all repos — homestead @ de8e02d2a10ce0a01817729e47f31e7b37103af2

Code for my website

split options of website/server

Alan Pearce
commit

de8e02d2a10ce0a01817729e47f31e7b37103af2

parent

5434a11ad1bf6693705a9ba38ec9464f2d001da9

1 file changed, 9 insertions(+), 23 deletions(-)

changed files
M internal/server/tls.gointernal/server/tls.go
@@ -31,8 +31,8 @@
func (s *Server) serveTLS() (err error) { log := s.log.Named("tls") - wildcardDomain := "*." + s.options.Config.WildcardDomain - certificateDomains := slices.Clone(s.options.Config.Domains) + wildcardDomains := slices.Clone(s.options.WildcardDomains) + certificateDomains := slices.Clone(s.options.Domains) certmagic.HTTPPort = s.options.Port certmagic.HTTPSPort = s.options.TLSPort
@@ -42,15 +42,9 @@
acme := &certmagic.DefaultACME acme.Logger = certmagic.Default.Logger acme.Agreed = true - acme.Email = s.options.Config.Email acme.ListenHost = strings.Trim(s.options.ListenAddress, "[]") - if s.options.Development { - ca := s.options.ACMEIssuer - if ca == "" { - return errors.New("can't enable tls in development without an ACME_ISSUER") - } - + if s.options.ACMEIssuer != "" { cp, err := x509.SystemCertPool() if err != nil { log.Warn("could not get system certificate pool", "error", err)
@@ -87,7 +81,9 @@ Logger: cfg.Logger,
}, } - certificateDomains = append(slices.Clone(s.options.Config.Domains), wildcardDomain) + if len(wildcardDomains) > 0 { + certificateDomains = append(certificateDomains, wildcardDomains...) + } rs := certmagic_redis.New() rs.Address = []string{rc.Address}
@@ -121,20 +117,10 @@ if certmagic.LooksLikeHTTPChallenge(r) &&
acme.HandleHTTPChallenge(w, r) { return } - url := r.URL - url.Scheme = "https" - port := s.options.Config.BaseURL.Port() - if port == "" { + if slices.Contains(s.options.Domains, r.Host) { + url := r.URL + url.Scheme = "https" url.Host = r.Host - } else { - host, _, err := net.SplitHostPort(r.Host) - if err != nil { - log.Warn("error splitting host and port", "error", err) - host = r.Host - } - url.Host = net.JoinHostPort(host, s.options.Config.BaseURL.Port()) - } - if slices.Contains(s.options.Config.Domains, r.Host) { http.Redirect(w, r, url.String(), http.StatusMovedPermanently) } else { http.NotFound(w, r)