Files

Wikid82 e4b737710c feat: implement ACME staging support for Let's Encrypt to avoid rate limits during development and testing

2025-11-24 23:10:07 +00:00

2.9 KiB

Raw Blame History

ACME Staging Implementation Summary

What Was Added

Added support for Let's Encrypt staging environment to prevent rate limiting during development and testing.

Changes Made

1. Configuration (`backend/internal/config/config.go`)

Added ACMEStaging bool field to Config struct
Reads from CPM_ACME_STAGING environment variable

2. Caddy Manager (`backend/internal/caddy/manager.go`)

Added acmeStaging bool field to Manager struct
Updated NewManager() to accept acmeStaging parameter
Passes acmeStaging to GenerateConfig()

3. Config Generation (`backend/internal/caddy/config.go`)

Updated GenerateConfig() signature to accept acmeStaging bool
When acmeStaging=true:
- Sets ca field to https://acme-staging-v02.api.letsencrypt.org/directory
- Applies to both "letsencrypt" and "both" SSL provider modes

4. Route Registration (`backend/internal/api/routes/routes.go`)

Passes cfg.ACMEStaging to caddy.NewManager()

5. Docker Compose (`docker-compose.local.yml`)

Added CPM_ACME_STAGING=true environment variable for local development

6. Tests

Updated all test files to pass new acmeStaging parameter
Added TestGenerateConfig_ACMEStaging() to verify behavior
All tests pass ✅

7. Documentation

Created /docs/acme-staging.md - comprehensive guide
Updated /docs/getting-started.md - added environment variables section
Explained rate limits, staging vs production, and troubleshooting

Usage

Development (Avoid Rate Limits)

docker run -d \
  -e CPM_ACME_STAGING=true \
  -p 8080:8080 \
  ghcr.io/wikid82/cpmp:latest

Production (Real Certificates)

docker run -d \
  -p 8080:8080 \
  ghcr.io/wikid82/cpmp:latest

Verification

Container logs confirm staging is active:

"ca":"https://acme-staging-v02.api.letsencrypt.org/directory"

Benefits

No Rate Limits: Test certificate issuance without hitting Let's Encrypt limits
Safe Testing: Won't affect production certificate quotas
Easy Toggle: Single environment variable to switch modes
Default Production: Staging must be explicitly enabled
Well Documented: Clear guides for users and developers

Test Results

✅ All backend tests pass (go test ./...)
✅ Config generation tests verify staging CA is set
✅ Manager tests updated and passing
✅ Handler tests updated and passing
✅ Integration verified in running container

Files Modified

backend/internal/config/config.go
backend/internal/caddy/config.go
backend/internal/caddy/manager.go
backend/internal/api/routes/routes.go
backend/internal/caddy/config_test.go
backend/internal/caddy/manager_test.go
backend/internal/caddy/client_test.go
backend/internal/api/handlers/proxy_host_handler_test.go
docker-compose.local.yml

Files Created

docs/acme-staging.md - User guide
ACME_STAGING_IMPLEMENTATION.md - This summary

2.9 KiB Raw Blame History

ACME Staging Implementation Summary

What Was Added

Changes Made

1. Configuration (backend/internal/config/config.go)

2. Caddy Manager (backend/internal/caddy/manager.go)

3. Config Generation (backend/internal/caddy/config.go)

4. Route Registration (backend/internal/api/routes/routes.go)

5. Docker Compose (docker-compose.local.yml)

6. Tests

7. Documentation

Usage

Development (Avoid Rate Limits)

Production (Real Certificates)

Verification

Benefits

Test Results

Files Modified

Files Created

2.9 KiB

Raw Blame History

1. Configuration (`backend/internal/config/config.go`)

2. Caddy Manager (`backend/internal/caddy/manager.go`)

3. Config Generation (`backend/internal/caddy/config.go`)

4. Route Registration (`backend/internal/api/routes/routes.go`)

5. Docker Compose (`docker-compose.local.yml`)