aboutsummaryrefslogtreecommitdiffhomepage
path: root/modules/caddytls/tls.go
diff options
context:
space:
mode:
authorMatt Holt <[email protected]>2024-12-20 10:55:02 -0700
committerGitHub <[email protected]>2024-12-20 10:55:02 -0700
commit86da4e8f56f3518bc053dd4f68a78c538a4aab5f (patch)
treebaaf259e90a81d56bf8a2999809d396a02fe1ea9 /modules/caddytls/tls.go
parent130c868e95dfd1a8b1d39fd217bc6378f6b72ec0 (diff)
parented1c594cdbddf89829eaf1174f414028577b432d (diff)
downloadcaddy-86da4e8f56f3518bc053dd4f68a78c538a4aab5f.tar.gz
caddy-86da4e8f56f3518bc053dd4f68a78c538a4aab5f.zip
Merge branch 'master' into transfer-encoding-matchtransfer-encoding-match
Diffstat (limited to 'modules/caddytls/tls.go')
-rw-r--r--modules/caddytls/tls.go17
1 files changed, 16 insertions, 1 deletions
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go
index 6e660dea8..abb519eb7 100644
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@@ -92,6 +92,17 @@ type TLS struct {
// EXPERIMENTAL. Subject to change.
DisableStorageCheck bool `json:"disable_storage_check,omitempty"`
+ // Disables the automatic cleanup of the storage backend.
+ // This is useful when TLS is not being used to store certificates
+ // and the user wants run their server in a read-only mode.
+ //
+ // Storage cleaning creates two files: instance.uuid and last_clean.json.
+ // The instance.uuid file is used to identify the instance of Caddy
+ // in a cluster. The last_clean.json file is used to store the last
+ // time the storage was cleaned.
+ // EXPERIMENTAL. Subject to change.
+ DisableStorageClean bool `json:"disable_storage_clean,omitempty"`
+
certificateLoaders []CertificateLoader
automateNames []string
ctx caddy.Context
@@ -328,7 +339,11 @@ func (t *TLS) Start() error {
return fmt.Errorf("automate: managing %v: %v", t.automateNames, err)
}
- t.keepStorageClean()
+ if !t.DisableStorageClean {
+ // start the storage cleaner goroutine and ticker,
+ // which cleans out expired certificates and more
+ t.keepStorageClean()
+ }
return nil
}