+ // string parameter, like so: `?domain=example.com`.
+ // The endpoint must return a 200 OK status if a certificate
+ // is allowed; anything else will cause it to be denied.
// Redirects are not followed.
Ask string `json:"ask,omitempty"`
+
+ // DEPRECATED. An optional rate limit to throttle
+ // the checking of storage and the issuance of
+ // certificates from handshakes if not already in
+ // storage. WILL BE REMOVED IN A FUTURE RELEASE.
+ RateLimit *RateLimit `json:"rate_limit,omitempty"`
}
-// RateLimit specifies an interval with optional burst size.
+// DEPRECATED. RateLimit specifies an interval with optional burst size.
type RateLimit struct {
- // A duration value. A certificate may be obtained 'burst'
- // times during this interval.
+ // A duration value. Storage may be checked and a certificate may be
+ // obtained 'burst' times during this interval.
Interval caddy.Duration `json:"interval,omitempty"`
- // How many times during an interval a certificate can be obtained.
+ // How many times during an interval storage can be checked or a
+ // certificate can be obtained.
Burst int `json:"burst,omitempty"`
}