From 51fd4b5bb4541c149658fdcfd5b641f5fef9948c Mon Sep 17 00:00:00 2001
From: Monviech <79600909+Monviech@users.noreply.github.com>
Date: Thu, 6 Mar 2025 18:03:41 +0100
Subject: [PATCH] www/caddy: add propagation_timeout and propagation_delay,
cleanup macro definition, bump version and add changelog (#4557)
---
www/caddy/Makefile | 2 +-
www/caddy/pkg-descr | 5 +++
.../OPNsense/Caddy/forms/general.xml | 16 +++++++-
.../mvc/app/models/OPNsense/Caddy/Caddy.xml | 8 ++++
.../templates/OPNsense/Caddy/Caddyfile | 39 +++++++++----------
5 files changed, 47 insertions(+), 23 deletions(-)
diff --git a/www/caddy/Makefile b/www/caddy/Makefile
index 6c8288cf3..ed4434653 100644
--- a/www/caddy/Makefile
+++ b/www/caddy/Makefile
@@ -1,5 +1,5 @@
PLUGIN_NAME= caddy
-PLUGIN_VERSION= 1.8.2
+PLUGIN_VERSION= 1.8.3
PLUGIN_DEPENDS= caddy-custom
PLUGIN_COMMENT= Modern Reverse Proxy with Automatic HTTPS, Dynamic DNS and Layer4 Routing
PLUGIN_MAINTAINER= cedrik@pischem.com
diff --git a/www/caddy/pkg-descr b/www/caddy/pkg-descr
index 0dfa6ca70..640ead7ea 100644
--- a/www/caddy/pkg-descr
+++ b/www/caddy/pkg-descr
@@ -13,6 +13,11 @@ DOC: https://docs.opnsense.org/manual/how-tos/caddy.html
Plugin Changelog
================
+1.8.3
+
+* Add: Update DNS Providers with new optional choices (opnsense/plugins/issues/4543)
+* Add: propagation_timeout and propagation_delay (opnsense/plugins/issues/4544)
+
1.8.2
* Add: client_ip_headers (opnsense/plugins/issues/4517)
diff --git a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
index 573fbce1d..89796552d 100644
--- a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
+++ b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
@@ -164,7 +164,21 @@
caddy.general.TlsDnsPropagationTimeout
checkbox
-
+
+
+
+ caddy.general.TlsDnsPropagationTimeoutPeriod
+
+ text
+ 120
+
+
+
+ caddy.general.TlsDnsPropagationDelay
+
+ text
+ 0
+
diff --git a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
index 7a851ce70..4cbd45be7 100644
--- a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
+++ b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
@@ -71,6 +71,14 @@
+
+ 1
+ Please enter a minimum number of 1 or leave empty for default.
+
+
+ 1
+ Please enter a minimum number of 1 or leave empty for default.
+
N
diff --git a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
index afe989808..5e866607c 100644
--- a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
+++ b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
@@ -305,15 +305,6 @@ http://{{ domain }} {
# Purpose: Configures TLS settings based on the DNS provider, API keys, and optional fields.
# Sets up the Caddyfile to update TXT Records with the chosen DNS Provider and receive
# certificates with the DNS-01 challenge. Refer to Dynamic DNS section for more details.
-# Parameters:
-# - @param dnsProvider (string): The DNS provider used for the DNS challenge.
-# - @param dnsApiKey (string): API key for the DNS provider, essential for authentication.
-# - @param customCert (string, optional): The config extracted name of a certificate.
-# - @param dnsChallenge (boolean): Indicates if a DNS challenge is used for certificate authentication.
-# - @param dnsSecretApiKey (string, optional): A secret API key or token for additional security, depending on the provider.
-# - @param TlsDnsOptionalField1 to 4 (string, optional): Additional fields for specific DNS provider configurations.
-# - @param TlsDnsPropagationTimeout (boolean, optional): Disables Propagation Timeout for DNS Challenge.
-# - @param TlsDnsPropagationResolvers (string, optional): Set custom nameserver for DNS Challenge.
#}
{% macro tls_configuration(
customCert,
@@ -326,6 +317,8 @@ http://{{ domain }} {
tlsDnsOptionalField3,
tlsDnsOptionalField4,
tlsDnsPropagationTimeout,
+ tlsDnsPropagationTimeoutPeriod,
+ tlsDnsPropagationDelay,
tlsDnsPropagationResolvers
) %}
{% if customCert or (dnsChallenge == "1" and dnsProvider) %}
@@ -340,8 +333,12 @@ http://{{ domain }} {
resolvers {{ tlsDnsPropagationResolvers }}
{% endif %}
{% if tlsDnsPropagationTimeout|default("0") == "1" %}
- propagation_delay 30s
propagation_timeout -1
+ {% elif tlsDnsPropagationTimeoutPeriod %}
+ propagation_timeout {{ tlsDnsPropagationTimeoutPeriod }}s
+ {% endif %}
+ {% if tlsDnsPropagationDelay %}
+ propagation_delay {{ tlsDnsPropagationDelay }}s
{% endif %}
}
}{% endif %}
@@ -597,19 +594,19 @@ http://{{ domain }} {
}
{% endif %}
{% endif %}
- {% set customCert = reverse.CustomCertificate|default("") %}
- {% set dnsChallenge = reverse.DnsChallenge|default("0") %}
{{ tls_configuration(
- customCert,
- dnsChallenge,
- dnsProvider,
- dnsApiKey,
- dnsSecretApiKey,
- tlsDnsOptionalField1,
- tlsDnsOptionalField2,
- tlsDnsOptionalField3,
- tlsDnsOptionalField4,
+ reverse.CustomCertificate|default(""),
+ reverse.DnsChallenge|default("0"),
+ generalSettings.TlsDnsProvider,
+ generalSettings.TlsDnsApiKey,
+ generalSettings.TlsDnsSecretApiKey,
+ generalSettings.TlsDnsOptionalField1,
+ generalSettings.TlsDnsOptionalField2,
+ generalSettings.TlsDnsOptionalField3,
+ generalSettings.TlsDnsOptionalField4,
generalSettings.TlsDnsPropagationTimeout,
+ generalSettings.TlsDnsPropagationTimeoutPeriod,
+ generalSettings.TlsDnsPropagationDelay,
generalSettings.TlsDnsPropagationResolvers
) }}