New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for auto_tls #19
Comments
Just to clarify, what isn't working properly? |
I'm referring to the shortcomings mentioned here: https://github.com/tailscale/caddy-tailscale#https-support (i.e., that the native TLS integration doesn't work and you need to use In particular, I'm hoping to have a single server run as a bidirectional HTTP proxy (serve a local service over |
This provides an alternate implementation for tscert.TailscaledDialer that tries to find a tsnet server for the requested certificate. This allows caddy-tailscale to be used with caddy's auto_https support. Fixes #19 Signed-off-by: Will Norris <will@tailscale.com>
This provides an alternate implementation for tscert.TailscaledDialer that tries to find a tsnet server for the requested certificate. This allows caddy-tailscale to be used with caddy's auto_https support. Fixes #19 Signed-off-by: Will Norris <will@tailscale.com>
This provides an alternate implementation for tscert.TailscaledDialer that tries to find a tsnet server for the requested certificate. This allows caddy-tailscale to be used with caddy's auto_https support. Fixes #19 Signed-off-by: Will Norris <will@tailscale.com>
This provides an alternate implementation for tscert.TailscaledDialer that tries to find a tsnet server for the requested certificate. This allows caddy-tailscale to be used with caddy's auto_https support. Fixes #19 Signed-off-by: Will Norris <will@tailscale.com>
This provides an alternate implementation for tscert.TailscaledDialer that tries to find a tsnet server for the requested certificate. This allows caddy-tailscale to be used with caddy's auto_https support. Fixes #19 Signed-off-by: Will Norris <will@tailscale.com>
I was wondering what it would take to get the automatic TLS integration working properly.
I don't know too much about Caddy, but in the absence of any other mechanism for cross-server shared state, I was thinking about stuffing the tailscale Server object in a global map under the tailscale package, keyed by
tsnet.Server.CertDomains()
, and then callings.LocalClient.CertPair()
.It isn't the prettiest design, but I'm welcome to other suggestions if you know of a better way to share state between the cert manager and the listener.
If you're OK with that design, I could probably whip something up over the next few days.
The text was updated successfully, but these errors were encountered: