serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-27 06:03:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

httpcaddyfile: Fix automation policies

Browse source 
Fixes a bug introduced in #3862
This commit is contained in:
Matthew Holt 2021-02-08 11:06:19 -07:00
parent 0aefa7b047
commit 653a0d3f6b
No known key found for this signature in database
GPG key ID: 2A349DD577D586A5
2 changed files with 91 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
caddyconfig/httpcaddyfile/tlsapp.go
View file

@ -125,11 +125,12 @@ func (st ServerType) buildTLSApp(
if issuerVals, ok := sblock.pile["tls.cert_issuer"]; ok { if issuerVals, ok := sblock.pile["tls.cert_issuer"]; ok {
var issuers []certmagic.Issuer var issuers []certmagic.Issuer
for _, issuerVal := range issuerVals { for _, issuerVal := range issuerVals {
ap.Issuers = append(ap.Issuers, issuerVal.Value.(certmagic.Issuer)) issuers = append(issuers, issuerVal.Value.(certmagic.Issuer))
} }
if ap == catchAllAP && !reflect.DeepEqual(ap.Issuers, issuers) { if ap == catchAllAP && !reflect.DeepEqual(ap.Issuers, issuers) {
return nil, warnings, fmt.Errorf("automation policy from site block is also default/catch-all policy because of key without hostname, and the two are in conflict: %#v != %#v", ap.Issuers, issuers) return nil, warnings, fmt.Errorf("automation policy from site block is also default/catch-all policy because of key without hostname, and the two are in conflict: %#v != %#v", ap.Issuers, issuers)
} }
ap.Issuers = issuers
} }
// custom bind host // custom bind host

89
caddytest/integration/caddyfile_adapt/tls_automation_policies_3.txt Normal file
View file

@ -0,0 +1,89 @@
# https://caddy.community/t/caddyfile-having-individual-sites-differ-from-global-options/11297
{
local_certs
}
a.example.com {
tls internal
}
b.example.com {
tls abc@example.com
}
c.example.com {
}
----------
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"match": [
{
"host": [
"a.example.com"
]
}
],
"terminal": true
},
{
"match": [
{
"host": [
"b.example.com"
]
}
],
"terminal": true
},
{
"match": [
{
"host": [
"c.example.com"
]
}
],
"terminal": true
}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"subjects": [
"b.example.com"
],
"issuers": [
{
"email": "abc@example.com",
"module": "acme"
},
{
"email": "abc@example.com",
"module": "zerossl"
}
]
},
{
"issuers": [
{
"module": "internal"
}
]
}
]
}
}
}
}