From e7ecc7ede2f0f749530b0c2e685b99954b9591ce Mon Sep 17 00:00:00 2001
From: Andreas Kohn <andreas.kohn@framer.com>
Date: Tue, 4 Jun 2024 15:00:15 +0200
Subject: [PATCH] Make it possible to configure the `DisableStorageCheck`
 setting for certmagic (#6368)

See discussion about this setting in https://github.com/caddyserver/certmagic/issues/201
---
 modules/caddytls/tls.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/modules/caddytls/tls.go b/modules/caddytls/tls.go
index c233977e..b30b10c2 100644
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@@ -81,6 +81,16 @@ type TLS struct {
 	// EXPERIMENTAL. Subject to change.
 	DisableOCSPStapling bool `json:"disable_ocsp_stapling,omitempty"`
 
+	// Disables checks in certmagic that the configured storage is ready
+	// and able to handle writing new content to it. These checks are
+	// intended to prevent information loss (newly issued certificates), but
+	// can be expensive on the storage.
+	//
+	// Disabling these checks should only be done when the storage
+	// can be trusted to have enough capacity and no other problems.
+	// EXPERIMENTAL. Subject to change.
+	DisableStorageCheck bool `json:"disable_storage_check,omitempty"`
+
 	certificateLoaders []CertificateLoader
 	automateNames      []string
 	ctx                caddy.Context
@@ -255,6 +265,7 @@ func (t *TLS) Provision(ctx caddy.Context) error {
 		OCSP: certmagic.OCSPConfig{
 			DisableStapling: t.DisableOCSPStapling,
 		},
+		DisableStorageCheck: t.DisableStorageCheck,
 	})
 	certCacheMu.RUnlock()
 	for _, loader := range t.certificateLoaders {