diff options
28 files changed, 201 insertions, 544 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0bc262b..43bac7f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,10 +5,10 @@ name: Cross-Platform on: push: branches: - - v2 + - master pull_request: branches: - - v2 + - master jobs: test: @@ -123,4 +123,4 @@ jobs: uses: reviewdog/action-golangci-lint@v1 # uses: docker://reviewdog/action-golangci-lint:v1 # pre-build docker image with: - github_token: ${{ secrets.github_token }}
\ No newline at end of file + github_token: ${{ secrets.github_token }} diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index a0487c1..b8a1320 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -4,10 +4,10 @@ on: # Regression testing push: branches: - - v2 + - master pull_request: branches: - - v2 + - master # Daily midnight fuzzing schedule: @@ -1,19 +1,10 @@ -Caddy 2 -======= - -This is the development branch for Caddy 2, the web server of the Go community. - -**Caddy 2 is production-ready, but there may be breaking changes before the stable 2.0 release.** Please test it and deploy it as much as you are able, and submit your feedback! - ---- - <p align="center"> <a href="https://caddyserver.com"><img src="https://user-images.githubusercontent.com/1128849/36338535-05fb646a-136f-11e8-987b-e6901e717d5a.png" alt="Caddy" width="450"></a> </p> <h3 align="center">Every site on HTTPS</h3> <p align="center">Caddy is an extensible server platform that uses TLS by default.</p> <p align="center"> - <a href="https://github.com/caddyserver/caddy/actions?query=workflow%3ACross-Platform"><img src="https://github.com/caddyserver/caddy/workflows/Cross-Platform/badge.svg?branch=v2"></a> + <a href="https://github.com/caddyserver/caddy/actions?query=workflow%3ACross-Platform"><img src="https://github.com/caddyserver/caddy/workflows/Cross-Platform/badge.svg"></a> <a href="https://pkg.go.dev/github.com/caddyserver/caddy/v2"><img src="https://img.shields.io/badge/godoc-reference-blue.svg"></a> <a href="https://app.fuzzit.dev/orgs/caddyserver-gh/dashboard"><img src="https://app.fuzzit.dev/badge?org_id=caddyserver-gh"></a> <br> @@ -31,6 +22,7 @@ This is the development branch for Caddy 2, the web server of the Go community. ### Menu +- [Features](#features) - [Build from source](#build-from-source) - [For development](#for-development) - [With version information and/or plugins](#with-version-information-andor-plugins) @@ -46,6 +38,27 @@ This is the development branch for Caddy 2, the web server of the Go community. <a href="https://github.com/caddyserver/certmagic"><img src="https://user-images.githubusercontent.com/1128849/49704830-49d37200-fbd5-11e8-8385-767e0cd033c3.png" alt="CertMagic" width="250"></a> </p> + +## Features + +- **Easy configuration** with the [Caddyfile](https://caddyserver.com/docs/caddyfile) +- **Powerful configuration** with its [native JSON config](https://caddyserver.com/docs/json/) +- **Dynamic configuration** with the [JSON API](https://caddyserver.com/api) +- [**Config adapters**](https://caddyserver.com/docs/config-adapters) if you don't like JSON +- **Automatic HTTPS** by default + - [Let's Encrypt](https://letsencrypt.org) for public sites + - Fully-managed local CA for internal names & IPs + - Can coordinate with other Caddy instances in a cluster +- **Stays up when other servers go down** due to TLS/OCSP/certificate-related issues +- **HTTP/1.1, HTTP/2, and experimental HTTP/3** support +- **Highly extensible** [modular architecture](https://caddyserver.com/docs/extending-caddy) lets Caddy do anything without bloat +- **Runs anywhere** with **no external dependencies** (not even libc) +- Written in Go, a language with higher **memory safety guarantees** than other servers +- Actually **fun to use** +- So, so much more + + + ## Build from source Requirements: @@ -54,22 +67,30 @@ Requirements: - Do NOT disable [Go modules](https://github.com/golang/go/wiki/Modules) (`export GO111MODULE=on`) ### For development - -_**Note:** These steps [will not embed proper version information](https://github.com/golang/go/issues/29228). For that, please follow the instructions below._ ```bash -$ git clone -b v2 "https://github.com/caddyserver/caddy.git" +$ git clone "https://github.com/caddyserver/caddy.git" $ cd caddy/cmd/caddy/ $ go build ``` +_**Note:** These steps [will not embed proper version information](https://github.com/golang/go/issues/29228). For that, please follow the instructions below._ + ### With version information and/or plugins +Using [our builder tool](https://github.com/caddyserver/builder)... + +``` +$ builder --version CADDY_VERSION +``` + +...the following steps are automated: + 1. Create a new folder: `mkdir caddy` 2. Change into it: `cd caddy` -3. Copy [Caddy's main.go](https://github.com/caddyserver/caddy/blob/v2/cmd/caddy/main.go) into the empty folder. Add imports for any custom plugins you want to add. +3. Copy [Caddy's main.go](https://github.com/caddyserver/caddy/blob/master/cmd/caddy/main.go) into the empty folder. Add imports for any custom plugins you want to add. 4. Initialize a Go module: `go mod init caddy` -5. Pin Caddy version: `go get github.com/caddyserver/caddy/v2@TAG` replacing `TAG` with a git tag or commit. +5. Pin Caddy version: `go get github.com/caddyserver/caddy/v2@TAG` replacing `TAG` with a git tag or commit. You can also pin any plugin versions similarly. 6. Compile: `go build` @@ -776,7 +776,7 @@ var ( // in the config. It also matches adjacent commas so that syntax // can be preserved no matter where in the object the field appears. // It supports string and most numeric values. -var idRegexp = regexp.MustCompile(`(?m),?\s*"` + idKey + `":\s?(-?[0-9]+(\.