github.com/volts-dev/volts@v0.0.0-20240120094013-5e9c65924106/internal/acme/options.go

github.com/volts-dev/volts@v0.0.0-20240120094013-5e9c65924106/internal/acme/options.go (about)

     1  package acme
     2  
     3  import (
     4  	"github.com/go-acme/lego/v4/challenge"
     5  	"github.com/volts-dev/volts/logger"
     6  )
     7  
     8  // Option (or Options) are passed to New() to configure providers.
     9  type Option func(o *Options)
    10  
    11  // Options represents various options you can present to ACME providers.
    12  type Options struct {
    13  	// AcceptTLS must be set to true to indicate that you have read your
    14  	// provider's terms of service.
    15  	AcceptToS bool
    16  	// CA is the CA to use
    17  	CA string
    18  	// ChallengeProvider is a go-acme/lego challenge provider. Set this if you
    19  	// want to use DNS Challenges. Otherwise, tls-alpn-01 will be used
    20  	ChallengeProvider challenge.Provider
    21  	// Issue certificates for domains on demand. Otherwise, certs will be
    22  	// retrieved / issued on start-up.
    23  	OnDemand bool
    24  	// Cache is a storage interface. Most ACME libraries have an cache, but
    25  	// there's no defined interface, so if you consume this option
    26  	// sanity check it before using.
    27  	Cache interface{}
    28  
    29  	// Logger is the underling logging framework
    30  	Logger logger.ILogger
    31  }
    32  
    33  // AcceptToS indicates whether you accept your CA's terms of service.
    34  func AcceptToS(b bool) Option {
    35  	return func(o *Options) {
    36  		o.AcceptToS = b
    37  	}
    38  }
    39  
    40  // CA sets the CA of an acme.Options.
    41  func CA(CA string) Option {
    42  	return func(o *Options) {
    43  		o.CA = CA
    44  	}
    45  }
    46  
    47  // ChallengeProvider sets the Challenge provider of an acme.Options
    48  // if set, it enables the DNS challenge, otherwise tls-alpn-01 will be used.
    49  func ChallengeProvider(p challenge.Provider) Option {
    50  	return func(o *Options) {
    51  		o.ChallengeProvider = p
    52  	}
    53  }
    54  
    55  // OnDemand enables on-demand certificate issuance. Not recommended for use
    56  // with the DNS challenge, as the first connection may be very slow.
    57  func OnDemand(b bool) Option {
    58  	return func(o *Options) {
    59  		o.OnDemand = b
    60  	}
    61  }
    62  
    63  // Cache provides a cache / storage interface to the underlying ACME library
    64  // as there is no standard, this needs to be validated by the underlying
    65  // implementation.
    66  func Cache(c interface{}) Option {
    67  	return func(o *Options) {
    68  		o.Cache = c
    69  	}
    70  }
    71  
    72  // Logger sets the underline logger.
    73  func Logger(l logger.ILogger) Option {
    74  	return func(o *Options) {
    75  		o.Logger = l
    76  	}
    77  }
    78  
    79  // DefaultOptions uses the Let's Encrypt Production CA, with DNS Challenge disabled.
    80  func DefaultOptions() Options {
    81  	return Options{
    82  		AcceptToS: true,
    83  		CA:        LetsEncryptProductionCA,
    84  		OnDemand:  true,
    85  	}
    86  }