summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile
diff options
context:
space:
mode:
Diffstat (limited to 'caddyconfig/httpcaddyfile')
-rw-r--r--caddyconfig/httpcaddyfile/builtins.go16
-rw-r--r--caddyconfig/httpcaddyfile/httptype.go28
-rw-r--r--caddyconfig/httpcaddyfile/options.go2
3 files changed, 37 insertions, 9 deletions
diff --git a/caddyconfig/httpcaddyfile/builtins.go b/caddyconfig/httpcaddyfile/builtins.go
index 7c56b04..29ca0be 100644
--- a/caddyconfig/httpcaddyfile/builtins.go
+++ b/caddyconfig/httpcaddyfile/builtins.go
@@ -98,6 +98,7 @@ func parseRoot(h Helper) ([]ConfigValue, error) {
// alpn <values...>
// load <paths...>
// ca <acme_ca_endpoint>
+// dns <provider_name>
// }
//
func parseTLS(h Helper) ([]ConfigValue, error) {
@@ -217,6 +218,21 @@ func parseTLS(h Helper) ([]ConfigValue, error) {
}
mgr.CA = arg[0]
+ // DNS provider for ACME DNS challenge
+ case "dns":
+ if !h.Next() {
+ return nil, h.ArgErr()
+ }
+ provName := h.Val()
+ if mgr.Challenges == nil {
+ mgr.Challenges = new(caddytls.ChallengesConfig)
+ }
+ dnsProvModule, err := caddy.GetModule("tls.dns." + provName)
+ if err != nil {
+ return nil, h.Errf("getting DNS provider module named '%s': %v", provName, err)
+ }
+ mgr.Challenges.DNSRaw = caddyconfig.JSONModuleObject(dnsProvModule.New(), "provider", provName, h.warnings)
+
default:
return nil, h.Errf("unknown subdirective: %s", h.Val())
}
diff --git a/caddyconfig/httpcaddyfile/httptype.go b/caddyconfig/httpcaddyfile/httptype.go
index 0cd2fca..268f66a 100644
--- a/caddyconfig/httpcaddyfile/httptype.go
+++ b/caddyconfig/httpcaddyfile/httptype.go
@@ -71,8 +71,8 @@ func (st ServerType) Setup(originalServerBlocks []caddyfile.ServerBlock,
val, err = parseOptExperimentalHTTP3(disp)
case "storage":
val, err = parseOptStorage(disp)
- case "acme_ca":
- val, err = parseOptACMECA(disp)
+ case "acme_ca", "acme_dns":
+ val, err = parseOptACME(disp)
case "email":
val, err = parseOptEmail(disp)
case "admin":
@@ -222,11 +222,12 @@ func (st ServerType) Setup(originalServerBlocks []caddyfile.ServerBlock,
}
}
}
- // if global ACME CA or email were set, append a catch-all automation
+ // if global ACME CA, DNS, or email were set, append a catch-all automation
// policy that ensures they will be used if no tls directive was used
acmeCA, hasACMECA := options["acme_ca"]
+ acmeDNS, hasACMEDNS := options["acme_dns"]
email, hasEmail := options["email"]
- if hasACMECA || hasEmail {
+ if hasACMECA || hasACMEDNS || hasEmail {
if tlsApp.Automation == nil {
tlsApp.Automation = new(caddytls.AutomationConfig)
}
@@ -236,11 +237,22 @@ func (st ServerType) Setup(originalServerBlocks []caddyfile.ServerBlock,
if !hasEmail {
email = ""
}
+ mgr := caddytls.ACMEManagerMaker{
+ CA: acmeCA.(string),
+ Email: email.(string),
+ }
+ if hasACMEDNS {
+ provName := acmeDNS.(string)
+ dnsProvModule, err := caddy.GetModule("tls.dns." + provName)
+ if err != nil {
+ return nil, warnings, fmt.Errorf("getting DNS provider module named '%s': %v", provName, err)
+ }
+ mgr.Challenges = &caddytls.ChallengesConfig{
+ DNSRaw: caddyconfig.JSONModuleObject(dnsProvModule.New(), "provider", provName, &warnings),
+ }
+ }
tlsApp.Automation.Policies = append(tlsApp.Automation.Policies, caddytls.AutomationPolicy{
- ManagementRaw: caddyconfig.JSONModuleObject(caddytls.ACMEManagerMaker{
- CA: acmeCA.(string),
- Email: email.(string),
- }, "module", "acme", &warnings),
+ ManagementRaw: caddyconfig.JSONModuleObject(mgr, "module", "acme", &warnings),
})
}
if tlsApp.Automation != nil {
diff --git a/caddyconfig/httpcaddyfile/options.go b/caddyconfig/httpcaddyfile/options.go
index e81528e..9ebefea 100644
--- a/caddyconfig/httpcaddyfile/options.go
+++ b/caddyconfig/httpcaddyfile/options.go
@@ -162,7 +162,7 @@ func parseOptStorage(d *caddyfile.Dispenser) (caddy.StorageConverter, error) {
return storage, nil
}
-func parseOptACMECA(d *caddyfile.Dispenser) (string, error) {
+func parseOptACME(d *caddyfile.Dispenser) (string, error) {
d.Next() // consume parameter name
if !d.Next() {
return "", d.ArgErr()