summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--caddyconfig/httpcaddyfile/httptype.go17
1 files changed, 13 insertions, 4 deletions
diff --git a/caddyconfig/httpcaddyfile/httptype.go b/caddyconfig/httpcaddyfile/httptype.go
index 7c13794..9764b57 100644
--- a/caddyconfig/httpcaddyfile/httptype.go
+++ b/caddyconfig/httpcaddyfile/httptype.go
@@ -169,6 +169,7 @@ func (st ServerType) Setup(originalServerBlocks []caddyfile.ServerBlock,
// now for the TLS app! (TODO: refactor into own func)
tlsApp := caddytls.TLS{CertificatesRaw: make(caddy.ModuleMap)}
+ var certLoaders []caddytls.CertificateLoader
for _, p := range pairings {
for i, sblock := range p.serverBlocks {
// tls automation policies
@@ -194,17 +195,25 @@ func (st ServerType) Setup(originalServerBlocks []caddyfile.ServerBlock,
}
}
}
-
// tls certificate loaders
if clVals, ok := sblock.pile["tls.certificate_loader"]; ok {
for _, clVal := range clVals {
- loader := clVal.Value.(caddytls.CertificateLoader)
- loaderName := caddy.GetModuleName(loader)
- tlsApp.CertificatesRaw[loaderName] = caddyconfig.JSON(loader, &warnings)
+ certLoaders = append(certLoaders, clVal.Value.(caddytls.CertificateLoader))
}
}
}
}
+ // group certificate loaders by module name, then add to config
+ if len(certLoaders) > 0 {
+ loadersByName := make(map[string][]caddytls.CertificateLoader)
+ for _, cl := range certLoaders {
+ name := caddy.GetModuleName(cl)
+ loadersByName[name] = append(loadersByName[name], cl)
+ }
+ for certLoaderName, loaders := range loadersByName {
+ tlsApp.CertificatesRaw[certLoaderName] = caddyconfig.JSON(loaders, &warnings)
+ }
+ }
// if global ACME CA, DNS, or email were set, append a catch-all automation
// policy that ensures they will be used if no tls directive was used
acmeCA, hasACMECA := options["acme_ca"]