Make Controller.instance public instead of private

(Dali Licul) #1

Hi, as I’m extending caddy with plugins I’m finding that the only way to get access to the instance is to cycle through caddy.Instances() in my plugin setup(c *caddy.Controller) function.

It would be great if controller.instance can be made public instead of private.

Thanks!

(Matt Holt) #2

What do you need from the Instance in your setup function?

(Dali Licul) #3

I’m using caddytls.NewConfig(inst *caddy.Instance). Using manual certificate that is added to instance cache during plugin initialization (pem fetched via REST service) thus avoiding to store the certificate on drive which is less secure.

(Matt Holt) #4

What kind of plugin(s) are you writing? I have a few comments already but I want more information about what you’re trying to do.

thus avoiding to store the certificate on drive which is less secure.

Only if your server is misconfigured; I hardly think storage on disk is less secure than downloading PEM files over HTTP. If someone has access to your home folder (or where ever your CADDYPATH is), that’s a bigger concern, since they probably have access to your network stack too.

(Dali Licul) #5

It’s a plugin that manages certificate installation and rotation and SSL termination. It also does JWT validation and REST route filtering before proxying to underlying service (authorization and authentication). Our cert service is not using ACME protocol and Let’s Encrypt is not on radar any time soon.

Agree that if access to machine is compromised then other things will be compromised as well. But not having the private key on disk makes it a little more secure.

(Matt Holt) #6

A better solution to this would probably be to swap out the few functions that do fundamental things like “ObtainCert” and “RenewCert” instead of replacing almost the entirety of Caddy’s caddytls package… that said, I’m sorry but I won’t be able to get around to that for some time (it’s not really on the roadmap), and that’s if there is enough demand. Plus I am still not convinced that “not having the private key on disk makes it a little more secure” – more private TLS keys have been compromised sitting in memory than on disk.

(system) closed #7

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.