From 57c5b921a4283b4efa44d2fd77dce50f3113fb5a Mon Sep 17 00:00:00 2001 From: Matt Holt Date: Tue, 30 Jan 2024 16:11:29 -0700 Subject: caddytls: Make on-demand 'ask' permission modular (#6055) * caddytls: Make on-demand 'ask' permission modular This makes the 'ask' endpoint a module, which means that developers can write custom plugins for granting permission for on-demand certificates. Kicking myself that we didn't do it this way at the beginning, but who coulda known... * Lint * Error on conflicting config * Fix bad merge --------- Co-authored-by: Francis Lavoie --- caddyconfig/httpcaddyfile/options.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'caddyconfig/httpcaddyfile/options.go') diff --git a/caddyconfig/httpcaddyfile/options.go b/caddyconfig/httpcaddyfile/options.go index fa447f8dc..9ff62d07e 100644 --- a/caddyconfig/httpcaddyfile/options.go +++ b/caddyconfig/httpcaddyfile/options.go @@ -335,7 +335,8 @@ func parseOptOnDemand(d *caddyfile.Dispenser, _ any) (any, error) { } var ond *caddytls.OnDemandConfig - for d.NextBlock(0) { + + for nesting := d.Nesting(); d.NextBlock(nesting); { switch d.Val() { case "ask": if !d.NextArg() { @@ -344,7 +345,8 @@ func parseOptOnDemand(d *caddyfile.Dispenser, _ any) (any, error) { if ond == nil { ond = new(caddytls.OnDemandConfig) } - ond.Ask = d.Val() + perm := caddytls.PermissionByHTTP{Endpoint: d.Val()} + ond.PermissionRaw = caddyconfig.JSONModuleObject(perm, "module", "http", nil) case "interval": if !d.NextArg() { -- cgit v1.2.3