Don't fetch ACME certificates for frontends using non-TLS entrypoints
This commit is contained in:
parent
d74ea22d7d
commit
2bfc237e53
1 changed files with 18 additions and 7 deletions
25
server.go
25
server.go
|
@ -301,16 +301,27 @@ func (server *Server) postLoadConfig() {
|
|||
currentConfigurations := server.currentConfigurations.Get().(configs)
|
||||
for _, configuration := range currentConfigurations {
|
||||
for _, frontend := range configuration.Frontends {
|
||||
for _, route := range frontend.Routes {
|
||||
rules := Rules{}
|
||||
domains, err := rules.ParseDomains(route.Rule)
|
||||
if err != nil {
|
||||
log.Errorf("Error parsing domains: %v", err)
|
||||
} else {
|
||||
server.globalConfiguration.ACME.LoadCertificateForDomains(domains)
|
||||
|
||||
// check if one of the frontend entrypoints is configured with TLS
|
||||
TLSEnabled := false
|
||||
for _, entrypoint := range frontend.EntryPoints {
|
||||
if server.globalConfiguration.EntryPoints[entrypoint].TLS != nil {
|
||||
TLSEnabled = true
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
if TLSEnabled {
|
||||
for _, route := range frontend.Routes {
|
||||
rules := Rules{}
|
||||
domains, err := rules.ParseDomains(route.Rule)
|
||||
if err != nil {
|
||||
log.Errorf("Error parsing domains: %v", err)
|
||||
} else {
|
||||
server.globalConfiguration.ACME.LoadCertificateForDomains(domains)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue