ref: e532059dfa0c3ef48c4df8ce4f62d3102521d006 tlstunnel/server.go -rw-r--r-- 5.8 KiB
Drop TODO regarding ACME HTTP challenges
Add "tls load" frontend directive
Switch to scfg

And we get nested blocks for free.
Set PROXY protocol PP2_TYPE_SSL
Use upstream proxyproto.HeaderProxyFromAddrs
Add support for wildcard server names in frontend directives

This adds support for matching incoming TLS connections to the
corresponding frontend when the frontend has a wildcard server name.

This does not add support for generating wildcard certificates from
Let's Encrypt, which requires DNS challenges.
Store certificates in /var/lib/tlstunnel by default
Move back directive processing to tlstunnel package
Move executable to cmd/tlstunnel

This allows us to expose the toplevel tlstunnel package.
Export Server.acmeManager
Add support for the PROXY protocol
Add `tls ca` directive
Don't add empty strings to list of managed certificates
Allow to route to different backend depending on SNI
Add certmagic support
Implement basic TCP proxy