57c5b921a4
* caddytls: Make on-demand 'ask' permission modular This makes the 'ask' endpoint a module, which means that developers can write custom plugins for granting permission for on-demand certificates. Kicking myself that we didn't do it this way at the beginning, but who coulda known... * Lint * Error on conflicting config * Fix bad merge --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com>
1.2 KiB
{ debug http_port 8080 https_port 8443 default_sni localhost order root first storage file_system { root /data } acme_ca https://example.com acme_ca_root /path/to/ca.crt
email test@example.com
admin {
origins localhost:2019 [::1]:2019 127.0.0.1:2019 192.168.10.128
}
on_demand_tls {
ask https://example.com
interval 30s
burst 20
}
local_certs
key_type ed25519
}
:80
{ "admin": { "listen": "localhost:2019", "origins": [ "localhost:2019", "[::1]:2019", "127.0.0.1:2019", "192.168.10.128" ] }, "logging": { "logs": { "default": { "level": "DEBUG" } } }, "storage": { "module": "file_system", "root": "/data" }, "apps": { "http": { "http_port": 8080, "https_port": 8443, "servers": { "srv0": { "listen": [ ":80" ] } } }, "tls": { "automation": { "policies": [ { "issuers": [ { "module": "internal" } ], "key_type": "ed25519" } ], "on_demand": { "permission": { "endpoint": "https://example.com", "module": "http" }, "rate_limit": { "interval": 30000000000, "burst": 20 } } } } } }