Commit a7566350 authored by Matthew Holt's avatar Matthew Holt

Little more refactoring in letsencrypt

parent 96ae288c
...@@ -55,27 +55,7 @@ func Activate(configs []server.Config) ([]server.Config, error) { ...@@ -55,27 +55,7 @@ func Activate(configs []server.Config) ([]server.Config, error) {
} }
// it all comes down to this: filling in the file path of a valid certificate automatically // it all comes down to this: filling in the file path of a valid certificate automatically
for _, cfg := range serverConfigs { configs = autoConfigure(configs, serverConfigs)
cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host)
cfg.TLS.Key = storage.SiteKeyFile(cfg.Host)
cfg.TLS.Enabled = true
cfg.Port = "https"
// Is there a plaintext HTTP config for the same host? If not, make
// one and have it redirect all requests to this HTTPS host.
var plaintextHostFound bool
for _, otherCfg := range configs {
if cfg.Host == otherCfg.Host && otherCfg.Port == "http" {
plaintextHostFound = true
break
}
}
if !plaintextHostFound {
// Make one that redirects to HTTPS for all requests
configs = append(configs, redirPlaintextHost(*cfg))
}
}
} }
return configs, nil return configs, nil
...@@ -188,6 +168,35 @@ func saveCertsAndKeys(certificates []acme.CertificateResource) error { ...@@ -188,6 +168,35 @@ func saveCertsAndKeys(certificates []acme.CertificateResource) error {
return nil return nil
} }
// autoConfigure enables TLS on all the configs in serverConfigs
// and appends, if necessary, new configs to allConfigs that redirect
// plaintext HTTP to their HTTPS counterparts.
func autoConfigure(allConfigs []server.Config, serverConfigs []*server.Config) []server.Config {
for _, cfg := range serverConfigs {
cfg.TLS.Certificate = storage.SiteCertFile(cfg.Host)
cfg.TLS.Key = storage.SiteKeyFile(cfg.Host)
cfg.TLS.Enabled = true
cfg.Port = "https"
// Is there a plaintext HTTP config for the same host? If not, make
// one and have it redirect all requests to this HTTPS host.
var plaintextHostFound bool
for _, otherCfg := range allConfigs {
if cfg.Host == otherCfg.Host && otherCfg.Port == "http" {
plaintextHostFound = true
break
}
}
if !plaintextHostFound {
// Make one that redirects to HTTPS for all requests
allConfigs = append(allConfigs, redirPlaintextHost(*cfg))
}
}
return allConfigs
}
// redirPlaintextHost returns a new plaintext HTTP configuration for // redirPlaintextHost returns a new plaintext HTTP configuration for
// a virtualHost that simply redirects to cfg, which is assumed to // a virtualHost that simply redirects to cfg, which is assumed to
// be the HTTPS configuration. The returned configuration is set // be the HTTPS configuration. The returned configuration is set
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment