(s *http.Server, conf *config.Configuration)
| 115 | } |
| 116 | |
| 117 | func applyLetsEncrypt(s *http.Server, conf *config.Configuration) { |
| 118 | httpClient := &http.Client{ |
| 119 | Transport: &LoggingRoundTripper{Name: "Let's Encrypt", RoundTripper: http.DefaultTransport}, |
| 120 | Timeout: 60 * time.Second, |
| 121 | } |
| 122 | |
| 123 | acmeClient := &acme.Client{ |
| 124 | HTTPClient: httpClient, |
| 125 | DirectoryURL: conf.Server.SSL.LetsEncrypt.DirectoryURL, |
| 126 | } |
| 127 | certManager := autocert.Manager{ |
| 128 | Client: acmeClient, |
| 129 | Prompt: func(tosURL string) bool { |
| 130 | if !conf.Server.SSL.LetsEncrypt.AcceptTOS { |
| 131 | log.Fatalf("Let's Encrypt TOS must be accepted to use Let's Encrypt, please acknowledge TOS at %s and set GOTIFY_SERVER_SSL_LETSENCRYPT_ACCEPTTOS=true\n", tosURL) |
| 132 | } |
| 133 | return true |
| 134 | }, |
| 135 | HostPolicy: autocert.HostWhitelist(conf.Server.SSL.LetsEncrypt.Hosts...), |
| 136 | Cache: autocert.DirCache(conf.Server.SSL.LetsEncrypt.Cache), |
| 137 | } |
| 138 | s.Handler = certManager.HTTPHandler(s.Handler) |
| 139 | s.TLSConfig = certManager.TLSConfig() |
| 140 | } |
no outgoing calls
no test coverage detected
searching dependent graphs…