diff options
author | Alan Pearce | 2024-10-23 15:45:02 +0200 |
---|---|---|
committer | Alan Pearce | 2024-10-23 15:45:02 +0200 |
commit | 51024675983d865c4635fa70184f827c6c543d02 (patch) | |
tree | 3b26caa315efe64d71e0183b0c5c5ef37f2f1a01 /internal/server/tls.go | |
parent | 885a0ed62daea18c444cc67033db1d21312a32c0 (diff) | |
download | website-51024675983d865c4635fa70184f827c6c543d02.tar.lz website-51024675983d865c4635fa70184f827c6c543d02.tar.zst website-51024675983d865c4635fa70184f827c6c543d02.zip |
provision wildcard certificate correctly
Diffstat (limited to 'internal/server/tls.go')
-rw-r--r-- | internal/server/tls.go | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/internal/server/tls.go b/internal/server/tls.go index 4d52b8d..9f22a5e 100644 --- a/internal/server/tls.go +++ b/internal/server/tls.go @@ -5,6 +5,7 @@ import ( "crypto/x509" "net" "net/http" + "slices" "strconv" "go.alanpearce.eu/x/listenfd" @@ -35,6 +36,9 @@ type acmeConfig struct { func (s *Server) serveTLS() (err error) { log := s.log.Named("tls") + wildcardDomain := "*." + s.config.WildcardDomain + certificateDomains := slices.Clone(s.config.Domains) + // setting cfg.Logger is too late somehow certmagic.Default.Logger = log.GetLogger().Named("certmagic") cfg := certmagic.NewDefault() @@ -96,6 +100,8 @@ func (s *Server) serveTLS() (err error) { }, }) + certificateDomains = append(slices.Clone(s.config.Domains), wildcardDomain) + log.Info("acme", "username", acme.Username, "subdomain", acme.Subdomain, "server_url", acme.ServerURL) rs := certmagic_redis.New() @@ -164,7 +170,7 @@ func (s *Server) serveTLS() (err error) { "https_port", s.runtimeConfig.TLSPort, ) - err = cfg.ManageAsync(context.TODO(), s.config.Domains) + err = cfg.ManageAsync(context.TODO(), certificateDomains) if err != nil { return errors.Wrap(err, "could not enable TLS") } |