feat(provider): support for the HTTP-01 challenge

Dockerfile

@@ -11,6 +11,7 @@ RUN go build
 FROM alpine:3.19
 WORKDIR /tmp
 COPY --from=builder /workspace/inca /usr/sbin/
+RUN mkdir -p /tmp/server/webroot
 COPY --from=builder /workspace/server/views /tmp/server/views
 COPY --from=builder /workspace/server/static /tmp/server/static
 ENTRYPOINT ["/usr/sbin/inca"]

provider/letsencrypt.go

@@ -14,6 +14,7 @@ import (
 	"github.com/go-acme/lego/v4/lego"
 	"github.com/go-acme/lego/v4/log"
 	"github.com/go-acme/lego/v4/providers/dns"
+	"github.com/go-acme/lego/v4/providers/http/webroot"
 	"github.com/go-acme/lego/v4/registration"
 	"github.com/immobiliare/inca/pki"
 	"github.com/immobiliare/inca/util"
@@ -171,12 +172,7 @@ func (p *LetsEncrypt) Get(name string, options map[string]string) ([]byte, []byt
 		}
 	}
 
-	provider, err := dns.NewDNSChallengeProviderByName(targetProvider.provider)
-	if err != nil {
-		return nil, nil, err
-	}
-
-	if err := p.client.Challenge.SetDNS01Provider(provider); err != nil {
+	if err := p.SetChallengeProvider(targetProvider.provider); err != nil {
 		return nil, nil, err
 	}
 
@@ -198,6 +194,24 @@ func (p *LetsEncrypt) Get(name string, options map[string]string) ([]byte, []byt
 	return certificates.Certificate, certificates.PrivateKey, nil
 }
 
+func (p *LetsEncrypt) SetChallengeProvider(providerId string) error {
+	if providerId == "webroot" {
+		provider, err := webroot.NewHTTPProvider("./server/webroot")
+		if err != nil {
+			return err
+		}
+
+		return p.client.Challenge.SetHTTP01Provider(provider)
+	}
+
+	provider, err := dns.NewDNSChallengeProviderByName(providerId)
+	if err != nil {
+		return err
+	}
+
+	return p.client.Challenge.SetDNS01Provider(provider)
+}
+
 func (p *LetsEncrypt) Del(name string, data []byte) error {
 	targetProvider, err := p.getChallengeProvider(name)
 	if err != nil {

server/inca.go

@@ -68,7 +68,8 @@ func Spinup(path string) (*Inca, error) {
 	inca.Use(middleware.Logger(zerolog.New(os.Stdout), func(c *fiber.Ctx) bool {
 		return strings.HasPrefix(c.Path(), "/health") ||
 			strings.HasPrefix(c.Path(), "/static/") ||
-			strings.HasPrefix(c.Path(), "/favicon.ico")
+			strings.HasPrefix(c.Path(), "/favicon.ico") ||
+			strings.HasPrefix(c.Path(), "/.well-known/acme-challenge/")
 	}))
 	inca.Use(redirect.New(redirect.Config{
 		Rules: map[string]string{
@@ -87,6 +88,7 @@ func Spinup(path string) (*Inca, error) {
 		static.CacheDuration = 5 * time.Second
 	}
 	inca.Static("/static", "./server/static", static)
+	inca.Static("/.well-known/acme-challenge/", "./server/webroot")
 	incaWeb := inca.Group("/web")
 	incaWeb.Use(middleware.Session(inca.sessionStore, inca.acl))
 	incaWeb.Get("/", inca.handlerWebIndex)