Suggestion - Multiple storage layers / always sync certs to disk #4566
Comments
|
This could be done by having a storage module implementation which essentially forks, so it writes to both but only uses one as the authoritative one for any reads. But that's out of scope of the Caddy project itself, it wouldn't be implemented as a standard module, but can be implemented as a plugin instead. Also, we have plans to implement an event system so when a certificate is renewed, it could invoke something else to react to that event (such as a shell script or whatever) so that you wouldn't need to poll. You can follow #3643 where I'll give an update on progress there. |
Exactly what I am looking for. Thanks. |
Forgive me if this is something that can already be done. Right now I have a rube goldberg setup to keep my certs in sync with an extrenal service that can't use Caddy directly (postgres doesn't use TLS, so even the L4 plugin doesn't work). Because my Caddy instances are distributed, I use Redis to keep them synced up. Right now I poll redis for changes, but with passwords/aes encryption, this can get a bit clunky. It would be much easier if caddy could either:
-Have a storage only layer, where certs are copied locally on every change
-An export functionality that exports certs regardless of where they are stored
Just my 2 cents. I'll keep digging and close this if it's already possible.
Quick edit: This project exists, but is limited to redis:
https://github.com/masipcat/caddy-storage-migrator
The text was updated successfully, but these errors were encountered: