From 90284e8017fedeb6eeb9f4183660a679b8a5e15e Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Tue, 2 Feb 2021 16:17:26 -0700
Subject: httpcaddyfile: Fix default issuers when email provided

If `tls <email>` is used, we should apply that to all applicable default issuers, not drop them. This refactoring applies implicit ACME issuer settings from the tls directive to all default ACME issuers, like ZeroSSL.

We also consolidate some annoying logic and improve config validity checks.

Ref: https://caddy.community/t/error-obtaining-certificate-after-caddy-restart/11335/8
---
 modules/caddyhttp/autohttps.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'modules/caddyhttp')

diff --git a/modules/caddyhttp/autohttps.go b/modules/caddyhttp/autohttps.go
index c1d4c08..5c83d8f 100644
--- a/modules/caddyhttp/autohttps.go
+++ b/modules/caddyhttp/autohttps.go
@@ -444,7 +444,7 @@ func (app *App) createAutomationPolicies(ctx caddy.Context, internalNames []stri
 		// what the HTTP and HTTPS ports are)
 		if ap.Issuers == nil {
 			var err error
-			ap.Issuers, err = caddytls.DefaultIssuers(ctx)
+			ap.Issuers, err = caddytls.DefaultIssuersProvisioned(ctx)
 			if err != nil {
 				return err
 			}
@@ -499,7 +499,7 @@ func (app *App) createAutomationPolicies(ctx caddy.Context, internalNames []stri
 	// never overwrite any other issuer that might already be configured
 	if basePolicy.Issuers == nil {
 		var err error
-		basePolicy.Issuers, err = caddytls.DefaultIssuers(ctx)
+		basePolicy.Issuers, err = caddytls.DefaultIssuersProvisioned(ctx)
 		if err != nil {
 			return err
 		}
-- 
cgit v1.2.3