diff --git a/modules/caddyhttp/autohttps.go b/modules/caddyhttp/autohttps.go index 6b53d39e..751c6dfd 100644 --- a/modules/caddyhttp/autohttps.go +++ b/modules/caddyhttp/autohttps.go @@ -318,6 +318,9 @@ func (app *App) createAutomationPolicy(ctx caddy.Context) error { // if it has an ACME issuer, maybe we can just use that acmeIssuer, _ = matchingPolicy.Issuer.(*caddytls.ACMEIssuer) } + if acmeIssuer == nil { + acmeIssuer = new(caddytls.ACMEIssuer) + } if acmeIssuer.Challenges == nil { acmeIssuer.Challenges = new(caddytls.ChallengesConfig) } diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go index a7cd54e5..4fa126e3 100644 --- a/modules/caddytls/tls.go +++ b/modules/caddytls/tls.go @@ -678,13 +678,14 @@ const automateKey = "automate" func (t *TLS) moveCertificates() error { log := t.logger.Named("automigrate") - oldAcmeDir := filepath.Join(caddy.AppDataDir(), "acme") + baseDir := caddy.AppDataDir() // if custom storage path was defined, use that instead - if fs, ok := t.ctx.Storage().(*certmagic.FileStorage); ok { - oldAcmeDir = fs.Path + if fs, ok := t.ctx.Storage().(*certmagic.FileStorage); ok && fs.Path != "" { + baseDir = fs.Path } + oldAcmeDir := filepath.Join(baseDir, "acme") oldAcmeCas, err := ioutil.ReadDir(oldAcmeDir) if err != nil { if os.IsNotExist(err) { @@ -705,10 +706,11 @@ func (t *TLS) moveCertificates() error { for _, oldCA := range oldCANames { // make new destination path newCAName := oldCA - if strings.Contains(oldCA, "api.letsencrypt.org") { + if strings.Contains(oldCA, "api.letsencrypt.org") && + !strings.HasSuffix(oldCA, "-directory") { newCAName += "-directory" } - newBaseDir := filepath.Join(caddy.AppDataDir(), "certificates", newCAName) + newBaseDir := filepath.Join(baseDir, "certificates", newCAName) err := os.MkdirAll(newBaseDir, 0700) if err != nil { return fmt.Errorf("making new certs directory: %v", err)