mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-23 22:27:38 -05:00
11103bd8d6
Biggest change is no longer using standard library's tls.Config.getCertificate function to get a certificate during TLS handshake. Implemented our own cache which can be changed dynamically at runtime, even during TLS handshakes. As such, restarts are no longer required after certificate renewals or OCSP updates. We also allow loading multiple certificates and keys per host, even by specifying a directory (tls got a new 'load' command for that). Renamed the letsencrypt package to https in a gradual effort to become more generic; and https is more fitting for what the package does now. There are still some known bugs, e.g. reloading where a new certificate is required but port 80 isn't currently listening, will cause the challenge to fail. There's still plenty of cleanup to do and tests to write. It is especially confusing right now how we enable "on-demand" TLS during setup and keep track of that. But this change should basically work so far.
77 lines
2.2 KiB
Go
77 lines
2.2 KiB
Go
package server
|
|
|
|
import (
|
|
"net"
|
|
|
|
"github.com/mholt/caddy/middleware"
|
|
)
|
|
|
|
// Config configuration for a single server.
|
|
type Config struct {
|
|
// The hostname or IP on which to serve
|
|
Host string
|
|
|
|
// The host address to bind on - defaults to (virtual) Host if empty
|
|
BindHost string
|
|
|
|
// The port to listen on
|
|
Port string
|
|
|
|
// The protocol (http/https) to serve with this config; only set if user explicitly specifies it
|
|
Scheme string
|
|
|
|
// The directory from which to serve files
|
|
Root string
|
|
|
|
// HTTPS configuration
|
|
TLS TLSConfig
|
|
|
|
// Middleware stack; map of path scope to middleware -- TODO: Support path scope?
|
|
Middleware map[string][]middleware.Middleware
|
|
|
|
// Startup is a list of functions (or methods) to execute at
|
|
// server startup and restart; these are executed before any
|
|
// parts of the server are configured, and the functions are
|
|
// blocking. These are good for setting up middlewares and
|
|
// starting goroutines.
|
|
Startup []func() error
|
|
|
|
// FirstStartup is like Startup but these functions only execute
|
|
// during the initial startup, not on subsequent restarts.
|
|
//
|
|
// (Note: The server does not ever run these on its own; it is up
|
|
// to the calling application to do so, and do so only once, as the
|
|
// server itself has no notion whether it's a restart or not.)
|
|
FirstStartup []func() error
|
|
|
|
// Functions (or methods) to execute when the server quits;
|
|
// these are executed in response to SIGINT and are blocking
|
|
Shutdown []func() error
|
|
|
|
// The path to the configuration file from which this was loaded
|
|
ConfigFile string
|
|
|
|
// The name of the application
|
|
AppName string
|
|
|
|
// The application's version
|
|
AppVersion string
|
|
}
|
|
|
|
// Address returns the host:port of c as a string.
|
|
func (c Config) Address() string {
|
|
return net.JoinHostPort(c.Host, c.Port)
|
|
}
|
|
|
|
// TLSConfig describes how TLS should be configured and used.
|
|
type TLSConfig struct {
|
|
Enabled bool
|
|
LetsEncryptEmail string
|
|
Managed bool // will be set to true if config qualifies for automatic, managed TLS
|
|
Manual bool // will be set to true if user provides the cert and key files
|
|
Ciphers []uint16
|
|
ProtocolMinVersion uint16
|
|
ProtocolMaxVersion uint16
|
|
PreferServerCipherSuites bool
|
|
ClientCerts []string
|
|
}
|