[0-9]+)?|(?U)".*")\s*,?`) +var idRegexp = regexp.MustCompile(`(?m),?\s*"` + idKey + `"\s*:\s*(-?[0-9]+(\.[0-9]+)?|(?U)".*")\s*,?`) const ( rawConfigKey = "config" diff --git a/caddyconfig/httpcaddyfile/httptype.go b/caddyconfig/httpcaddyfile/httptype.go index 50f3252..0a22807 100644 --- a/caddyconfig/httpcaddyfile/httptype.go +++ b/caddyconfig/httpcaddyfile/httptype.go @@ -319,11 +319,13 @@ func (ServerType) evaluateGlobalOptionsBlock(serverBlocks []serverBlock, options } // hostsFromServerBlockKeys returns a list of all the non-empty hostnames -// found in the keys of the server block sb. If sb has a key that omits -// the hostname (i.e. is a catch-all/empty host), then the returned list -// is empty, because the server block effectively matches ALL hosts. +// found in the keys of the server block sb, unless allowEmpty is true, in +// which case a key with no host (e.g. ":443") will be added to the list as +// an empty string. Otherwise, if allowEmpty is false, and if sb has a key +// that omits the hostname (i.e. is a catch-all/empty host), then the returned +// list is empty, because the server block effectively matches ALL hosts. // The list may not be in a consistent order. -func (st *ServerType) hostsFromServerBlockKeys(sb caddyfile.ServerBlock) ([]string, error) { +func (st *ServerType) hostsFromServerBlockKeys(sb caddyfile.ServerBlock, allowEmpty bool) ([]string, error) { // first get each unique hostname hostMap := make(map[string]struct{}) for _, sblockKey := range sb.Keys { @@ -332,7 +334,7 @@ func (st *ServerType) hostsFromServerBlockKeys(sb caddyfile.ServerBlock) ([]stri return nil, fmt.Errorf("parsing server block key: %v", err) } addr = addr.Normalize() - if addr.Host == "" { + if addr.Host == "" && !allowEmpty { // server block contains a key like ":443", i.e. the host portion // is empty / catch-all, which means to match all hosts return []string{}, nil @@ -408,7 +410,7 @@ func (st *ServerType) serversFromPairings( return nil, fmt.Errorf("server block %v: compiling matcher sets: %v", sblock.block.Keys, err) } - hosts, err := st.hostsFromServerBlockKeys(sblock.block) + hosts, err := st.hostsFromServerBlockKeys(sblock.block, false) if err != nil { return nil, err } @@ -488,14 +490,12 @@ func (st *ServerType) serversFromPairings( LoggerNames: make(map[string]string), } } - hosts, err := st.hostsFromServerBlockKeys(sblock.block) + hosts, err := st.hostsFromServerBlockKeys(sblock.block, true) if err != nil { return nil, err } for _, h := range hosts { - if ncl.name != "" { - srv.Logs.LoggerNames[h] = ncl.name - } + srv.Logs.LoggerNames[h] = ncl.name } } } diff --git a/caddyconfig/httpcaddyfile/tlsapp.go b/caddyconfig/httpcaddyfile/tlsapp.go index 4f72a4a..3b3963f 100644 --- a/caddyconfig/httpcaddyfile/tlsapp.go +++ b/caddyconfig/httpcaddyfile/tlsapp.go @@ -82,7 +82,7 @@ func (st ServerType) buildTLSApp( // get values that populate an automation policy for this block var ap *caddytls.AutomationPolicy - sblockHosts, err := st.hostsFromServerBlockKeys(sblock.block) + sblockHosts, err := st.hostsFromServerBlockKeys(sblock.block, false) if err != nil { return nil, warnings, err } diff --git a/caddyconfig/json5/json5.go b/caddyconfig/json5/json5.go deleted file mode 100644 index 2c86301..0000000 --- a/caddyconfig/json5/json5.go +++ /dev/null @@ -1,43 +0,0 @@ -// Copyright 2015 Matthew Holt and The Caddy Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package json5adapter - -import ( - "encoding/json" - - "github.com/caddyserver/caddy/v2/caddyconfig" - "github.com/ilibs/json5" -) - -func init() { - caddyconfig.RegisterAdapter("json5", Adapter{}) -} - -// Adapter adapts JSON5 to Caddy JSON. -type Adapter struct{} - -// Adapt converts the JSON5 config in body to Caddy JSON. -func (a Adapter) Adapt(body []byte, options map[string]interface{}) (result []byte, warnings []caddyconfig.Warning, err error) { - var decoded interface{} - err = json5.Unmarshal(body, &decoded) - if err != nil { - return - } - result, err = json.Marshal(decoded) - return -} - -// Interface guard -var _ caddyconfig.Adapter = (*Adapter)(nil) diff --git a/caddyconfig/jsonc/jsonc.go b/caddyconfig/jsonc/jsonc.go deleted file mode 100644 index 4f72c05..0000000 --- a/caddyconfig/jsonc/jsonc.go +++ /dev/null @@ -1,49 +0,0 @@ -// Copyright 2015 Matthew Holt and The Caddy Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package jsoncadapter - -import ( - "encoding/json" - - "github.com/caddyserver/caddy/v2/caddyconfig" - "github.com/muhammadmuzzammil1998/jsonc" -) - -func init() { - caddyconfig.RegisterAdapter("jsonc", Adapter{}) -} - -// Adapter adapts JSON-C to Caddy JSON. -type Adapter struct{} - -// Adapt converts the JSON-C config in body to Caddy JSON. -func (a Adapter) Adapt(body []byte, options map[string]interface{}) (result []byte, warnings []caddyconfig.Warning, err error) { - result = jsonc.ToJSON(body) - - // any errors in the JSON will be - // reported during config load, but - // we can at least warn here that - // it is not valid JSON - if !json.Valid(result) { - warnings = append(warnings, caddyconfig.Warning{ - Message: "Resulting JSON is invalid.", - }) - } - - return -} - -// Interface guard -var _ caddyconfig.Adapter = (*Adapter)(nil) diff --git a/caddytest/caddytest.go b/caddytest/caddytest.go index a020be9..ed503eb 100644 --- a/caddytest/caddytest.go +++ b/caddytest/caddytest.go @@ -301,6 +301,10 @@ func AssertRedirect(t *testing.T, requestURI string, expectedToLocation string, } loc, err := resp.Location() + if err != nil { + t.Errorf("requesting \"%s\" expected location: \"%s\" but got error: %s", requestURI, expectedToLocation, err) + } + if expectedToLocation != loc.String() { t.Errorf("requesting \"%s\" expected location: \"%s\" but got \"%s\"", requestURI, expectedToLocation, loc.String()) } diff --git a/cmd/commandfuncs.go b/cmd/commandfuncs.go index 80d00a3..46de9de 100644 --- a/cmd/commandfuncs.go +++ b/cmd/commandfuncs.go @@ -35,7 +35,6 @@ import ( "github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2/caddyconfig" "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - "github.com/caddyserver/certmagic" "go.uber.org/zap" ) @@ -184,15 +183,6 @@ func cmdRun(fl Flags) (int, error) { } } - // set a fitting User-Agent for ACME requests - goModule := caddy.GoModule() - cleanModVersion := strings.TrimPrefix(goModule.Version, "v") - certmagic.UserAgent = "Caddy/" + cleanModVersion - - // by using Caddy, user indicates agreement to CA terms - // (very important, or ACME account creation will fail!) - certmagic.DefaultACME.Agreed = true - // run the initial config err = caddy.Load(config, true) if err != nil { diff --git a/cmd/main.go b/cmd/main.go index 4dbbe38..bdc95a4 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -30,9 +30,21 @@ import ( "github.com/caddyserver/caddy/v2" "github.com/caddyserver/caddy/v2/caddyconfig" + "github.com/caddyserver/certmagic" "go.uber.org/zap" ) +func init() { + // set a fitting User-Agent for ACME requests + goModule := caddy.GoModule() + cleanModVersion := strings.TrimPrefix(goModule.Version, "v") + certmagic.UserAgent = "Caddy/" + cleanModVersion + + // by using Caddy, user indicates agreement to CA terms + // (very important, or ACME account creation will fail!) + certmagic.DefaultACME.Agreed = true +} + // Main implements the main function of the caddy command. // Call this if Caddy is to be the main() if your program. func Main() { @@ -5,32 +5,28 @@ go 1.14 require ( github.com/Masterminds/sprig/v3 v3.0.2 github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a - github.com/andybalholm/brotli v1.0.0 github.com/caddyserver/certmagic v0.10.4 github.com/dustin/go-humanize v1.0.1-0.20200219035652-afde56e7acac github.com/go-acme/lego/v3 v3.5.0 - github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e github.com/google/cel-go v0.4.0 - github.com/ilibs/json5 v1.0.1 github.com/jsternberg/zap-logfmt v1.2.0 github.com/klauspost/compress v1.10.3 github.com/klauspost/cpuid v1.2.3 github.com/lucas-clemente/quic-go v0.15.2 github.com/manifoldco/promptui v0.7.0 // indirect github.com/miekg/dns v1.1.29 // indirect - github.com/muhammadmuzzammil1998/jsonc v0.0.0-20200303171503-1e787b591db7 github.com/naoina/go-stringutil v0.1.0 // indirect github.com/naoina/toml v0.1.1 github.com/smallstep/certificates v0.14.0-rc.5 github.com/smallstep/cli v0.14.0-rc.3 github.com/smallstep/truststore v0.9.4 - github.com/vulcand/oxy v1.0.0 + github.com/vulcand/oxy v1.1.0 github.com/yuin/goldmark v1.1.25 github.com/yuin/goldmark-highlighting v0.0.0-20200307114337-60d527fdb691 go.uber.org/zap v1.14.1 - golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 - golang.org/x/net v0.0.0-20200319234117-63522dbf7eec - google.golang.org/genproto v0.0.0-20200305110556-506484158171 + golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59 + golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e + google.golang.org/genproto v0.0.0-20200323114720-3f67cca34472 gopkg.in/natefinch/lumberjack.v2 v2.0.0 gopkg.in/square/go-jose.v2 v2.4.1 // indirect gopkg.in/yaml.v2 v2.2.8 @@ -100,8 +100,6 @@ github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRF github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190808125512-07798873deee h1:NYqDBPkhVYt68W3yoGoRRi32i3MLx2ey7SFkJ1v/UI0= github.com/aliyun/alibaba-cloud-sdk-go v0.0.0-20190808125512-07798873deee/go.mod h1:myCDvQSzCW+wB1WAlocEru4wMGJxy+vlxHdhegi1CDQ= github.com/aliyun/aliyun-oss-go-sdk v0.0.0-20190307165228-86c17b95fcd5/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8= -github.com/andybalholm/brotli v1.0.0 h1:7UCwP93aiSfvWpapti8g88vVVGp2qqtGyePsSuDafo4= -github.com/andybalholm/brotli v1.0.0/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y= github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c= github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q= github.com/antlr/antlr4 v0.0.0-20190819145818-b43a4c3a8015 h1:StuiJFxQUsxSCzcby6NFZRdEhPkXD5vxN7TZ4MD6T84= @@ -344,6 +342,7 @@ github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2z github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= +github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/gostaticanalysis/analysisutil v0.0.0-20190318220348-4088753ea4d3/go.mod h1:eEOZF4jCKGi+aprrirO9e7WKB3beBRtWgqGunKl6pKE= github.com/gostaticanalysis/analysisutil v0.0.3/go.mod h1:eEOZF4jCKGi+aprrirO9e7WKB3beBRtWgqGunKl6pKE= github.com/gravitational/trace v0.0.0-20190726142706-a535a178675f/go.mod h1:RvdOUHE4SHqR3oXlFFKnGzms8a5dugHygGw1bqDstYI= @@ -368,8 +367,6 @@ github.com/huandu/xstrings v1.2.0/go.mod h1:DvyZB1rfVYsBIigL8HwpZgxHwXozlTgGqn63 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/icrowley/fake v0.0.0-20180203215853-4178557ae428/go.mod h1:uhpZMVGznybq1itEKXj6RYw9I71qK4kH+OGMjRC4KEo= github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df/go.mod h1:QMZY7/J/KSQEhKWFeDesPjMj+wCHReeknARU3wqlyN4= -github.com/ilibs/json5 v1.0.1 h1:3e14wUQM8PyK6Hf1bM+zAQFxfG+N5oZj35x5vCNeQ58= -github.com/ilibs/json5 v1.0.1/go.mod h1:kXsGuzHMPuZZTN15l0IQzy5PR8DrDhPB24tFgwpdKME= github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8 h1:CGgOkSJeqMRmt0D9XLWExdT4m4F1vd3FV3VPt+0VxkQ= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= @@ -498,8 +495,6 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8= github.com/mozilla/tls-observatory v0.0.0-20180409132520-8791a200eb40/go.mod h1:SrKMQvPiws7F7iqYp8/TX+IhxCYhzr6N/1yb8cwHsGk= github.com/mozilla/tls-observatory v0.0.0-20190404164649-a3c1b6cfecfd/go.mod h1:SrKMQvPiws7F7iqYp8/TX+IhxCYhzr6N/1yb8cwHsGk= -github.com/muhammadmuzzammil1998/jsonc v0.0.0-20200303171503-1e787b591db7 h1:IhnWtz7gaLvL0wn8xr86ERSvSmwNAsaHMRAqgsu/CVQ= -github.com/muhammadmuzzammil1998/jsonc v0.0.0-20200303171503-1e787b591db7/go.mod h1:saF2fIVw4banK0H4+/EuqfFLpRnoy5S+ECwTOCcRcSU= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/namedotcom/go v0.0.0-20180403034216-08470befbe04/go.mod h1:5sN+Lt1CaY4wsPvgQH/jsuJi4XO2ssZbdsIizr4CVC8= github.com/naoina/go-stringutil v0.1.0 h1:rCUeRUHjBjGTSHl0VC00jUPLz8/F9dDzYI70Hzifhks= @@ -750,8 +745,8 @@ github.com/valyala/quicktemplate v1.2.0/go.mod h1:EH+4AkTd43SvgIbQHYu59/cJyxDoOV github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU= github.com/viant/toolbox v0.24.0/go.mod h1:OxMCG57V0PXuIP2HNQrtJf2CjqdmbrOx5EkMILuUhzM= -github.com/vulcand/oxy v1.0.0 h1:7vL5/pjDFzHGbtBEhmlHITUi6KLH4xXTDF33/wrdRKw= -github.com/vulcand/oxy v1.0.0/go.mod h1:6EXgOAl6CRa46/2ZGcDJKf3ywJUp5WtT7vSlGSkvecI= +github.com/vulcand/oxy v1.1.0 h1:DbBijGo1+6cFqR9jarkMxasdj0lgWwrrFtue6ijek4Q= +github.com/vulcand/oxy v1.1.0/go.mod h1:ADiMYHi8gkGl2987yQIzDRoXZilANF4WtKaQ92OppKY= github.com/vulcand/predicate v1.1.0/go.mod h1:mlccC5IRBoc2cIFmCB8ZM62I3VDb6p2GXESMHa3CnZg= github.com/vultr/govultr v0.1.4/go.mod h1:9H008Uxr/C4vFNGLqKx232C206GL0PBHzOP0809bGNA= github.com/weppos/publicsuffix-go v0.4.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= @@ -824,8 +819,8 @@ golang.org/x/crypto v0.0.0-20191227163750-53104e6ec876/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073 h1:xMPOj6Pz6UipU1wXLkrtqpHbR0AVFnyPEQq/wRWz9lM= golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 h1:TjszyFsQsyZNHwdVdZ5m7bjmreu0znc2kRYsEml9/Ww= -golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59 h1:3zb4D3T4G8jdExgVU/95+vQXfpEPiMdCaZgmGVxjNHM= +golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -896,8 +891,8 @@ golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0= golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200319234117-63522dbf7eec h1:w0SItUiQ4sBiXBAwWNkyu8Fu2Qpn/dtDIcoPkPDqjRw= -golang.org/x/net v0.0.0-20200319234117-63522dbf7eec/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e h1:3G+cUijn7XD+S4eJFddp53Pv7+slrESplyjG25HgL+k= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181017192945-9dcd33a902f4/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20181203162652-d668ce993890/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -963,6 +958,8 @@ golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae h1:/WDfKMnPU+m5M4xB+6x4kaepx golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 h1:uYVVQ9WP/Ds2ROhcaGPeIdVq0RIXVLwsHlnvJ+cT1So= golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915090833-1cbadb444a80/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1089,6 +1086,8 @@ google.golang.org/genproto v0.0.0-20200212174721-66ed5ce911ce/go.mod h1:55QSHmfG google.golang.org/genproto v0.0.0-20200224152610-e50cd9704f63/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/genproto v0.0.0-20200305110556-506484158171 h1:xes2Q2k+d/+YNXVw0FpZkIDJiaux4OVrRKXRAzH6A0U= google.golang.org/genproto v0.0.0-20200305110556-506484158171/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= +google.golang.org/genproto v0.0.0-20200323114720-3f67cca34472 h1:XRuIAeTRoXziYGYTVer+YGxVXQBiOhZ8+SpNELP73oQ= +google.golang.org/genproto v0.0.0-20200323114720-3f67cca34472/go.mod h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -1158,6 +1157,7 @@ honnef.co/go/tools v0.0.1-2020.1.3 h1:sXmLre5bzIR6ypkjXCDI3jHPssRhc8KD/Ome589sc3 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= howett.net/plist v0.0.0-20181124034731-591f970eefbb h1:jhnBjNi9UFpfpl8YZhA9CrOqpnJdvzuiHsl/dnxl11M= howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0= +launchpad.net/gocheck v0.0.0-20140225173054-000000000087/go.mod h1:hj7XX3B/0A+80Vse0e+BUHsHMTEhd0O4cpUHr/e/BUM= mvdan.cc/interfacer v0.0.0-20180901003855-c20040233aed/go.mod h1:Xkxe497xwlCKkIaQYRfC7CSLworTXY9RMqwhhCm+8Nc= mvdan.cc/lint v0.0.0-20170908181259-adc824a0674b/go.mod h1:2odslEg/xrtNQqCYg2/jCoyKnw3vv5biOc3JnIcYfL4= mvdan.cc/unparam v0.0.0-20190209190245-fbb59629db34/go.mod h1:H6SUd1XjIs+qQCyskXg5OFSrilMRUkD8ePJpHKDPaeY= diff --git a/modules/caddyhttp/encode/brotli/brotli.go b/modules/caddyhttp/encode/brotli/brotli.go deleted file mode 100644 index fababd3..0000000 --- a/modules/caddyhttp/encode/brotli/brotli.go +++ /dev/null @@ -1,95 +0,0 @@ -// Copyright 2015 Matthew Holt and The Caddy Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package caddybrotli - -import ( - "fmt" - "strconv" - - "github.com/andybalholm/brotli" - "github.com/caddyserver/caddy/v2" - "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - "github.com/caddyserver/caddy/v2/modules/caddyhttp/encode" -) - -func init() { - caddy.RegisterModule(Brotli{}) -} - -// Brotli can create brotli encoders. Note that brotli -// is not known for great encoding performance, and -// its use during requests is discouraged; instead, -// pre-compress the content instead. -type Brotli struct { - Quality *int `json:"quality,omitempty"` -} - -// CaddyModule returns the Caddy module information. -func (Brotli) CaddyModule() caddy.ModuleInfo { - return caddy.ModuleInfo{ - ID: "http.encoders.brotli", - New: func() caddy.Module { return new(Brotli) }, - } -} - -// UnmarshalCaddyfile sets up the handler from Caddyfile tokens. -func (b *Brotli) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { - for d.Next() { - if !d.NextArg() { - continue - } - qualityStr := d.Val() - quality, err := strconv.Atoi(qualityStr) - if err != nil { - return err - } - b.Quality = &quality - } - return nil -} - -// Validate