Fix bound address/port for caddy's certmagic library (#15758)

* Fix bound address/port for caddy's certmagic library

* Fix bug

Co-authored-by: zeripath <art27@cantab.net>

diff --git a/cmd/web_letsencrypt.go b/cmd/web_letsencrypt.go
index 387aacce2cbb7c6a6141c5884ddc40b27d427da1..9cfc9b3ab2212e24e809ed75f60fea60a6e11097 100644 (file)
--- a/cmd/web_letsencrypt.go
+++ b/cmd/web_letsencrypt.go
@@ -6,6 +6,7 @@ package cmd
 
 import (
        "net/http"
+       "strconv"
        "strings"
 
        "code.gitea.io/gitea/modules/log"
@@ -22,6 +23,11 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
        // TODO: these are placeholders until we add options for each in settings with appropriate warning
        enableHTTPChallenge := true
        enableTLSALPNChallenge := true
+       altHTTPPort := 0
+
+       if p, err := strconv.Atoi(setting.PortToRedirect); err == nil {
+               altHTTPPort = p
+       }
 
        magic := certmagic.NewDefault()
        magic.Storage = &certmagic.FileStorage{Path: directory}
@@ -30,6 +36,8 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
                Agreed:                  setting.LetsEncryptTOS,
                DisableHTTPChallenge:    !enableHTTPChallenge,
                DisableTLSALPNChallenge: !enableTLSALPNChallenge,
+               ListenHost:              listenAddr,
+               AltHTTPPort:             altHTTPPort,
        })
 
        magic.Issuers = []certmagic.Issuer{myACME}