diff options
| author | techknowlogick <techknowlogick@gitea.io> | 2021-01-24 18:37:35 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-01-25 01:37:35 +0200 |
| commit | d2ea21d0d8103986b2ce53c17b7b99b1ce6828b0 (patch) | |
| tree | 802ea1a787b1f6ef08b18524d3818115a750f0eb /cmd/web.go | |
| parent | bc05ddc0ebd6fdc826ef2beec99304bac60ddd8a (diff) | |
| download | gitea-d2ea21d0d8103986b2ce53c17b7b99b1ce6828b0.tar.gz gitea-d2ea21d0d8103986b2ce53c17b7b99b1ce6828b0.zip | |
Use caddy's certmagic library for extensible/robust ACME handling (#14177)
* use certmagic for more extensible/robust ACME cert handling
* accept TOS based on config option
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Diffstat (limited to 'cmd/web.go')
| -rw-r--r-- | cmd/web.go | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/cmd/web.go b/cmd/web.go index 063e41c946..2e8c45a76e 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -22,7 +22,6 @@ import ( context2 "github.com/gorilla/context" "github.com/urfave/cli" - "golang.org/x/crypto/acme/autocert" ini "gopkg.in/ini.v1" ) @@ -72,36 +71,6 @@ func runHTTPRedirector() { } } -func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) error { - certManager := autocert.Manager{ - Prompt: autocert.AcceptTOS, - HostPolicy: autocert.HostWhitelist(domain), - Cache: autocert.DirCache(directory), - Email: email, - } - go func() { - log.Info("Running Let's Encrypt handler on %s", setting.HTTPAddr+":"+setting.PortToRedirect) - // all traffic coming into HTTP will be redirect to HTTPS automatically (LE HTTP-01 validation happens here) - var err = runHTTP("tcp", setting.HTTPAddr+":"+setting.PortToRedirect, certManager.HTTPHandler(http.HandlerFunc(runLetsEncryptFallbackHandler))) - if err != nil { - log.Fatal("Failed to start the Let's Encrypt handler on port %s: %v", setting.PortToRedirect, err) - } - }() - return runHTTPSWithTLSConfig("tcp", listenAddr, certManager.TLSConfig(), context2.ClearHandler(m)) -} - -func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) { - if r.Method != "GET" && r.Method != "HEAD" { - http.Error(w, "Use HTTPS", http.StatusBadRequest) - return - } - // Remove the trailing slash at the end of setting.AppURL, the request - // URI always contains a leading slash, which would result in a double - // slash - target := strings.TrimSuffix(setting.AppURL, "/") + r.URL.RequestURI() - http.Redirect(w, r, target, http.StatusFound) -} - func runWeb(ctx *cli.Context) error { managerCtx, cancel := context.WithCancel(context.Background()) graceful.InitManager(managerCtx) |