aboutsummaryrefslogtreecommitdiffhomepage
path: root/caddyconfig/httpcaddyfile/options.go
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2024-04-22 15:47:09 -0600
committerMatthew Holt <[email protected]>2024-04-22 15:47:09 -0600
commit6a0299905479083f250c39d5780c305f82863273 (patch)
tree820e8d2581151abc276d3b351ba6ee2021c12fc0 /caddyconfig/httpcaddyfile/options.go
parent9f97df2275638ef80ca104dd0ca51e5a7ab93b21 (diff)
downloadcaddy-6a0299905479083f250c39d5780c305f82863273.tar.gz
caddy-6a0299905479083f250c39d5780c305f82863273.zip
caddytls: Add Caddyfile support for on-demand permission module (close #6260)
Diffstat (limited to 'caddyconfig/httpcaddyfile/options.go')
-rw-r--r--caddyconfig/httpcaddyfile/options.go25
1 files changed, 25 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/options.go b/caddyconfig/httpcaddyfile/options.go
index bbc63ced8..6a8ba0bd3 100644
--- a/caddyconfig/httpcaddyfile/options.go
+++ b/caddyconfig/httpcaddyfile/options.go
@@ -345,9 +345,34 @@ func parseOptOnDemand(d *caddyfile.Dispenser, _ any) (any, error) {
if ond == nil {
ond = new(caddytls.OnDemandConfig)
}
+ if ond.PermissionRaw != nil {
+ return nil, d.Err("on-demand TLS permission module (or 'ask') already specified")
+ }
perm := caddytls.PermissionByHTTP{Endpoint: d.Val()}
ond.PermissionRaw = caddyconfig.JSONModuleObject(perm, "module", "http", nil)
+ case "permission":
+ if !d.NextArg() {
+ return nil, d.ArgErr()
+ }
+ if ond == nil {
+ ond = new(caddytls.OnDemandConfig)
+ }
+ if ond.PermissionRaw != nil {
+ return nil, d.Err("on-demand TLS permission module (or 'ask') already specified")
+ }
+ modName := d.Val()
+ modID := "tls.permission." + modName
+ unm, err := caddyfile.UnmarshalModule(d, modID)
+ if err != nil {
+ return nil, err
+ }
+ perm, ok := unm.(caddytls.OnDemandPermission)
+ if !ok {
+ return nil, d.Errf("module %s (%T) is not an on-demand TLS permission module", modID, unm)
+ }
+ ond.PermissionRaw = caddyconfig.JSONModuleObject(perm, "module", modName, nil)
+
case "interval":
if !d.NextArg() {
return nil, d.ArgErr()