From 6a8e5f69cfd6c99f830db577ca2f1af033187645 Mon Sep 17 00:00:00 2001 From: Blake Miner Date: Wed, 12 May 2021 15:58:55 -0400 Subject: [PATCH] Fix bound address/port for caddy's certmagic library (#15758) * Fix bound address/port for caddy's certmagic library * Fix bug Co-authored-by: zeripath --- cmd/web_letsencrypt.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/cmd/web_letsencrypt.go b/cmd/web_letsencrypt.go index 387aacce2c..9cfc9b3ab2 100644 --- a/cmd/web_letsencrypt.go +++ b/cmd/web_letsencrypt.go @@ -6,6 +6,7 @@ package cmd import ( "net/http" + "strconv" "strings" "code.gitea.io/gitea/modules/log" @@ -22,6 +23,11 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) // TODO: these are placeholders until we add options for each in settings with appropriate warning enableHTTPChallenge := true enableTLSALPNChallenge := true + altHTTPPort := 0 + + if p, err := strconv.Atoi(setting.PortToRedirect); err == nil { + altHTTPPort = p + } magic := certmagic.NewDefault() magic.Storage = &certmagic.FileStorage{Path: directory} @@ -30,6 +36,8 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler) Agreed: setting.LetsEncryptTOS, DisableHTTPChallenge: !enableHTTPChallenge, DisableTLSALPNChallenge: !enableTLSALPNChallenge, + ListenHost: listenAddr, + AltHTTPPort: altHTTPPort, }) magic.Issuers = []certmagic.Issuer{myACME}