baalajimaestro/traefik
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Merge pull request #1023 from syfonseq/fix-acme-http-only-entrypoint

Browse source 
Don't fetch ACME certificates for frontends using non-TLS entrypoints (#989)
This commit is contained in:
Vincent Demeester 2017-01-06 21:16:25 +01:00 committed by GitHub
commit 85b9c19871
1 changed files with 18 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
server.go
View file

@ -301,16 +301,27 @@ func (server *Server) postLoadConfig() {
currentConfigurations := server.currentConfigurations.Get().(configs) currentConfigurations := server.currentConfigurations.Get().(configs)
for _, configuration := range currentConfigurations { for _, configuration := range currentConfigurations {
for _, frontend := range configuration.Frontends { for _, frontend := range configuration.Frontends {
for _, route := range frontend.Routes {
rules := Rules{} // check if one of the frontend entrypoints is configured with TLS
domains, err := rules.ParseDomains(route.Rule) TLSEnabled := false
if err != nil { for _, entrypoint := range frontend.EntryPoints {
log.Errorf("Error parsing domains: %v", err) if server.globalConfiguration.EntryPoints[entrypoint].TLS != nil {
} else { TLSEnabled = true
server.globalConfiguration.ACME.LoadCertificateForDomains(domains) break
} }
} }
if TLSEnabled {
for _, route := range frontend.Routes {
rules := Rules{}
domains, err := rules.ParseDomains(route.Rule)
if err != nil {
log.Errorf("Error parsing domains: %v", err)
} else {
server.globalConfiguration.ACME.LoadCertificateForDomains(domains)
}
}
}
} }
} }
} }