From a524bcfe78e8067b8224b1794c6842d9c2c7e8cf Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Wed, 26 Jun 2019 10:57:18 -0600
Subject: Enable skipping just certificate management for some auto HTTPS names

---
 modules/caddyhttp/caddyhttp.go | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'modules/caddyhttp/caddyhttp.go')

diff --git a/modules/caddyhttp/caddyhttp.go b/modules/caddyhttp/caddyhttp.go
index 850501f..9c80992 100644
--- a/modules/caddyhttp/caddyhttp.go
+++ b/modules/caddyhttp/caddyhttp.go
@@ -210,7 +210,8 @@ func (app *App) automaticHTTPS() error {
 				for _, m := range matcherSet {
 					if hm, ok := m.(*MatchHost); ok {
 						for _, d := range *hm {
-							if certmagic.HostQualifies(d) && !srv.AutoHTTPS.HostSkipped(d) {
+							if certmagic.HostQualifies(d) &&
+								!srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.Skip) {
 								domainSet[d] = struct{}{}
 							}
 						}
@@ -221,9 +222,12 @@ func (app *App) automaticHTTPS() error {
 
 		if len(domainSet) > 0 {
 			// marshal the domains into a slice
-			var domains []string
+			var domains, domainsForCerts []string
 			for d := range domainSet {
 				domains = append(domains, d)
+				if !srv.AutoHTTPS.Skipped(d, srv.AutoHTTPS.SkipCerts) {
+					domainsForCerts = append(domainsForCerts, d)
+				}
 			}
 
 			// ensure that these certificates are managed properly;
@@ -245,13 +249,13 @@ func (app *App) automaticHTTPS() error {
 			acmeManager.SetDefaults()
 			tlsApp.Automation.Policies = append(tlsApp.Automation.Policies,
 				caddytls.AutomationPolicy{
-					Hosts:      domains,
+					Hosts:      domainsForCerts,
 					Management: acmeManager,
 				})
 
 			// manage their certificates
-			log.Printf("[INFO] Enabling automatic HTTPS for %v", domains)
-			err := tlsApp.Manage(domains)
+			log.Printf("[INFO] Enabling automatic HTTPS certificates for %v", domainsForCerts)
+			err := tlsApp.Manage(domainsForCerts)
 			if err != nil {
 				return fmt.Errorf("%s: managing certificate for %s: %s", srvName, domains, err)
 			}
@@ -267,6 +271,8 @@ func (app *App) automaticHTTPS() error {
 				continue
 			}
 
+			log.Printf("[INFO] Enabling automatic HTTP->HTTPS redirects for %v", domains)
+
 			// create HTTP->HTTPS redirects
 			for _, addr := range srv.Listen {
 				netw, host, port, err := splitListenAddr(addr)
-- 
cgit v1.2.3