diff options
author | Alan Pearce | 2024-07-11 11:02:10 +0200 |
---|---|---|
committer | Alan Pearce | 2024-07-11 11:02:10 +0200 |
commit | a67a216bf8227c271828f901d5a04a600f865711 (patch) | |
tree | bb1e8a1cd67b71885df6402f971b64bcf6e0940c /internal/server | |
parent | de704a079eb09b0b9126cb44839d1c0a34014173 (diff) | |
download | website-a67a216bf8227c271828f901d5a04a600f865711.tar.lz website-a67a216bf8227c271828f901d5a04a600f865711.tar.zst website-a67a216bf8227c271828f901d5a04a600f865711.zip |
fix dns01 challenge
Diffstat (limited to 'internal/server')
-rw-r--r-- | internal/server/tls.go | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/internal/server/tls.go b/internal/server/tls.go index 556013d..0561f5a 100644 --- a/internal/server/tls.go +++ b/internal/server/tls.go @@ -40,10 +40,7 @@ func (s *Server) serveTLS() (err error) { cfg := certmagic.NewDefault() cfg.DefaultServerName = s.config.Domains[0] - issuer := &certmagic.DefaultACME - certmagic.DefaultACME.Agreed = true - certmagic.DefaultACME.Email = s.config.Email - certmagic.DefaultACME.Logger = certmagic.Default.Logger + var issuer *certmagic.ACMEIssuer if s.runtimeConfig.Development { ca := s.runtimeConfig.ACMECA @@ -71,8 +68,8 @@ func (s *Server) serveTLS() (err error) { ListenHost: s.runtimeConfig.ListenAddress, AltHTTPPort: s.runtimeConfig.Port, AltTLSALPNPort: s.runtimeConfig.TLSPort, + Logger: certmagic.Default.Logger, }) - cfg.Issuers[0] = issuer } else { rc := &redisConfig{} _, err = conf.Parse("REDIS", rc) @@ -86,14 +83,20 @@ func (s *Server) serveTLS() (err error) { return errors.Wrap(err, "could not parse ACME config") } - issuer.DNS01Solver = &certmagic.DNS01Solver{ - DNSManager: certmagic.DNSManager{ - DNSProvider: acme, - Logger: certmagic.Default.Logger, + issuer = certmagic.NewACMEIssuer(cfg, certmagic.ACMEIssuer{ + CA: certmagic.LetsEncryptProductionCA, + Email: s.config.Email, + Agreed: true, + Logger: certmagic.Default.Logger, + DNS01Solver: &certmagic.DNS01Solver{ + DNSManager: certmagic.DNSManager{ + DNSProvider: acme, + Logger: certmagic.Default.Logger, + }, }, - } + }) - log.Debug("acme", "username", acme.Username, "subdomain", acme.Subdomain, "server_url", acme.ServerURL) + log.Info("acme", "username", acme.Username, "subdomain", acme.Subdomain, "server_url", acme.ServerURL) rs := certmagic_redis.New() rs.Address = []string{rc.Address} @@ -110,6 +113,7 @@ func (s *Server) serveTLS() (err error) { return errors.Wrap(err, "could not provision redis storage") } } + cfg.Issuers[0] = issuer ln, err := listenfd.GetListener( 1, @@ -160,7 +164,7 @@ func (s *Server) serveTLS() (err error) { "https_port", s.runtimeConfig.TLSPort, ) - err = cfg.ManageSync(context.TODO(), s.config.Domains) + err = cfg.ManageAsync(context.TODO(), append(s.config.Domains, "*.aln.pe")) if err != nil { return errors.Wrap(err, "could not enable TLS") } |