caddytls: Replace lego with acmez (#3621)

* Replace lego with acmez; upgrade CertMagic * Update integration test
2025-10-19 07:43:17 +00:00 · 2020-07-30 15:18:14 -06:00 · 2020-07-30 15:18:14 -06:00 · 6a14e2c2a8
commit 6a14e2c2a8
parent 2bc30bb780
11 changed files with 97 additions and 386 deletions
--- a/modules/caddytls/tls.go
+++ b/modules/caddytls/tls.go
@ -87,6 +87,7 @@ func (t *TLS) Provision(ctx caddy.Context) error {
 		GetConfigForCert: func(cert certmagic.Certificate) (*certmagic.Config, error) {
 			return t.getConfigForName(cert.Names[0]), nil
 		},
+		Logger: t.logger.Named("cache"),
 	}
 	if t.Automation != nil {
 		cacheOpts.OCSPCheckInterval = time.Duration(t.Automation.OCSPCheckInterval)
@ -95,6 +96,9 @@ func (t *TLS) Provision(ctx caddy.Context) error {
 	if t.Cache != nil {
 		cacheOpts.Capacity = t.Cache.Capacity
 	}
+	if cacheOpts.Capacity <= 0 {
+		cacheOpts.Capacity = 10000
+	}
 	t.certCache = certmagic.NewCache(cacheOpts)

 	// certificate loaders
@ -172,6 +176,7 @@ func (t *TLS) Provision(ctx caddy.Context) error {
 	// commands like validate can be a better test
 	magic := certmagic.New(t.certCache, certmagic.Config{
 		Storage: ctx.Storage(),
+		Logger:  t.logger,
 	})
 	for _, loader := range t.certificateLoaders {
 		certs, err := loader.LoadCertificates()
@ -412,13 +417,13 @@ func (t *TLS) cleanStorageUnits() {
 	}

 	// start with the default storage
-	certmagic.CleanStorage(t.ctx.Storage(), options)
+	certmagic.CleanStorage(t.ctx, t.ctx.Storage(), options)

 	// then clean each storage defined in ACME automation policies
 	if t.Automation != nil {
 		for _, ap := range t.Automation.Policies {
 			if ap.storage != nil {
-				certmagic.CleanStorage(ap.storage, options)
+				certmagic.CleanStorage(t.ctx, ap.storage, options)
 			}
 		}
 	}