MCPcopy
hub / github.com/caddyserver/caddy / buildPKIApp

Method buildPKIApp

caddyconfig/httpcaddyfile/pkiapp.go:197–264  ·  view source on GitHub ↗
(
	pairings []sbAddrAssociation,
	options map[string]any,
	warnings []caddyconfig.Warning,
)

Source from the content-addressed store, hash-verified

195}
196
197func (st ServerType) buildPKIApp(
198 pairings []sbAddrAssociation,
199 options map[string]any,
200 warnings []caddyconfig.Warning,
201) (*caddypki.PKI, []caddyconfig.Warning, error) {
202 skipInstallTrust := false
203 if _, ok := options["skip_install_trust"]; ok {
204 skipInstallTrust = true
205 }
206
207 // check if auto_https is off - in that case we should not create
208 // any PKI infrastructure even with skip_install_trust directive
209 autoHTTPS := []string{}
210 if ah, ok := options["auto_https"].([]string); ok {
211 autoHTTPS = ah
212 }
213 autoHTTPSOff := slices.Contains(autoHTTPS, "off")
214
215 falseBool := false
216
217 // Load the PKI app configured via global options
218 var pkiApp *caddypki.PKI
219 unwrappedPki, ok := options["pki"].(*caddypki.PKI)
220 if ok {
221 pkiApp = unwrappedPki
222 } else {
223 pkiApp = &caddypki.PKI{CAs: make(map[string]*caddypki.CA)}
224 }
225 for _, ca := range pkiApp.CAs {
226 if skipInstallTrust {
227 ca.InstallTrust = &falseBool
228 }
229 pkiApp.CAs[ca.ID] = ca
230 }
231
232 // Add in the CAs configured via directives
233 for _, p := range pairings {
234 for _, sblock := range p.serverBlocks {
235 // find all the CAs that were defined and add them to the app config
236 // i.e. from any "acme_server" directives
237 for _, caCfgValue := range sblock.pile["pki.ca"] {
238 ca := caCfgValue.Value.(*caddypki.CA)
239 if skipInstallTrust {
240 ca.InstallTrust = &falseBool
241 }
242
243 // the CA might already exist from global options, so
244 // don't overwrite it in that case
245 if _, ok := pkiApp.CAs[ca.ID]; !ok {
246 pkiApp.CAs[ca.ID] = ca
247 }
248 }
249 }
250 }
251
252 // if there was no CAs defined in any of the servers,
253 // and we were requested to not install trust, then
254 // add one for the default/local CA to do so

Callers 1

SetupMethod · 0.95

Implementers 1

ServerTypecaddyconfig/httpcaddyfile/httptype.go

Calls

no outgoing calls

Tested by

no test coverage detected