From 7aecd2d71877cd52e66a9d1f269a02cce538552e Mon Sep 17 00:00:00 2001 From: Artem Ivanov Date: Sun, 11 Sep 2022 18:56:59 +0200 Subject: [PATCH] fix ondemand cert issuing (#243) --- httpmuxer/httpmuxer.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/httpmuxer/httpmuxer.go b/httpmuxer/httpmuxer.go index 51b3b0a..ee2e81b 100644 --- a/httpmuxer/httpmuxer.go +++ b/httpmuxer/httpmuxer.go @@ -279,6 +279,8 @@ func Start(state *utils.State) { gin.WrapH(currentListener.Balancer)(c) }) + var acmeIssuer *certmagic.ACMEIssuer = nil + // If HTTPS is enabled, setup certmagic to allow us to provision HTTPS certs on the fly. // You can use sish without a wildcard cert, but you really should. If you get a lot of clients // with many random subdomains, you'll burn through your Let's Encrypt quota. Be careful! @@ -289,7 +291,7 @@ func Start(state *utils.State) { certManager := certmagic.NewDefault() - acmeIssuer := certmagic.NewACMEIssuer(certManager, certmagic.DefaultACME) + acmeIssuer = certmagic.NewACMEIssuer(certManager, certmagic.DefaultACME) acmeIssuer.Agreed = viper.GetBool("https-ondemand-certificate-accept-terms") acmeIssuer.Email = viper.GetString("https-ondemand-certificate-email") @@ -404,6 +406,9 @@ func Start(state *utils.State) { Addr: viper.GetString("http-address"), Handler: r, } + if acmeIssuer != nil { + httpServer.Handler = acmeIssuer.HTTPChallengeHandler(r) + } var httpListener net.Listener