Fix bound address/port for caddy's certmagic library (#15758)

* Fix bound address/port for caddy's certmagic library

* Fix bug

Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
Blake Miner 2021-05-12 15:58:55 -04:00 committed by GitHub
parent ffbd0fef06
commit 6a8e5f69cf
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions

View File

@ -6,6 +6,7 @@ package cmd
import ( import (
"net/http" "net/http"
"strconv"
"strings" "strings"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
@ -22,6 +23,11 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
// TODO: these are placeholders until we add options for each in settings with appropriate warning // TODO: these are placeholders until we add options for each in settings with appropriate warning
enableHTTPChallenge := true enableHTTPChallenge := true
enableTLSALPNChallenge := true enableTLSALPNChallenge := true
altHTTPPort := 0
if p, err := strconv.Atoi(setting.PortToRedirect); err == nil {
altHTTPPort = p
}
magic := certmagic.NewDefault() magic := certmagic.NewDefault()
magic.Storage = &certmagic.FileStorage{Path: directory} magic.Storage = &certmagic.FileStorage{Path: directory}
@ -30,6 +36,8 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
Agreed: setting.LetsEncryptTOS, Agreed: setting.LetsEncryptTOS,
DisableHTTPChallenge: !enableHTTPChallenge, DisableHTTPChallenge: !enableHTTPChallenge,
DisableTLSALPNChallenge: !enableTLSALPNChallenge, DisableTLSALPNChallenge: !enableTLSALPNChallenge,
ListenHost: listenAddr,
AltHTTPPort: altHTTPPort,
}) })
magic.Issuers = []certmagic.Issuer{myACME} magic.Issuers = []certmagic.Issuer{myACME}