validates b's configuration. -func (b Brotli) Validate() error { - if b.Quality != nil { - quality := *b.Quality - if quality < brotli.BestSpeed { - return fmt.Errorf("quality too low; must be >= %d", brotli.BestSpeed) - } - if quality > brotli.BestCompression { - return fmt.Errorf("quality too high; must be <= %d", brotli.BestCompression) - } - } - return nil -} - -// AcceptEncoding returns the name of the encoding as -// used in the Accept-Encoding request headers. -func (Brotli) AcceptEncoding() string { return "br" } - -// NewEncoder returns a new brotli writer. -func (b Brotli) NewEncoder() encode.Encoder { - quality := brotli.DefaultCompression - if b.Quality != nil { - quality = *b.Quality - } - return brotli.NewWriterLevel(nil, quality) -} - -// Interface guards -var ( - _ encode.Encoding = (*Brotli)(nil) - _ caddy.Validator = (*Brotli)(nil) - _ caddyfile.Unmarshaler = (*Brotli)(nil) -) diff --git a/modules/caddyhttp/encode/caddyfile.go b/modules/caddyhttp/encode/caddyfile.go index 629f0e2..9d9646c 100644 --- a/modules/caddyhttp/encode/caddyfile.go +++ b/modules/caddyhttp/encode/caddyfile.go @@ -42,7 +42,6 @@ func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) // encode [<matcher>] <formats...> { // gzip [<level>] // zstd -// brotli [<quality>] // } // // Specifying the formats on the first line will use those formats' defaults. diff --git a/modules/caddyhttp/fileserver/caddyfile.go b/modules/caddyhttp/fileserver/caddyfile.go index 67ae4f4..2980436 100644 --- a/modules/caddyhttp/fileserver/caddyfile.go +++ b/modules/caddyhttp/fileserver/caddyfile.go @@ -63,7 +63,7 @@ func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) } case "index": fsrv.IndexNames = h.RemainingArgs() - if len(fsrv.Hide) == 0 { + if len(fsrv.IndexNames) == 0 { return nil, h.ArgErr() } case "root": diff --git a/modules/caddyhttp/httpcache/httpcache.go b/modules/caddyhttp/httpcache/httpcache.go deleted file mode 100644 index 605a183..0000000 --- a/modules/caddyhttp/httpcache/httpcache.go +++ /dev/null @@ -1,242 +0,0 @@ -// Copyright 2015 Matthew Holt and The Caddy Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package httpcache - -import ( - "bytes" - "context" - "encoding/gob" - "fmt" - "io" - "log" - "net/http" - "sync" - - "github.com/caddyserver/caddy/v2" - "github.com/caddyserver/caddy/v2/modules/caddyhttp" - "github.com/golang/groupcache" -) - -func init() { - caddy.RegisterModule(Cache{}) -} - -// Cache implements a simple distributed cache. -// -// NOTE: This module is a work-in-progress. It is -// not finished and is NOT ready for production use. -// [We need your help to finish it! Please volunteer -// in this issue.](https://github.com/caddyserver/caddy/issues/2820) -// Until it is finished, this module is subject to -// breaking changes. -// -// Caches only GET and HEAD requests. Honors the Cache-Control: no-cache header. -// -// Still TODO: -// -// - Eviction policies and API -// - Use single cache per-process -// - Preserve cache through config reloads -// - More control over what gets cached -type Cache struct { - // The network address of this cache instance; required. - Self string `json:"self,omitempty"` - - // A list of network addresses of cache instances in the group. - Peers []string `json:"peers,omitempty"` - - // Maximum size of the cache, in bytes. Default is 512 MB. - MaxSize int64 `json:"max_size,omitempty"` - - group *groupcache.Group -} - -// CaddyModule returns the Caddy module information. -func (Cache) CaddyModule() caddy.ModuleInfo { - return caddy.ModuleInfo{ - ID: "http.handlers.cache", - New: func() caddy.Module { return new(Cache) }, - } -} - -// Provision provisions c. -func (c *Cache) Provision(ctx caddy.Context) error { - // TODO: use UsagePool so that cache survives config reloads - TODO: a single cache for whole process? - maxSize := c.MaxSize - if maxSize == 0 { - const maxMB = 512 - maxSize = int64(maxMB << 20) - } - poolMu.Lock() - if pool == nil { - pool = groupcache.NewHTTPPool(c.Self) - c.group = groupcache.NewGroup(groupName, maxSize, groupcache.GetterFunc(c.getter)) - } else { - c.group = groupcache.GetGroup(groupName) - } - pool.Set(append(c.Peers, c.Self)...) - poolMu.Unlock() - - return nil -} - -// Validate validates c. -func (c *Cache) Validate() error { - if c.Self == "" { - return fmt.Errorf("address of this instance (self) is required") - } - if c.MaxSize < 0 { - return fmt.Errorf("size must be greater than 0") - } - return nil -} - -func (c *Cache) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error { - // TODO: proper RFC implementation of cache control headers... - if r.Header.Get("Cache-Control") == "no-cache" || (r.Method != "GET" && r.Method != "HEAD") { - return next.ServeHTTP(w, r) - } - - getterCtx := getterContext{w, r, next} - ctx := context.WithValue(r.Context(), getterContextCtxKey, getterCtx) - - // TODO: rigorous performance testing - - // TODO: pretty much everything else to handle the nuances of HTTP caching... - - // TODO: groupcache has no explicit cache eviction, so we need to embed - // all information related to expiring cache entries into the key; right - // now we just use the request URI as a proof-of-concept - key := r.RequestURI - - var cachedBytes []byte - err := c.group.Get(ctx, key, groupcache.AllocatingByteSliceSink(&cachedBytes)) - if err == errUncacheable { - return nil - } - if err != nil { - return err - } - - // the cached bytes consists of two parts: first a - // gob encoding of the status and header, immediately - // followed by the raw bytes of the response body - rdr := bytes.NewReader(cachedBytes) - - // read the header and status first - var hs headerAndStatus - err = gob.NewDecoder(rdr).Decode(&hs) - if err != nil { - return err - } - - // set and write the cached headers - for k, v := range hs.Header { - w.Header()[k] = v - } - w.WriteHeader(hs.Status) - - // write the cached response body - io.Copy(w, rdr) - - return nil -} - -func (c *Cache) getter(ctx context.Context, key string, dest groupcache.Sink) error { - combo := ctx.Value(getterContextCtxKey).