MCPcopy
hub / github.com/caddyserver/caddy / manageIdentity

Function manageIdentity

admin.go:461–505  ·  view source on GitHub ↗

manageIdentity sets up automated identity management for this server.

(ctx Context, cfg *Config)

Source from the content-addressed store, hash-verified

459
460// manageIdentity sets up automated identity management for this server.
461func manageIdentity(ctx Context, cfg *Config) error {
462 if cfg == nil || cfg.Admin == nil || cfg.Admin.Identity == nil {
463 return nil
464 }
465
466 // set default issuers; this is pretty hacky because we can't
467 // import the caddytls package -- but it works
468 if cfg.Admin.Identity.IssuersRaw == nil {
469 cfg.Admin.Identity.IssuersRaw = []json.RawMessage{
470 json.RawMessage(`{"module": "acme"}`),
471 }
472 }
473
474 // load and provision issuer modules
475 if cfg.Admin.Identity.IssuersRaw != nil {
476 val, err := ctx.LoadModule(cfg.Admin.Identity, "IssuersRaw")
477 if err != nil {
478 return fmt.Errorf("loading identity issuer modules: %s", err)
479 }
480 for _, issVal := range val.([]any) {
481 cfg.Admin.Identity.issuers = append(cfg.Admin.Identity.issuers, issVal.(certmagic.Issuer))
482 }
483 }
484
485 // we'll make a new cache when we make the CertMagic config, so stop any previous cache
486 if identityCertCache != nil {
487 identityCertCache.Stop()
488 }
489
490 logger := Log().Named("admin.identity")
491 cmCfg := cfg.Admin.Identity.certmagicConfig(logger, true)
492
493 // issuers have circular dependencies with the configs because,
494 // as explained in the caddytls package, they need access to the
495 // correct storage and cache to solve ACME challenges
496 for _, issuer := range cfg.Admin.Identity.issuers {
497 // avoid import cycle with caddytls package, so manually duplicate the interface here, yuck
498 if annoying, ok := issuer.(interface{ SetConfig(cfg *certmagic.Config) }); ok {
499 annoying.SetConfig(cmCfg)
500 }
501 }
502
503 // obtain and renew server identity certificate(s)
504 return cmCfg.ManageAsync(ctx, cfg.Admin.Identity.Identifiers)
505}
506
507// replaceRemoteAdminServer replaces the running remote admin server
508// according to the relevant configuration in cfg. It stops any previous

Callers 2

TestManageIdentityFunction · 0.85
finishSettingUpFunction · 0.85

Calls 5

LogFunction · 0.85
LoadModuleMethod · 0.80
certmagicConfigMethod · 0.80
StopMethod · 0.65
SetConfigMethod · 0.65

Tested by 1

TestManageIdentityFunction · 0.68