ref: 4684feb935a8ca58f4eb96afb29ef23fb6ccc1c6 tlstunnel/server.go -rw-r--r-- 5.8 KiB
Move ACME logger setup to cmd/tlstunnel

This will allow us to customize the logger options depending on CLI
Enable certmagic logging
Drop TODO regarding ACME HTTP challenges
Add "tls load" frontend directive
Switch to scfg

And we get nested blocks for free.
Set PROXY protocol PP2_TYPE_SSL
Use upstream proxyproto.HeaderProxyFromAddrs
Add support for wildcard server names in frontend directives

This adds support for matching incoming TLS connections to the
corresponding frontend when the frontend has a wildcard server name.

This does not add support for generating wildcard certificates from
Let's Encrypt, which requires DNS challenges.
Store certificates in /var/lib/tlstunnel by default
Move back directive processing to tlstunnel package
Move executable to cmd/tlstunnel

This allows us to expose the toplevel tlstunnel package.
Export Server.acmeManager
Add support for the PROXY protocol
Add `tls ca` directive
Don't add empty strings to list of managed certificates
Allow to route to different backend depending on SNI
Add certmagic support
Implement basic TCP proxy