mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-02 13:59:50 +08:00
db4f1c0277
* httpcaddyfile: Revise automation policy generation This should fix a frustrating edge case where wildcard subjects are used, which potentially get shadowed by more specific versions of themselves; see the new tests for an example. This change is motivated by an actual customer requirement. Although all the tests pass, this logic is incredibly complex and nuanced, and I'm worried it is not correct. But it took me about 4 days to get this far on a solution. I did my best. * Fix typo
80 lines
978 B
Plaintext
80 lines
978 B
Plaintext
{
|
|
local_certs
|
|
}
|
|
|
|
*.tld, *.*.tld {
|
|
tls {
|
|
on_demand
|
|
}
|
|
}
|
|
|
|
foo.tld, www.foo.tld {
|
|
}
|
|
----------
|
|
{
|
|
"apps": {
|
|
"http": {
|
|
"servers": {
|
|
"srv0": {
|
|
"listen": [
|
|
":443"
|
|
],
|
|
"routes": [
|
|
{
|
|
"match": [
|
|
{
|
|
"host": [
|
|
"foo.tld",
|
|
"www.foo.tld"
|
|
]
|
|
}
|
|
],
|
|
"terminal": true
|
|
},
|
|
{
|
|
"match": [
|
|
{
|
|
"host": [
|
|
"*.tld",
|
|
"*.*.tld"
|
|
]
|
|
}
|
|
],
|
|
"terminal": true
|
|
}
|
|
]
|
|
}
|
|
}
|
|
},
|
|
"tls": {
|
|
"automation": {
|
|
"policies": [
|
|
{
|
|
"subjects": [
|
|
"foo.tld",
|
|
"www.foo.tld"
|
|
],
|
|
"issuer": {
|
|
"module": "internal"
|
|
}
|
|
},
|
|
{
|
|
"subjects": [
|
|
"*.*.tld",
|
|
"*.tld"
|
|
],
|
|
"issuer": {
|
|
"module": "internal"
|
|
},
|
|
"on_demand": true
|
|
},
|
|
{
|
|
"issuer": {
|
|
"module": "internal"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
}
|
|
} |