Don't fetch ACME certificates for frontends using non-TLS entrypoints
This commit is contained in:
Matthieu Martin
parent
d74ea22d7d
commit
2bfc237e53
1 changed files with 18 additions and 7 deletions
13
server.go
13
server.go
|
|
@ -301,6 +301,17 @@ func (server *Server) postLoadConfig() {
|
||||||
currentConfigurations := server.currentConfigurations.Get().(configs)
|
currentConfigurations := server.currentConfigurations.Get().(configs)
|
||||||
for _, configuration := range currentConfigurations {
|
for _, configuration := range currentConfigurations {
|
||||||
for _, frontend := range configuration.Frontends {
|
for _, frontend := range configuration.Frontends {
|
||||||
|
|
||||||
|
// check if one of the frontend entrypoints is configured with TLS
|
||||||
|
TLSEnabled := false
|
||||||
|
for _, entrypoint := range frontend.EntryPoints {
|
||||||
|
if server.globalConfiguration.EntryPoints[entrypoint].TLS != nil {
|
||||||
|
TLSEnabled = true
|
||||||
|
break
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if TLSEnabled {
|
||||||
for _, route := range frontend.Routes {
|
for _, route := range frontend.Routes {
|
||||||
rules := Rules{}
|
rules := Rules{}
|
||||||
domains, err := rules.ParseDomains(route.Rule)
|
domains, err := rules.ParseDomains(route.Rule)
|
||||||
|
|
@ -310,7 +321,7 @@ func (server *Server) postLoadConfig() {
|
||||||
server.globalConfiguration.ACME.LoadCertificateForDomains(domains)
|
server.globalConfiguration.ACME.LoadCertificateForDomains(domains)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue