| 27 | type ( |
| 28 | ConfigExtra Config |
| 29 | Config struct { |
| 30 | Email string `json:"email,omitempty"` |
| 31 | Domains []string `json:"domains,omitempty"` |
| 32 | CertPath string `json:"cert_path,omitempty"` |
| 33 | KeyPath string `json:"key_path,omitempty"` |
| 34 | Extra []ConfigExtra `json:"extra,omitempty"` |
| 35 | ACMEKeyPath string `json:"acme_key_path,omitempty"` // shared by all extra providers with the same CA directory URL |
| 36 | Provider string `json:"provider,omitempty"` |
| 37 | Options map[string]strutils.Redacted `json:"options,omitempty"` |
| 38 | |
| 39 | Resolvers []string `json:"resolvers,omitempty"` |
| 40 | |
| 41 | // Custom ACME CA |
| 42 | CADirURL string `json:"ca_dir_url,omitempty"` |
| 43 | CACerts []string `json:"ca_certs,omitempty"` |
| 44 | |
| 45 | // EAB |
| 46 | EABKid string `json:"eab_kid,omitempty" validate:"required_with=EABHmac"` |
| 47 | EABHmac string `json:"eab_hmac,omitempty" validate:"required_with=EABKid"` // base64 encoded |
| 48 | |
| 49 | // CertificateKeyType is the private key algorithm for ACME-issued TLS certificates (lego Certificate.KeyType). |
| 50 | // Default is EC256. Use RSA2048 (or rsa2048) for clients that do not support ECDSA certificates. |
| 51 | CertificateKeyType string `json:"certificate_key_type,omitempty"` |
| 52 | |
| 53 | HTTPClient *http.Client `json:"-"` // for tests only |
| 54 | |
| 55 | challengeProvider challenge.Provider |
| 56 | |
| 57 | idx int // 0: main, 1+: extra[i] |
| 58 | } |
| 59 | ) |
| 60 | |
| 61 | var ( |
nothing calls this directly
no outgoing calls
no test coverage detected