diff options
author | Andreas Kohn <[email protected]> | 2024-06-04 15:00:15 +0200 |
---|---|---|
committer | GitHub <[email protected]> | 2024-06-04 07:00:15 -0600 |
commit | e7ecc7ede2f0f749530b0c2e685b99954b9591ce (patch) | |
tree | 6d11fc2ab5e32bd4f357ec2d1d386c157e560fdb /modules/caddytls | |
parent | 7088605cc11c52c2777ab613dfc5c2a9816006e4 (diff) | |
download | caddy-e7ecc7ede2f0f749530b0c2e685b99954b9591ce.tar.gz caddy-e7ecc7ede2f0f749530b0c2e685b99954b9591ce.zip |
Make it possible to configure the `DisableStorageCheck` setting for certmagic (#6368)
See discussion about this setting in https://github.com/caddyserver/certmagic/issues/201
Diffstat (limited to 'modules/caddytls')
-rw-r--r-- | modules/caddytls/tls.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index c233977e1..b30b10c24 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -81,6 +81,16 @@ type TLS struct { // EXPERIMENTAL. Subject to change. DisableOCSPStapling bool `json:"disable_ocsp_stapling,omitempty"` + // Disables checks in certmagic that the configured storage is ready + // and able to handle writing new content to it. These checks are + // intended to prevent information loss (newly issued certificates), but + // can be expensive on the storage. + // + // Disabling these checks should only be done when the storage + // can be trusted to have enough capacity and no other problems. + // EXPERIMENTAL. Subject to change. + DisableStorageCheck bool `json:"disable_storage_check,omitempty"` + certificateLoaders []CertificateLoader automateNames []string ctx caddy.Context @@ -255,6 +265,7 @@ func (t *TLS) Provision(ctx caddy.Context) error { OCSP: certmagic.OCSPConfig{ DisableStapling: t.DisableOCSPStapling, }, + DisableStorageCheck: t.DisableStorageCheck, }) certCacheMu.RUnlock() for _, loader := range t.certificateLoaders { |