set timeouts for secondary (http) server
1 file changed, 15 insertions(+), 23 deletions(-)
changed files
M internal/server/tls.go → internal/server/tls.go
@@ -35,29 +35,6 @@ issuer = &certmagic.DefaultACME certmagic.DefaultACME.Agreed = true certmagic.DefaultACME.Email = s.config.Email - ln, err := listenfd.GetListener( - 1, - net.JoinHostPort(s.runtimeConfig.ListenAddress, strconv.Itoa(s.runtimeConfig.Port)), - ) - if err != nil { - return errors.Wrap(err, "could not bind plain socket") - } - - go func(ln net.Listener) { - redirecter := http.NewServeMux() - redirecter.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { - if certmagic.LooksLikeHTTPChallenge(r) { - issuer.HandleHTTPChallenge(w, r) - } else { - s.redirectHandler(w, r) - } - }) - err := http.Serve(ln, redirecter) - if err != nil && !errors.Is(err, http.ErrServerClosed) { - log.Error("error in http handler", "error", err) - } - }(ln) - if s.runtimeConfig.Development { ca := s.runtimeConfig.ACMECA if ca == "" {@@ -113,6 +90,21 @@ if err != nil { return errors.Wrap(err, "could not provision redis storage") } } + + ln, err := listenfd.GetListener( + 1, + net.JoinHostPort(s.runtimeConfig.ListenAddress, strconv.Itoa(s.runtimeConfig.Port)), + ) + if err != nil { + return errors.Wrap(err, "could not bind plain socket") + } + + go func(ln net.Listener) { + s.redirectServer.Handler = issuer.HTTPChallengeHandler(s.redirectServer.Handler) + if err := s.redirectServer.Serve(ln); err != nil && !errors.Is(err, http.ErrServerClosed) { + log.Error("error in http handler", "error", err) + } + }(ln) log.Debug( "starting certmagic",