diff options
author | Matthew Holt <[email protected]> | 2024-05-11 21:39:44 -0600 |
---|---|---|
committer | Matthew Holt <[email protected]> | 2024-05-11 21:39:56 -0600 |
commit | 583c585c81ac4bcf94fb2046b695f64a83b41cf7 (patch) | |
tree | 6877b6ec1e440114b3385e9f36a27d14102ca2d2 | |
parent | 4356635d123ee71b72654738a0c30653a3a29d98 (diff) | |
download | caddy-583c585c81ac4bcf94fb2046b695f64a83b41cf7.tar.gz caddy-583c585c81ac4bcf94fb2046b695f64a83b41cf7.zip |
httpcaddyfile: Set challenge ports when http_port or https_port are used
-rw-r--r-- | caddyconfig/httpcaddyfile/tlsapp.go | 20 | ||||
-rw-r--r-- | caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest | 8 |
2 files changed, 27 insertions, 1 deletions
diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index f1ee1e863..f69e2c54a 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -457,6 +457,7 @@ func fillInGlobalACMEDefaults(issuer certmagic.Issuer, options map[string]any) e globalACMEEAB := options["acme_eab"] globalPreferredChains := options["preferred_chains"] globalCertLifetime := options["cert_lifetime"] + globalHTTPPort, globalHTTPSPort := options["http_port"], options["https_port"] if globalEmail != nil && acmeIssuer.Email == "" { acmeIssuer.Email = globalEmail.(string) @@ -480,7 +481,24 @@ func fillInGlobalACMEDefaults(issuer certmagic.Issuer, options map[string]any) e if globalPreferredChains != nil && acmeIssuer.PreferredChains == nil { acmeIssuer.PreferredChains = globalPreferredChains.(*caddytls.ChainPreference) } - + if globalHTTPPort != nil && (acmeIssuer.Challenges == nil || acmeIssuer.Challenges.HTTP == nil || acmeIssuer.Challenges.HTTP.AlternatePort == 0) { + if acmeIssuer.Challenges == nil { + acmeIssuer.Challenges = new(caddytls.ChallengesConfig) + } + if acmeIssuer.Challenges.HTTP == nil { + acmeIssuer.Challenges.HTTP = new(caddytls.HTTPChallengeConfig) + } + acmeIssuer.Challenges.HTTP.AlternatePort = globalHTTPPort.(int) + } + if globalHTTPSPort != nil && (acmeIssuer.Challenges == nil || acmeIssuer.Challenges.TLSALPN == nil || acmeIssuer.Challenges.TLSALPN.AlternatePort == 0) { + if acmeIssuer.Challenges == nil { + acmeIssuer.Challenges = new(caddytls.ChallengesConfig) + } + if acmeIssuer.Challenges.TLSALPN == nil { + acmeIssuer.Challenges.TLSALPN = new(caddytls.TLSALPNChallengeConfig) + } + acmeIssuer.Challenges.TLSALPN.AlternatePort = globalHTTPSPort.(int) + } if globalCertLifetime != nil && acmeIssuer.CertificateLifetime == 0 { acmeIssuer.CertificateLifetime = globalCertLifetime.(caddy.Duration) } diff --git a/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest b/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest index f51779253..bc4b6dcaf 100644 --- a/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest +++ b/caddytest/integration/caddyfile_adapt/global_options_acme.caddyfiletest @@ -63,6 +63,14 @@ "issuers": [ { "ca": "https://example.com", + "challenges": { + "http": { + "alternate_port": 8080 + }, + "tls-alpn": { + "alternate_port": 8443 + } + }, "email": "[email protected]", "external_account": { "key_id": "4K2scIVbBpNd-78scadB2g", |