From c2b91dbd65173d256e6fa4ddd3fec6ed2f6c87ef Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Thu, 7 Jan 2021 11:01:58 -0700 Subject: httpcaddyfile: Support repeated use of cert_issuer global option This changes the signature of UnmarshalGlobalFunc but this is probably OK since it's only used by this repo as far as we know. We need this change in order to "remember" the previous value in case a global option appears more than once, which is now a possibility with the cert_issuer option since Caddy now supports multiple issuers in the order defined by the user. Bonus: the issuer subdirective of tls now supports one-liner for "acme" when all you need to set is the directory: issuer acme --- caddyconfig/httpcaddyfile/tlsapp.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'caddyconfig/httpcaddyfile/tlsapp.go') diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index a66146d..25b800a 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -414,11 +414,11 @@ func fillInGlobalACMEDefaults(issuer certmagic.Issuer, options map[string]interf // returned if there are no default/global options. However, if always is // true, a non-nil value will always be returned (unless there is an error). func newBaseAutomationPolicy(options map[string]interface{}, warnings []caddyconfig.Warning, always bool) (*caddytls.AutomationPolicy, error) { - issuer, hasIssuer := options["cert_issuer"] + issuers, hasIssuers := options["cert_issuer"] _, hasLocalCerts := options["local_certs"] keyType, hasKeyType := options["key_type"] - hasGlobalAutomationOpts := hasIssuer || hasLocalCerts || hasKeyType + hasGlobalAutomationOpts := hasIssuers || hasLocalCerts || hasKeyType // if there are no global options related to automation policies // set, then we can just return right away @@ -434,12 +434,12 @@ func newBaseAutomationPolicy(options map[string]interface{}, warnings []caddycon ap.KeyType = keyType.(string) } - if hasIssuer && hasLocalCerts { + if hasIssuers && hasLocalCerts { return nil, fmt.Errorf("global options are ambiguous: local_certs is confusing when combined with cert_issuer, because local_certs is also a specific kind of issuer") } - if hasIssuer { - ap.Issuers = []certmagic.Issuer{issuer.(certmagic.Issuer)} + if hasIssuers { + ap.Issuers = issuers.([]certmagic.Issuer) } else if hasLocalCerts { ap.Issuers = []certmagic.Issuer{new(caddytls.InternalIssuer)} } -- cgit v1.2.3