1 files changed, 66 insertions, 15 deletions
diff --git a/modules/caddytls/acmemanager.go b/modules/caddytls/acmemanager.go
index a7a460a..40e2d24 100644
--- a/modules/caddytls/acmemanager.go
+++ b/modules/caddytls/acmemanager.go
@@ -3,6 +3,7 @@ package caddytls
 import (
 	"encoding/json"
 	"fmt"
+	"time"
 
 	"github.com/go-acme/lego/certcrypto"
 
@@ -18,11 +19,6 @@ func init() {
 	})
 }
 
-// ManagerMaker TODO: WIP...
-type ManagerMaker interface {
-	newManager(interactive bool) (certmagic.Manager, error)
-}
-
 // acmeManagerMaker makes an ACME manager
 // for managinig certificates using ACME.
 type acmeManagerMaker struct {
@@ -40,9 +36,11 @@ type acmeManagerMaker struct {
 	keyType certcrypto.KeyType
 }
 
-func (m *acmeManagerMaker) Provision() error {
-	m.setDefaults()
+func (m *acmeManagerMaker) newManager(interactive bool) (certmagic.Manager, error) {
+	return nil, nil
+}
 
+func (m *acmeManagerMaker) Provision() error {
 	// DNS providers
 	if m.Challenges.DNS != nil {
 		val, err := caddy2.LoadModuleInline("provider", "tls.dns", m.Challenges.DNS)
@@ -67,18 +65,71 @@ func (m *acmeManagerMaker) Provision() error {
 		m.Storage = nil // allow GC to deallocate - TODO: Does this help?
 	}
 
+	m.setDefaults()
+
 	return nil
 }
 
-// setDefaults indiscriminately sets all the default values in m.
+// setDefaults sets necessary values that are
+// currently empty to their default values.
 func (m *acmeManagerMaker) setDefaults() {
-	m.CA = certmagic.LetsEncryptStagingCA // certmagic.Default.CA // TODO: When not testing, switch to production CA
-	m.Email = certmagic.Default.Email
-	m.RenewAhead = caddy2.Duration(certmagic.Default.RenewDurationBefore)
-	m.keyType = certmagic.Default.KeyType
-	m.storage = certmagic.Default.Storage
+	if m.CA == "" {
+		m.CA = certmagic.LetsEncryptStagingCA // certmagic.Default.CA // TODO: When not testing, switch to production CA
+	}
+	if m.Email == "" {
+		m.Email = certmagic.Default.Email
+	}
+	if m.RenewAhead == 0 {
+		m.RenewAhead = caddy2.Duration(certmagic.Default.RenewDurationBefore)
+	}
+	if m.keyType == "" {
+		m.keyType = certmagic.Default.KeyType
+	}
+	if m.storage == nil {
+		m.storage = certmagic.Default.Storage
+	}
 }
 
-func (m *acmeManagerMaker) newManager(interactive bool) (certmagic.Manager, error) {
-	return nil, nil
+// makeCertMagicConfig converts m into a certmagic.Config, because
+// this is a special case where the default manager is the certmagic
+// Config and not a separate manager.
+func (m *acmeManagerMaker) makeCertMagicConfig() certmagic.Config {
+	storage := m.storage
+	if storage == nil {
+		storage = caddy2.GetStorage()
+	}
+
+	var ond *certmagic.OnDemandConfig
+	if m.OnDemand != nil {
+		ond = &certmagic.OnDemandConfig{
+			// TODO: fill this out
+		}
+	}
+
+	return certmagic.Config{
+		CA:                      certmagic.LetsEncryptStagingCA, //ap.CA, // TODO: Restore true value
+		Email:                   m.Email,
+		Agreed:                  true,
+		DisableHTTPChallenge:    m.Challenges.HTTP.Disabled,
+		DisableTLSALPNChallenge: m.Challenges.TLSALPN.Disabled,
+		RenewDurationBefore:     time.Duration(m.RenewAhead),
+		AltHTTPPort:             m.Challenges.HTTP.AlternatePort,
+		AltTLSALPNPort:          m.Challenges.TLSALPN.AlternatePort,
+		DNSProvider:             m.Challenges.dns,
+		KeyType:                 supportedCertKeyTypes[m.KeyType],
+		CertObtainTimeout:       time.Duration(m.ACMETimeout),
+		OnDemand:                ond,
+		MustStaple:              m.MustStaple,
+		Storage:                 storage,
+		// TODO: listenHost
+	}
+}
+
+// supportedCertKeyTypes is all the key types that are supported
+// for certificates that are obtained through ACME.
+var supportedCertKeyTypes = map[string]certcrypto.KeyType{
+	"RSA2048": certcrypto.RSA2048,
+	"RSA4096": certcrypto.RSA4096,
+	"P256":    certcrypto.EC256,
+	"P384":    certcrypto.EC384,
 }