autocert: customizable ACME directory

This commit is contained in:
Vladislav Yarmak 2022-09-04 23:59:21 +03:00
parent 20a09ba948
commit d7b3454fa6
1 changed files with 4 additions and 0 deletions

View File

@ -11,6 +11,7 @@ import (
"strings" "strings"
"time" "time"
"golang.org/x/crypto/acme"
"golang.org/x/crypto/acme/autocert" "golang.org/x/crypto/acme/autocert"
) )
@ -61,6 +62,7 @@ type CLIArgs struct {
autocert bool autocert bool
autocertWhitelist CSVArg autocertWhitelist CSVArg
autocertDir string autocertDir string
autocertACME string
} }
func list_ciphers() { func list_ciphers() {
@ -86,6 +88,7 @@ func parse_args() CLIArgs {
flag.BoolVar(&args.autocert, "autocert", false, "issue TLS certificates automatically") flag.BoolVar(&args.autocert, "autocert", false, "issue TLS certificates automatically")
flag.Var(&args.autocertWhitelist, "autocert-whitelist", "restrict autocert domains to this comma-separated list") flag.Var(&args.autocertWhitelist, "autocert-whitelist", "restrict autocert domains to this comma-separated list")
flag.StringVar(&args.autocertDir, "autocert-dir", filepath.Join(home, ".dumbproxy", "autocert"), "path to autocert cache") flag.StringVar(&args.autocertDir, "autocert-dir", filepath.Join(home, ".dumbproxy", "autocert"), "path to autocert cache")
flag.StringVar(&args.autocertACME, "autocert-acme", autocert.DefaultACMEDirectory, "custom ACME endpoint")
flag.Parse() flag.Parse()
return args return args
} }
@ -147,6 +150,7 @@ func run() int {
m := &autocert.Manager{ m := &autocert.Manager{
Cache: autocert.DirCache(args.autocertDir), Cache: autocert.DirCache(args.autocertDir),
Prompt: autocert.AcceptTOS, Prompt: autocert.AcceptTOS,
Client: &acme.Client{DirectoryURL: args.autocertACME},
} }
if args.autocertWhitelist != nil { if args.autocertWhitelist != nil {
m.HostPolicy = autocert.HostWhitelist([]string(args.autocertWhitelist)...) m.HostPolicy = autocert.HostWhitelist([]string(args.autocertWhitelist)...)