(getterContext) - - // the buffer will store the gob-encoded header, then the body - buf := bufPool.Get().(*bytes.Buffer) - buf.Reset() - defer bufPool.Put(buf) - - // we need to record the response if we are to cache it; only cache if - // request is successful (TODO: there's probably much more nuance needed here) - rr := caddyhttp.NewResponseRecorder(combo.rw, buf, func(status int, header http.Header) bool { - shouldBuf := status < 300 - - if shouldBuf { - // store the header before the body, so we can efficiently - // and conveniently use a single buffer for both; gob - // decoder will only read up to end of gob message, and - // the rest will be the body, which will be written - // implicitly for us by the recorder - err := gob.NewEncoder(buf).Encode(headerAndStatus{ - Header: header, - Status: status, - }) - if err != nil { - log.Printf("[ERROR] Encoding headers for cache entry: %v; not caching this request", err) - return false - } - } - - return shouldBuf - }) - - // execute next handlers in chain - err := combo.next.ServeHTTP(rr, combo.req) - if err != nil { - return err - } - - // if response body was not buffered, response was - // already written and we are unable to cache - if !rr.Buffered() { - return errUncacheable - } - - // add to cache - dest.SetBytes(buf.Bytes()) - - return nil -} - -type headerAndStatus struct { - Header http.Header - Status int -} - -type getterContext struct { - rw http.ResponseWriter - req *http.Request - next caddyhttp.Handler -} - -var bufPool = sync.Pool{ - New: func() interface{} { - return new(bytes.Buffer) - }, -} - -var ( - pool *groupcache.HTTPPool - poolMu sync.Mutex -) - -var errUncacheable = fmt.Errorf("uncacheable") - -const groupName = "http_requests" - -type ctxKey string - -const getterContextCtxKey ctxKey = "getter_context" - -// Interface guards -var ( - _ caddy.Provisioner = (*Cache)(nil) - _ caddy.Validator = (*Cache)(nil) - _ caddyhttp.MiddlewareHandler = (*Cache)(nil) -) diff --git a/modules/caddyhttp/matchers.go b/modules/caddyhttp/matchers.go index 043831f..81fc396 100644 --- a/modules/caddyhttp/matchers.go +++ b/modules/caddyhttp/matchers.go @@ -41,7 +41,7 @@ type ( // especially A/AAAA pointed at your server. // // Automatic HTTPS can be - // [customized or disabled](/docs/json/apps/http/servers/automatic_https/). + // [customized or disabled](/docs/modules/http#servers/automatic_https). MatchHost []string // MatchPath matches requests by the URI's path (case-insensitive). Path diff --git a/modules/caddyhttp/requestbody/requestbody.go b/modules/caddyhttp/requestbody/requestbody.go index dcebd8c..76cd274 100644 --- a/modules/caddyhttp/requestbody/requestbody.go +++ b/modules/caddyhttp/requestbody/requestbody.go @@ -34,7 +34,7 @@ type RequestBody struct { // CaddyModule returns the Caddy module information. func (RequestBody) CaddyModule() caddy.ModuleInfo { return caddy.ModuleInfo{ - ID: "http.handlers.request_body", // TODO: better name for this? + ID: "http.handlers.request_body", New: func() caddy.Module { return new(RequestBody) }, } } diff --git a/modules/caddyhttp/reverseproxy/caddyfile.go b/modules/caddyhttp/reverseproxy/caddyfile.go index 9ff9dce..cefb5b6 100644 --- a/modules/caddyhttp/reverseproxy/caddyfile.go +++ b/modules/caddyhttp/reverseproxy/caddyfile.go @@ -177,13 +177,36 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { return net.JoinHostPort(host, port), nil } + // appendUpstream creates an upstream for address and adds + // it to the list. If the address starts with "srv+" it is + // treated as a SRV-based upstream, and any port will be + // dropped. + appendUpstream := func(address string) error { + isSRV := strings.HasPrefix(address, "srv+") + if isSRV { + address = strings.TrimPrefix(address, "srv+") + } + dialAddr, err := upstreamDialAddress(address) + if err != nil { + return err + } + if isSRV { + if host, _, err := net.SplitHostPort(dialAddr); err == nil { + dialAddr = host + } + h.Upstreams = append(h.Upstreams, &Upstream{LookupSRV: dialAddr}) + } else { + h.Upstreams = append(h.Upstreams, &Upstream{Dial: dialAddr}) + } + return nil + } + for d.Next() { for _, up := range d.RemainingArgs() { - dialAddr, err := upstreamDialAddress(up) + err := appendUpstream(up) if err != nil { return err } - h.Upstreams = append(h.Upstreams, &Upstream{Dial: dialAddr}) } for d.NextBlock(0) { @@ -194,11 +217,10 @@ func (h *Handler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { return d.ArgErr() } for _, up := range args { - dialAddr, err := upstreamDialAddress(up) + err := appendUpstream(up) if err != nil { return err } - h.Upstreams = append(h.Upstreams, &Upstream{Dial: dialAddr}) } case "lb_policy": diff --git a/modules/caddyhttp/reverseproxy/circuitbreaker.go b/modules/caddyhttp/reverseproxy/circuitbreaker.go index 00b38a8..830ab43 100644 --- a/modules/caddyhttp/reverseproxy/circuitbreaker.go +++ b/modules/caddyhttp/reverseproxy/circuitbreaker.go @@ -24,12 +24,12 @@ import ( ) func init() { - caddy.RegisterModule(localCircuitBreaker{}) + caddy.RegisterModule(internalCircuitBreaker{}) } -// localCircuitBreaker implements circuit breaking functionality +// internalCircuitBreaker implements circuit breaking functionality // for requests within this process over a sliding time window. -type localCircuitBreaker struct { +type internalCircuitBreaker