From e2f39c2b64e1c5360702e507e0cac56255ca61c3 Mon Sep 17 00:00:00 2001
From: Blake Miner <miner.blake@gmail.com>
Date: Fri, 14 May 2021 10:39:10 -0400
Subject: [PATCH] Fix bound address/port for caddy's certmagic library (see
 #15848) (#15859)

---
 cmd/web_letsencrypt.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/cmd/web_letsencrypt.go b/cmd/web_letsencrypt.go
index 9cfc9b3ab..15a3c92e8 100644
--- a/cmd/web_letsencrypt.go
+++ b/cmd/web_letsencrypt.go
@@ -24,10 +24,14 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 	enableHTTPChallenge := true
 	enableTLSALPNChallenge := true
 	altHTTPPort := 0
+	altTLSALPNPort := 0
 
 	if p, err := strconv.Atoi(setting.PortToRedirect); err == nil {
 		altHTTPPort = p
 	}
+	if p, err := strconv.Atoi(setting.HTTPPort); err == nil {
+		altTLSALPNPort = p
+	}
 
 	magic := certmagic.NewDefault()
 	magic.Storage = &certmagic.FileStorage{Path: directory}
@@ -36,7 +40,8 @@ func runLetsEncrypt(listenAddr, domain, directory, email string, m http.Handler)
 		Agreed:                  setting.LetsEncryptTOS,
 		DisableHTTPChallenge:    !enableHTTPChallenge,
 		DisableTLSALPNChallenge: !enableTLSALPNChallenge,
-		ListenHost:              listenAddr,
+		ListenHost:              setting.HTTPAddr,
+		AltTLSALPNPort:          altTLSALPNPort,
 		AltHTTPPort:             altHTTPPort,
 	})