joohoi · mschneider82 · Oct 12, 2021 · t0xicCode · Dec 31, 2021 · mschneider82
diff --git a/README.md b/README.md
@@ -267,8 +267,10 @@ ip = "0.0.0.0"
 disable_registration = false
 # listen port, eg. 443 for default HTTPS
 port = "443"
-# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
+# possible values: "letsencrypt", "letsencryptstaging", "cert", "custom", "none"
 tls = "letsencryptstaging"
+# only used if tls = "custom"
+tls_custom_url = "https://acme-v02.example.com/directory"
 # only used if tls = "cert"
 tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
 tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"

diff --git a/config.cfg b/config.cfg
@@ -36,8 +36,10 @@ ip = "0.0.0.0"
 disable_registration = false
 # listen port, eg. 443 for default HTTPS
 port = "443"
-# possible values: "letsencrypt", "letsencryptstaging", "cert", "none"
+# possible values: "letsencrypt", "letsencryptstaging", "cert", "custom", "none"
 tls = "letsencryptstaging"
+# only used if tls = "custom"
+tls_custom_url = "https://acme-v02.example.com/directory"
 # only used if tls = "cert"
 tls_cert_privkey = "/etc/tls/example.org/privkey.pem"
 tls_cert_fullchain = "/etc/tls/example.org/fullchain.pem"

diff --git a/main.go b/main.go
@@ -1,4 +1,5 @@
-//+build !test
+//go:build !test
+// +build !test
 
 package main
 
@@ -160,25 +161,15 @@ func startHTTPAPI(errChan chan error, config DNSConfig, dnsservers []*DNSServer)
 
 	var err error
 	switch Config.API.TLS {
-	case "letsencryptstaging":
-		magicconf.CA = certmagic.LetsEncryptStagingCA
-		certcfg := certmagic.New(cache, magicconf)
-		err = certcfg.ManageSync([]string{Config.General.Domain})
-		if err != nil {
-			errChan <- err
-			return
-		}
-		cfg.GetCertificate = certcfg.GetCertificate
-		srv := &http.Server{
-			Addr:      host,
-			Handler:   c.Handler(api),
-			TLSConfig: cfg,
-			ErrorLog:  stdlog.New(logwriter, "", 0),
+	case "letsencryptstaging", "letsencrypt", "custom":
+		switch Config.API.TLS {
+		case "letsencryptstaging":
+			magicconf.CA = certmagic.LetsEncryptStagingCA
+		case "letsencrypt":
+			magicconf.CA = certmagic.LetsEncryptProductionCA
+		case "custom":
+			magicconf.CA = Config.API.TLSCustomURL
 		}
-		log.WithFields(log.Fields{"host": host, "domain": Config.General.Domain}).Info("Listening HTTPS")
-		err = srv.ListenAndServeTLS("", "")
-	case "letsencrypt":
-		magicconf.CA = certmagic.LetsEncryptProductionCA
 		certcfg := certmagic.New(cache, magicconf)
 		err = certcfg.ManageSync([]string{Config.General.Domain})
 		if err != nil {

diff --git a/types.go b/types.go
@@ -45,6 +45,7 @@ type httpapi struct {
 	AutocertPort        string `toml:"autocert_port"`
 	Port                string `toml:"port"`
 	TLS                 string
+	TLSCustomURL        string `toml:"tls_custom_url"`
 	TLSCertPrivkey      string `toml:"tls_cert_privkey"`
 	TLSCertFullchain    string `toml:"tls_cert_fullchain"`
 	ACMECacheDir        string `toml:"acme_cache_dir"`