struct { tripped int32 cbFactor int32 threshold float64 @@ -39,15 +39,15 @@ type localCircuitBreaker struct { } // CaddyModule returns the Caddy module information. -func (localCircuitBreaker) CaddyModule() caddy.ModuleInfo { +func (internalCircuitBreaker) CaddyModule() caddy.ModuleInfo { return caddy.ModuleInfo{ - ID: "http.reverse_proxy.circuit_breakers.local", - New: func() caddy.Module { return new(localCircuitBreaker) }, + ID: "http.reverse_proxy.circuit_breakers.internal", + New: func() caddy.Module { return new(internalCircuitBreaker) }, } } // Provision sets up a configured circuit breaker. -func (c *localCircuitBreaker) Provision(ctx caddy.Context) error { +func (c *internalCircuitBreaker) Provision(ctx caddy.Context) error { f, ok := typeCB[c.Factor] if !ok { return fmt.Errorf("type is not defined") @@ -77,19 +77,19 @@ func (c *localCircuitBreaker) Provision(ctx caddy.Context) error { } // Ok returns whether the circuit breaker is tripped or not. -func (c *localCircuitBreaker) Ok() bool { +func (c *internalCircuitBreaker) Ok() bool { tripped := atomic.LoadInt32(&c.tripped) return tripped == 0 } // RecordMetric records a response status code and execution time of a request. This function should be run in a separate goroutine. -func (c *localCircuitBreaker) RecordMetric(statusCode int, latency time.Duration) { +func (c *internalCircuitBreaker) RecordMetric(statusCode int, latency time.Duration) { c.metrics.Record(statusCode, latency) c.checkAndSet() } // Ok checks our metrics to see if we should trip our circuit breaker, or if the fallback duration has completed. -func (c *localCircuitBreaker) checkAndSet() { +func (c *internalCircuitBreaker) checkAndSet() { var isTripped bool switch c.cbFactor { diff --git a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go index 9d2dc39..cff6b39 100644 --- a/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go +++ b/modules/caddyhttp/reverseproxy/fastcgi/fastcgi.go @@ -29,6 +29,7 @@ import ( "github.com/caddyserver/caddy/v2/modules/caddyhttp" "github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy" "github.com/caddyserver/caddy/v2/modules/caddytls" + "go.uber.org/zap" "github.com/caddyserver/caddy/v2" ) @@ -66,6 +67,7 @@ type Transport struct { WriteTimeout caddy.Duration `json:"write_timeout,omitempty"` serverSoftware string + logger *zap.Logger } // CaddyModule returns the Caddy module information. @@ -77,7 +79,8 @@ func (Transport) CaddyModule() caddy.ModuleInfo { } // Provision sets up t. -func (t *Transport) Provision(_ caddy.Context) error { +func (t *Transport) Provision(ctx caddy.Context) error { + t.logger = ctx.Logger(t) if t.Root == "" { t.Root = "{http.vars.root}" } @@ -110,6 +113,12 @@ func (t Transport) RoundTrip(r *http.Request) (*http.Response, error) { address = dialInfo.Address } + t.logger.Debug("roundtrip", + zap.Object("request", caddyhttp.LoggableHTTPRequest{Request: r}), + zap.String("dial", address), + zap.Any("env", env), // TODO: this uses reflection I think + ) + fcgiBackend, err := DialContext(ctx, network, address) if err != nil { // TODO: wrap in a special error type if the dial failed, so retries can happen if enabled @@ -164,7 +173,12 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { ip = strings.Replace(ip, "[", "", 1) ip = strings.Replace(ip, "]", "", 1) - root := repl.ReplaceAll(t.Root, ".") + // make sure file root is absolute + root, err := filepath.Abs(repl.ReplaceAll(t.Root, ".")) + if err != nil { + return nil, err + } + fpath := r.URL.Path // Split path in preparation for env variables. @@ -173,8 +187,8 @@ func (t Transport) buildEnv(r *http.Request) (map[string]string, error) { splitPos := t.splitPos(fpath) // Request has the extension; path was split successfully - docURI := fpath[:splitPos+len(t.SplitPath)] - pathInfo := fpath[splitPos+len(t.SplitPath):] + docURI := fpath[:splitPos] + pathInfo := fpath[splitPos:] scriptName := fpath // Strip PATH_INFO from SCRIPT_NAME @@ -292,7 +306,7 @@ func (t Transport) splitPos(path string) int { lowerPath := strings.ToLower(path) for _, split := range t.SplitPath { if idx := strings.Index(lowerPath, strings.ToLower(split)); idx > -1 { - return idx + return idx + len(split) } } return -1 diff --git a/modules/caddyhttp/reverseproxy/hosts.go b/modules/caddyhttp/reverseproxy/hosts.go index 602aab2..a7709ee 100644 --- a/modules/caddyhttp/reverseproxy/hosts.go +++ b/modules/caddyhttp/reverseproxy/hosts.go @@ -17,6 +17,8 @@ package reverseproxy import ( "context" "fmt" + "net" + "net/http" "strconv" "sync/atomic" @@ -63,10 +65,10 @@ type UpstreamPool []*Upstream type Upstream struct { Host `json:"-"` - // The [network address](/docs/json/apps/http/#servers/listen) + // The [network address](/docs/conventions#network-addresses) // to dial to connect to the upstream. Must represent precisely // one socket (i.e. no port ranges). A valid network address - // either has a host and port, or is a unix socket address. + // either has a host and port or is a unix socket address. // // Placeholders may be used to make the upstream dynamic, but be // aware of the health check implications of this: a single @@ -75,6 +77,11 @@ type Upstream struct { // backends is down. Also be aware of open proxy vulnerabilities. Dial string `json:"dial,omitempty"` + // If DNS SRV records are used for service discovery with this + // upstream, specify the DNS name for which to look up SRV + // records here, instead of specifying a dial address. + LookupSRV string `json:"lookup_srv,omitempty"` + // The maximum number of simultaneous requests to allow to // this upstream. If set, overrides the global passive health // check UnhealthyRequestCount value. @@ -118,6 +125,47 @@ func (u *Upstream) Full() bool { return u.MaxRequests > 0 && u.Host.NumRequests() >= u.MaxRequests } +// fillDialInfo returns a filled DialInfo for upstream u, using the request +// context. If the upstream has a SRV lookup configured, that is done and a +// returned address is chosen; otherwise, the upstream's regular dial address +// field is used. Note that the returned value is not a pointer. +func (u *Upstream) fillDialInfo(r *http.Request) (DialInfo, error) { + repl := r.Context().Value(caddy.ReplacerCtxKey).