diff options
author | Evgeny Khramtsov <ekhramtsov@process-one.net> | 2019-09-20 12:36:31 +0300 |
---|---|---|
committer | Evgeny Khramtsov <ekhramtsov@process-one.net> | 2019-09-20 12:36:31 +0300 |
commit | e227940b855debd33b6c9523664e57e00c301988 (patch) | |
tree | cafb33b6d39042e72a7bb18b6ab06c43ac37457d /src/ejabberd_config_transformer.erl | |
parent | JWT-only authentication for some users (#3012) (diff) |
Improve ACME implementation
Diffstat (limited to 'src/ejabberd_config_transformer.erl')
-rw-r--r-- | src/ejabberd_config_transformer.erl | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/src/ejabberd_config_transformer.erl b/src/ejabberd_config_transformer.erl index 35ab8ddf0..39f8aa173 100644 --- a/src/ejabberd_config_transformer.erl +++ b/src/ejabberd_config_transformer.erl @@ -99,6 +99,25 @@ transform(_Host, certfiles, CertFiles1, Acc) -> CertFiles2 = maps:get(certfiles, Acc, []), Acc1 = maps:put(certfiles, CertFiles1 ++ CertFiles2, Acc), {true, Acc1}; +transform(_Host, acme, ACME, Acc) -> + ACME1 = lists:map( + fun({ca_url, URL} = Opt) -> + case http_uri:parse(binary_to_list(URL)) of + {ok, {_, _, "acme-v01.api.letsencrypt.org", _, _, _}} -> + NewURL = ejabberd_acme:default_directory_url(), + ?WARNING_MSG("ACME directory URL ~s defined in " + "option acme->ca_url is deprecated " + "and was automatically replaced " + "with ~s. ~s", + [URL, NewURL, adjust_hint()]), + {ca_url, NewURL}; + _ -> + Opt + end; + (Opt) -> + Opt + end, ACME), + {{true, {acme, ACME1}}, Acc}; transform(Host, s2s_use_starttls, required_trusted, Acc) -> ?WARNING_MSG("The value 'required_trusted' of option " "'s2s_use_starttls' is deprecated and was " @@ -550,6 +569,10 @@ validator() -> default_db => econf:atom(), default_ram_db => econf:atom(), auth_method => econf:list_or_single(econf:atom()), + acme => econf:options( + #{ca_url => econf:binary(), + '_' => econf:any()}, + [unique]), listen => econf:list( econf:options( |