Fix bound address/port for caddy's certmagic library (#15758)

* Fix bound address/port for caddy's certmagic library * Fix bug Co-authored-by: zeripath <art27@cantab.net>
2025-10-30 19:08:37 +00:00 · 2021-05-12 15:58:55 -04:00
parent ffbd0fef06
commit 6a8e5f69cf
1 changed files with 8 additions and 0 deletions
--- a/cmd/web_letsencrypt.go
+++ b/cmd/web_letsencrypt.go
@@ -6,6 +6,7 @@ package cmd

 import (
 	"net/http"
+	"strconv"
 	"strings"

 	"code.gitea.io/gitea/modules/log"
@@ -22,6 +23,11 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 	// TODO: these are placeholders until we add options for each in settings with appropriate warning
 	enableHTTPChallenge := true
 	enableTLSALPNChallenge := true
+	altHTTPPort := 0
+
+	if p, err := strconv.Atoi(setting.PortToRedirect); err == nil {
+		altHTTPPort = p
+	}

 	magic := certmagic.NewDefault()
 	magic.Storage = &certmagic.FileStorage{Path: directory}
@@ -30,6 +36,8 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 		Agreed:                  setting.LetsEncryptTOS,
 		DisableHTTPChallenge:    !enableHTTPChallenge,
 		DisableTLSALPNChallenge: !enableTLSALPNChallenge,
+		ListenHost:              listenAddr,
+		AltHTTPPort:             altHTTPPort,
 	})

 	magic.Issuers = []certmagic.Issuer{myACME}