aboutsummaryrefslogtreecommitdiffhomepage
path: root/modules/caddytls
diff options
context:
space:
mode:
authorAndreas Kohn <[email protected]>2024-06-04 15:00:15 +0200
committerGitHub <[email protected]>2024-06-04 07:00:15 -0600
commite7ecc7ede2f0f749530b0c2e685b99954b9591ce (patch)
tree6d11fc2ab5e32bd4f357ec2d1d386c157e560fdb /modules/caddytls
parent7088605cc11c52c2777ab613dfc5c2a9816006e4 (diff)
downloadcaddy-e7ecc7ede2f0f749530b0c2e685b99954b9591ce.tar.gz
caddy-e7ecc7ede2f0f749530b0c2e685b99954b9591ce.zip
Make it possible to configure the `DisableStorageCheck` setting for certmagic (#6368)
See discussion about this setting in https://github.com/caddyserver/certmagic/issues/201
Diffstat (limited to 'modules/caddytls')
-rw-r--r--modules/caddytls/tls.go11
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go
index c233977e1..b30b10c24 100644
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@@ -81,6 +81,16 @@ type TLS struct {
// EXPERIMENTAL. Subject to change.
DisableOCSPStapling bool `json:"disable_ocsp_stapling,omitempty"`
+ // Disables checks in certmagic that the configured storage is ready
+ // and able to handle writing new content to it. These checks are
+ // intended to prevent information loss (newly issued certificates), but
+ // can be expensive on the storage.
+ //
+ // Disabling these checks should only be done when the storage
+ // can be trusted to have enough capacity and no other problems.
+ // EXPERIMENTAL. Subject to change.
+ DisableStorageCheck bool `json:"disable_storage_check,omitempty"`
+
certificateLoaders []CertificateLoader
automateNames []string
ctx caddy.Context
@@ -255,6 +265,7 @@ func (t *TLS) Provision(ctx caddy.Context) error {
OCSP: certmagic.OCSPConfig{
DisableStapling: t.DisableOCSPStapling,
},
+ DisableStorageCheck: t.DisableStorageCheck,
})
certCacheMu.RUnlock()
for _, loader := range t.certificateLoaders {