Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

caddytls: Run the replacer on automation policy subjects #5459

Merged
merged 1 commit into from
Mar 27, 2023
Merged

caddytls: Run the replacer on automation policy subjects #5459

merged 1 commit into from
Mar 27, 2023

Conversation

francislavoie
Copy link
Member

Also renamed the field to SubjectsRaw, which can be considered a breaking change but I don't expect this to affect much.

This has come up semi-frequently. I think it's fine to support {env.DOMAIN} for subjects. I'm not 100% sure if this will work in all the cases we expect it to, but it should at least be better supported than before.

@francislavoie francislavoie added the feature ⚙️ New feature or request label Mar 25, 2023
@francislavoie francislavoie added this to the v2.7.0 milestone Mar 25, 2023
@francislavoie
Copy link
Member Author

I confirmed this fixes the case of {env.DOMAIN}.duckdns.org with the DNS challenge where the env var is either a flat domain or a wildcard. It properly issues a cert for that domain, and I can make requests with curl -v afterwards.

mholt
mholt reviewed Mar 27, 2023
View reviewed changes
Copy link
Member

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Woah, well thanks for being brave and doing this -- I do wonder if we could make this a little simpler though... (also the use of *Raw makes me think of a module field)

modules/caddytls/automation.go
Comment on lines +157 to +163
// replace placeholders in subjects to allow environment variables
repl := caddy.NewReplacer()
subjects := make([]string, len(ap.SubjectsRaw))
for i, sub := range ap.SubjectsRaw {
subjects[i] = repl.ReplaceAll(sub, "")
}
ap.subjects = subjects
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it work if we just replace the subjects in-place? 🤔

Copy link
Member Author

@francislavoie francislavoie Mar 27, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No because then if you do curl localhost:2019/config/ you get a config without the placeholders in it (I think).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, that might be true.

mholt
mholt approved these changes Mar 27, 2023
View reviewed changes
Copy link
Member

@mholt mholt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well let's give it a shot - thanks!

@mholt mholt enabled auto-merge (squash) March 27, 2023 21:03
@francislavoie
caddytls: Run the replacer on automation policy subjects
13cd375 
Also renamed the field to SubjectsRaw, which can be considered a breaking change but I don't expect this to affect much.
@mholt mholt merged commit e16a886 into master Mar 27, 2023
@mholt mholt deleted the repl-tls-subjects branch March 27, 2023 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mholt mholt mholt approved these changes

Assignees
No one assigned
Labels
feature ⚙️ New feature or request
Projects
None yet
Milestone
v2.7.0
Development

Successfully merging this pull request may close these issues.
2 participants
@francislavoie @mholt