summaryrefslogtreecommitdiff
path: root/modules/caddyhttp
diff options
context:
space:
mode:
Diffstat (limited to 'modules/caddyhttp')
-rw-r--r--modules/caddyhttp/caddyhttp.go30
1 files changed, 20 insertions, 10 deletions
diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go
index 437e48f..de62b79 100644
--- a/modules/caddyhttp/caddyhttp.go
+++ b/modules/caddyhttp/caddyhttp.go
@@ -111,7 +111,11 @@ func (hc *httpModuleConfig) Stop() error {
}
func (hc *httpModuleConfig) automaticHTTPS(handle caddy2.Handle) error {
- tlsApp := handle.App("tls").(*caddytls.TLS)
+ tlsAppIface, err := handle.App("tls")
+ if err != nil {
+ return fmt.Errorf("getting tls app: %v", err)
+ }
+ tlsApp := tlsAppIface.(*caddytls.TLS)
for srvName, srv := range hc.Servers {
srv.tlsApp = tlsApp
@@ -120,6 +124,7 @@ func (hc *httpModuleConfig) automaticHTTPS(handle caddy2.Handle) error {
continue
}
+ // find all qualifying domain names, de-duplicated
domainSet := make(map[string]struct{})
for _, route := range srv.Routes {
for _, m := range route.matchers {
@@ -133,21 +138,26 @@ func (hc *httpModuleConfig) automaticHTTPS(handle caddy2.Handle) error {
}
}
}
- var domains []string
- for d := range domainSet {
- domains = append(domains, d)
- }
- if len(domains) > 0 {
+
+ if len(domainSet) > 0 {
+ // marshal the domains into a slice
+ var domains []string
+ for d := range domainSet {
+ domains = append(domains, d)
+ }
+
+ // manage their certificates
err := tlsApp.Manage(domains)
if err != nil {
return fmt.Errorf("%s: managing certificate for %s: %s", srvName, domains, err)
}
- // TODO: Connection policies... redirects... man...
+
+ // tell the server to use TLS
srv.TLSConnPolicies = caddytls.ConnectionPolicies{
- {
- ALPN: defaultALPN,
- },
+ {ALPN: defaultALPN},
}
+
+ // TODO: create HTTP->HTTPS redirects
}
}