Add the ability to specify registration ACME email and ACME URL.
This commit is contained in:
parent
63fa475913
commit
8fa0fe65ba
4 changed files with 15 additions and 0 deletions
8
app.go
8
app.go
|
@ -12,6 +12,7 @@ import (
|
||||||
"github.com/rs/zerolog/log"
|
"github.com/rs/zerolog/log"
|
||||||
|
|
||||||
"github.com/gin-gonic/gin"
|
"github.com/gin-gonic/gin"
|
||||||
|
"golang.org/x/crypto/acme"
|
||||||
"golang.org/x/crypto/acme/autocert"
|
"golang.org/x/crypto/acme/autocert"
|
||||||
"gorm.io/gorm"
|
"gorm.io/gorm"
|
||||||
"inet.af/netaddr"
|
"inet.af/netaddr"
|
||||||
|
@ -44,6 +45,9 @@ type Config struct {
|
||||||
TLSCertPath string
|
TLSCertPath string
|
||||||
TLSKeyPath string
|
TLSKeyPath string
|
||||||
|
|
||||||
|
ACMEURL string
|
||||||
|
ACMEEmail string
|
||||||
|
|
||||||
DNSConfig *tailcfg.DNSConfig
|
DNSConfig *tailcfg.DNSConfig
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -195,6 +199,10 @@ func (h *Headscale) Serve() error {
|
||||||
Prompt: autocert.AcceptTOS,
|
Prompt: autocert.AcceptTOS,
|
||||||
HostPolicy: autocert.HostWhitelist(h.cfg.TLSLetsEncryptHostname),
|
HostPolicy: autocert.HostWhitelist(h.cfg.TLSLetsEncryptHostname),
|
||||||
Cache: autocert.DirCache(h.cfg.TLSLetsEncryptCacheDir),
|
Cache: autocert.DirCache(h.cfg.TLSLetsEncryptCacheDir),
|
||||||
|
Client: &acme.Client{
|
||||||
|
DirectoryURL: h.cfg.ACMEURL,
|
||||||
|
},
|
||||||
|
Email: h.cfg.ACMEEmail,
|
||||||
}
|
}
|
||||||
|
|
||||||
s.TLSConfig = m.TLSConfig()
|
s.TLSConfig = m.TLSConfig()
|
||||||
|
|
|
@ -169,6 +169,9 @@ func getHeadscaleApp() (*headscale.Headscale, error) {
|
||||||
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
TLSCertPath: absPath(viper.GetString("tls_cert_path")),
|
||||||
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
TLSKeyPath: absPath(viper.GetString("tls_key_path")),
|
||||||
|
|
||||||
|
ACMEEmail: absPath(viper.GetString("acme_email")),
|
||||||
|
ACMEURL: absPath(viper.GetString("acme_url")),
|
||||||
|
|
||||||
DNSConfig: GetDNSConfig(),
|
DNSConfig: GetDNSConfig(),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,8 @@
|
||||||
"db_name": "headscale",
|
"db_name": "headscale",
|
||||||
"db_user": "foo",
|
"db_user": "foo",
|
||||||
"db_pass": "bar",
|
"db_pass": "bar",
|
||||||
|
"acme_url": "https://acme-v02.api.letsencrypt.org/directory",
|
||||||
|
"acme_email": "",
|
||||||
"tls_letsencrypt_hostname": "",
|
"tls_letsencrypt_hostname": "",
|
||||||
"tls_letsencrypt_listen": ":http",
|
"tls_letsencrypt_listen": ":http",
|
||||||
"tls_letsencrypt_cache_dir": ".cache",
|
"tls_letsencrypt_cache_dir": ".cache",
|
||||||
|
|
|
@ -6,6 +6,8 @@
|
||||||
"ephemeral_node_inactivity_timeout": "30m",
|
"ephemeral_node_inactivity_timeout": "30m",
|
||||||
"db_type": "sqlite3",
|
"db_type": "sqlite3",
|
||||||
"db_path": "db.sqlite",
|
"db_path": "db.sqlite",
|
||||||
|
"acme_url": "https://acme-v02.api.letsencrypt.org/directory",
|
||||||
|
"acme_email": "",
|
||||||
"tls_letsencrypt_hostname": "",
|
"tls_letsencrypt_hostname": "",
|
||||||
"tls_letsencrypt_listen": ":http",
|
"tls_letsencrypt_listen": ":http",
|
||||||
"tls_letsencrypt_cache_dir": ".cache",
|
"tls_letsencrypt_cache_dir": ".cache",
|
||||||
|
|
Loading…
Reference in a new issue