summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorMatthew Holt <mholt@users.noreply.github.com>2019-09-09 08:25:48 -0600
committerMatthew Holt <mholt@users.noreply.github.com>2019-09-09 08:25:48 -0600
commit9169cd43d49236c69d5c9b7c556cb0ac0c9ce497 (patch)
tree3513fc77db0abc02303817e3e8f1c44d6d190eaa /modules
parente12c62e60b3f794630aed2fae37c4c6973e63bf4 (diff)
Log when auto HTTPS or auto HTTP->HTTPS redirects are disabled
Diffstat (limited to 'modules')
-rw-r--r--modules/caddyhttp/caddyhttp.go8
-rw-r--r--modules/caddyhttp/server.go17
2 files changed, 25 insertions, 0 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go
index 6d8e921..99bd952 100644
--- a/modules/caddyhttp/caddyhttp.go
+++ b/modules/caddyhttp/caddyhttp.go
@@ -234,6 +234,8 @@ func (app *App) automaticHTTPS() error {
// skip if all listeners use the HTTP port
if !srv.listenersUseAnyPortOtherThan(app.HTTPPort) {
+ log.Printf("[INFO] Server %v is only listening on the HTTP port %d, so no automatic HTTPS will be applied to this server",
+ srv.Listen, app.HTTPPort)
continue
}
@@ -315,6 +317,12 @@ func (app *App) automaticHTTPS() error {
log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains)
+ // notify user if their config might override the HTTP->HTTPS redirects
+ if srv.listenersIncludePort(app.HTTPPort) {
+ log.Printf("[WARNING] Server %v is listening on HTTP port %d, so automatic HTTP->HTTPS redirects may be overridden by your own configuration",
+ srv.Listen, app.HTTPPort)
+ }
+
// create HTTP->HTTPS redirects
for _, addr := range srv.Listen {
netw, host, port, err := caddy.SplitListenAddr(addr)
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go
index 885ba0b..5b651fc 100644
--- a/modules/caddyhttp/server.go
+++ b/modules/caddyhttp/server.go
@@ -181,6 +181,23 @@ func (s *Server) listenersUseAnyPortOtherThan(otherPort int) bool {
return false
}
+// listenersIncludePort returns true if there are any
+// listeners in s that use otherPort.
+func (s *Server) listenersIncludePort(otherPort int) bool {
+ for _, lnAddr := range s.Listen {
+ _, addrs, err := caddy.ParseListenAddr(lnAddr)
+ if err == nil {
+ for _, a := range addrs {
+ _, port, err := net.SplitHostPort(a)
+ if err == nil && port == strconv.Itoa(otherPort) {
+ return true
+ }
+ }
+ }
+ }
+ return false
+}
+
func (s *Server) hasTLSClientAuth() bool {
for _, cp := range s.TLSConnPolicies {
if cp.ClientAuthentication != nil && cp.ClientAuthentication.Active() {