(*caddy.Replacer) + var addr caddy.ParsedAddress + + if u.LookupSRV != "" { + // perform DNS lookup for SRV records and choose one + srvName := repl.ReplaceAll(u.LookupSRV, "") + _, records, err := net.DefaultResolver.LookupSRV(r.Context(), "", "", srvName) + if err != nil { + return DialInfo{}, err + } + addr.Network = "tcp" + addr.Host = records[0].Target + addr.StartPort, addr.EndPort = uint(records[0].Port), uint(records[0].Port) + } else { + // use provided dial address + var err error + dial := repl.ReplaceAll(u.Dial, "") + addr, err = caddy.ParseNetworkAddress(dial) + if err != nil { + return DialInfo{}, fmt.Errorf("upstream %s: invalid dial address %s: %v", u.Dial, dial, err) + } + if numPorts := addr.PortRangeSize(); numPorts != 1 { + return DialInfo{}, fmt.Errorf("upstream %s: dial address must represent precisely one socket: %s represents %d", + u.Dial, dial, numPorts) + } + } + + return DialInfo{ + Upstream: u, + Network: addr.Network, + Address: addr.JoinHostPort(0), + Host: addr.Host, + Port: strconv.Itoa(int(addr.StartPort)), + }, nil +} + // upstreamHost is the basic, in-memory representation // of the state of a remote host. It implements the // Host interface. @@ -204,27 +252,6 @@ func (di DialInfo) String() string { return caddy.JoinNetworkAddress(di.Network, di.Host, di.Port) } -// fillDialInfo returns a filled DialInfo for the given upstream, using -// the given Replacer. Note that the returned value is not a pointer. -func fillDialInfo(upstream *Upstream, repl *caddy.Replacer) (DialInfo, error) { - dial := repl.ReplaceAll(upstream.Dial, "") - addr, err := caddy.ParseNetworkAddress(dial) - if err != nil { - return DialInfo{}, fmt.Errorf("upstream %s: invalid dial address %s: %v", upstream.Dial, dial, err) - } - if numPorts := addr.PortRangeSize(); numPorts != 1 { - return DialInfo{}, fmt.Errorf("upstream %s: dial address must represent precisely one socket: %s represents %d", - upstream.Dial, dial, numPorts) - } - return DialInfo{ - Upstream: upstream, - Network: addr.Network, - Address: addr.JoinHostPort(0), - Host: addr.Host, - Port: strconv.Itoa(int(addr.StartPort)), - }, nil -} - // GetDialInfo gets the upstream dialing info out of the context, // and returns true if there was a valid value; false otherwise. func GetDialInfo(ctx context.Context) (DialInfo, bool) { diff --git a/modules/caddyhttp/reverseproxy/reverseproxy.go b/modules/caddyhttp/reverseproxy/reverseproxy.go index 4837736..918f7a6 100644 --- a/modules/caddyhttp/reverseproxy/reverseproxy.go +++ b/modules/caddyhttp/reverseproxy/reverseproxy.go @@ -313,7 +313,7 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyht // the dial address may vary per-request if placeholders are // used, so perform those replacements here; the resulting // DialInfo struct should have valid network address syntax - dialInfo, err := fillDialInfo(upstream, repl) + dialInfo, err := upstream.fillDialInfo(r) if err != nil { return fmt.Errorf("making dial info: %v", err) } diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go index 461865c..c7780b0 100644 --- a/modules/caddyhttp/server.go +++ b/modules/caddyhttp/server.go @@ -172,7 +172,12 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { logger := accLog if s.Logs != nil && s.Logs.LoggerNames != nil { - logger = logger.Named(s.Logs.LoggerNames[r.Host]) + if loggerName, ok := s.Logs.LoggerNames[r.Host]; ok { + logger = logger.Named(loggerName) + } else { + // see if there's a default log name to attach to + logger = logger.Named(s.Logs.LoggerNames[""]) + } } log := logger.Info diff --git a/modules/caddyhttp/standard/imports.go b/modules/caddyhttp/standard/imports.go index 1effb5a..a0ccf6e 100644 --- a/modules/caddyhttp/standard/imports.go +++ b/modules/caddyhttp/standard/imports.go @@ -5,12 +5,10 @@ import ( _ "github.com/caddyserver/caddy/v2/modules/caddyhttp" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/encode" - _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/brotli" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/headers" - _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/httpcache" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi" diff --git a/modules/logging/filewriter.go b/modules/logging/filewriter.go index e9c2dd8..4d30618 100644 --- a/modules/logging/filewriter.go +++ b/modules/logging/filewriter.go @@ -168,7 +168,7 @@ func (fw *FileWriter) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { if err != nil { return d.Errf("parsing size: %v", err) } - fw.RollSizeMB = int(size) / 1024 / 1024 + fw.RollSizeMB = int(size)/1024/1024 + 1 case "roll_keep": var keepStr string diff --git a/modules/standard/import.go b/modules/standard/import.go index a88200f..dddf712 100644 --- a/modules/standard/import.go +++ b/modules/standard/import.go @@ -3,8 +3,6 @@ package standard import ( // standard Caddy modules _ "github.com/caddyserver/caddy/v2/caddyconfig/caddyfile" - _ "github.com/caddyserver/caddy/v2/caddyconfig/json5" - _ "github.com/caddyserver/caddy/v2/caddyconfig/jsonc" _ "github.com/caddyserver/caddy/v2/modules/caddyhttp/standard" _ "github.com/caddyserver/caddy/v2/modules/caddypki" _ "github.com/caddyserver/caddy/v2/modules/caddytls" |