luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
photoprism/internal/server/autotls.go
Michael Mayer c82a4b2287 HTTP: Refactor Unix socket support #2337 #3595 
Signed-off-by: Michael Mayer <michael@photoprism.app>
2023-08-14 10:43:05 +02:00

36 lines
1,021 B
Go
Raw Blame History

package server
import (
"fmt"
"strings"
"golang.org/x/crypto/acme/autocert"
"github.com/photoprism/photoprism/internal/config"
)
// AutoTLS enables automatic HTTPS via Let's Encrypt.
func AutoTLS(conf *config.Config) (*autocert.Manager, error) {
var siteDomain, tlsEmail, certDir string
// Enable automatic HTTPS via Let's Encrypt?
if !conf.SiteHttps() {
return nil, fmt.Errorf("disabled tls")
} else if siteDomain = conf.SiteDomain(); !strings.Contains(siteDomain, ".") {
return nil, fmt.Errorf("fully qualified domain required to enable tls")
} else if tlsEmail = conf.TLSEmail(); tlsEmail == "" {
return nil, fmt.Errorf("disabled auto tls")
} else if certDir = conf.CertificatesPath(); certDir == "" {
return nil, fmt.Errorf("certificates path not found")
}
// Create Let's Encrypt cert manager.
m := &autocert.Manager{
Email: tlsEmail,
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist(siteDomain),
Cache: autocert.DirCache(certDir),
}
return m, nil
}
Reference in a new issue View git blame Copy permalink