split options of website/server
1 file changed, 9 insertions(+), 23 deletions(-)
changed files
M internal/server/tls.go → internal/server/tls.go
@@ -31,8 +31,8 @@ func (s *Server) serveTLS() (err error) { log := s.log.Named("tls") - wildcardDomain := "*." + s.options.Config.WildcardDomain - certificateDomains := slices.Clone(s.options.Config.Domains) + wildcardDomains := slices.Clone(s.options.WildcardDomains) + certificateDomains := slices.Clone(s.options.Domains) certmagic.HTTPPort = s.options.Port certmagic.HTTPSPort = s.options.TLSPort@@ -42,15 +42,9 @@ acme := &certmagic.DefaultACME acme.Logger = certmagic.Default.Logger acme.Agreed = true - acme.Email = s.options.Config.Email acme.ListenHost = strings.Trim(s.options.ListenAddress, "[]") - if s.options.Development { - ca := s.options.ACMEIssuer - if ca == "" { - return errors.New("can't enable tls in development without an ACME_ISSUER") - } - + if s.options.ACMEIssuer != "" { cp, err := x509.SystemCertPool() if err != nil { log.Warn("could not get system certificate pool", "error", err)@@ -87,7 +81,9 @@ Logger: cfg.Logger, }, } - certificateDomains = append(slices.Clone(s.options.Config.Domains), wildcardDomain) + if len(wildcardDomains) > 0 { + certificateDomains = append(certificateDomains, wildcardDomains...) + } rs := certmagic_redis.New() rs.Address = []string{rc.Address}@@ -121,20 +117,10 @@ if certmagic.LooksLikeHTTPChallenge(r) && acme.HandleHTTPChallenge(w, r) { return } - url := r.URL - url.Scheme = "https" - port := s.options.Config.BaseURL.Port() - if port == "" { + if slices.Contains(s.options.Domains, r.Host) { + url := r.URL + url.Scheme = "https" url.Host = r.Host - } else { - host, _, err := net.SplitHostPort(r.Host) - if err != nil { - log.Warn("error splitting host and port", "error", err) - host = r.Host - } - url.Host = net.JoinHostPort(host, s.options.Config.BaseURL.Port()) - } - if slices.Contains(s.options.Config.Domains, r.Host) { http.Redirect(w, r, url.String(), http.StatusMovedPermanently) } else { http.NotFound(w, r)