feat: Move the CNAME into the rio.json

2024-02-03 15:39:31 +01:00
parent cf85380ddb
commit e3032c8233
7 changed files with 120 additions and 82 deletions
--- a/internal/server/tls.go
+++ b/internal/server/tls.go
@@ -7,8 +7,8 @@ import (
 	"sync"

 	"git.polynom.me/rio/internal/certificates"
+	"git.polynom.me/rio/internal/context"
 	"git.polynom.me/rio/internal/dns"
-	"git.polynom.me/rio/internal/gitea"
 	"git.polynom.me/rio/internal/repo"

 	"github.com/go-acme/lego/v4/lego"
@@ -82,7 +82,7 @@ func getUsername(sni, pagesDomain string) (string, error) {
 	return dns.ExtractUsername(pagesDomain, sni), nil
 }

-func MakeTlsConfig(pagesDomain, cachePath string, cache *certificates.CertificatesCache, acmeClient *lego.Client, giteaClient *gitea.GiteaClient) *tls.Config {
+func MakeTlsConfig(pagesDomain, cachePath string, cache *certificates.CertificatesCache, acmeClient *lego.Client, ctx *context.GlobalContext) *tls.Config {
 	return &tls.Config{
 		GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
 			// Validate that we should even care about this domain
@@ -100,7 +100,7 @@ func MakeTlsConfig(pagesDomain, cachePath string, cache *certificates.Certificat
 				if cert.IsValid() {
 					return cert.TlsCertificate, nil
 				} else {
-					if !isPagesDomain && !repo.CanRequestCertificate(username, giteaClient) {
+					if !isPagesDomain && !repo.CanRequestCertificate(username, ctx) {
 						log.Warnf(
 							"Cannot renew certificate for %s because CanRequestCertificate(%s) returned false",
 							info.ServerName,
@@ -129,7 +129,7 @@ func MakeTlsConfig(pagesDomain, cachePath string, cache *certificates.Certificat
 					return newCert.TlsCertificate, nil
 				}
 			} else {
-				if !isPagesDomain && !repo.CanRequestCertificate(username, giteaClient) {
+				if !isPagesDomain && !repo.CanRequestCertificate(username, ctx) {
 					log.Warnf(
 						"Cannot request certificate for %s because CanRequestCertificate(%s) returned false",
 						info.ServerName,