Module: Otto::CaddyTLS::Core
- Included in:
- Otto
- Defined in:
- lib/otto/caddy_tls/core.rb
Overview
Public API mixin included into the Otto class. Mirrors Otto::MCP::Core.
Instance Method Summary collapse
-
#caddy_tls_enabled? ⇒ Boolean
Whether the Caddy on-demand TLS endpoint is enabled.
-
#enable_caddy_tls!(endpoint: '/_caddy/tls-permission', localhost_only: true) {|domain| ... } ⇒ self
Enable the Caddy on-demand TLS permission endpoint.
Instance Method Details
#caddy_tls_enabled? ⇒ Boolean
Returns whether the Caddy on-demand TLS endpoint is enabled.
69 70 71 |
# File 'lib/otto/caddy_tls/core.rb', line 69 def caddy_tls_enabled? @caddy_tls_server&.enabled? || false end |
#enable_caddy_tls!(endpoint: '/_caddy/tls-permission', localhost_only: true) {|domain| ... } ⇒ self
Enable the Caddy on-demand TLS permission endpoint.
Registers a GET endpoint that answers Caddy’s on-demand certificate question. The block you pass is the ONLY application coupling point: it receives the requested domain and returns truthy to allow a certificate (HTTP 200) or falsy to deny (HTTP 403). Any exception raised inside the block is caught and treated as a denial (fail-closed).
57 58 59 60 61 62 63 64 65 66 |
# File 'lib/otto/caddy_tls/core.rb', line 57 def enable_caddy_tls!(endpoint: '/_caddy/tls-permission', localhost_only: true, &) ensure_not_frozen! raise ArgumentError, 'enable_caddy_tls! requires a permission block' unless block_given? @caddy_tls_server ||= Otto::CaddyTLS::Server.new(self) @caddy_tls_server.enable!(endpoint: endpoint, localhost_only: localhost_only, permission: ) Otto.logger.info '[CaddyTLS] Enabled Caddy on-demand TLS permission endpoint' if Otto.debug self end |