summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-02-02httpcaddyfile: Fix default issuers when email providedMatthew Holt
If `tls <email>` is used, we should apply that to all applicable default issuers, not drop them. This refactoring applies implicit ACME issuer settings from the tls directive to all default ACME issuers, like ZeroSSL. We also consolidate some annoying logic and improve config validity checks. Ref: https://caddy.community/t/error-obtaining-certificate-after-caddy-restart/11335/8
2021-02-01cmd: Add --force flag to reload command (close #4005)Matthew Holt
Can be useful if user wants to reload manual certificates, for example.
2021-02-01httpcaddyfile: Warn if site address uses unspecified IP (close #4004)Matthew Holt
2021-02-01httpcaddyfile: Sort catch-all site blocks properly (fix #4003)Matthew Holt
2021-01-28ci: update the command to run tests on the s390x machine (#3995)Mohammed Al Sahaf
2021-01-28caddyhttp: Fix redir html status code, improve flow (#3987)Tyler Kropp
* Fix html redir code, improve flow * Fix integer check error and add tests
2021-01-28caddyhttp: Implement handler abort; new 'abort' directive (close #3871) (#3983)Matt Holt
* caddyhttp: Implement handler abort; new 'abort' directive (close #3871) * Move abort directive ordering; clean up redirects Seems logical for the end-all of handlers to go at the... end. The Connection header no longer needs to be set there, since Close is true, and the static_response handler now does that.
2021-01-27admin: Identity management, remote admin, config loaders (#3994)Matt Holt
This commits dds 3 separate, but very related features: 1. Automated server identity management How do you know you're connecting to the server you think you are? How do you know the server connecting to you is the server instance you think it is? Mutually-authenticated TLS (mTLS) answers both of these questions. Using TLS to authenticate requires a public/private key pair (and the peer must trust the certificate you present to it). Fortunately, Caddy is really good at managing certificates by now. We tap into that power to make it possible for Caddy to obtain and renew its own identity credentials, or in other words, a certificate that can be used for both server verification when clients connect to it, and client verification when it connects to other servers. Its associated private key is essentially its identity, and TLS takes care of possession proofs. This configuration is simply a list of identifiers and an optional list of custom certificate issuers. Identifiers are things like IP addresses or DNS names that can be used to access the Caddy instance. The default issuers are ZeroSSL and Let's Encrypt, but these are public CAs, so they won't issue certs for private identifiers. Caddy will simply manage credentials for these, which other parts of Caddy can use, for example: remote administration or dynamic config loading (described below). 2. Remote administration over secure connection This feature adds generic remote admin functionality that is safe to expose on a public interface. - The "remote" (or "secure") endpoint is optional. It does not affect the standard/local/plaintext endpoint. - It's the same as the [API endpoint on localhost:2019](https://caddyserver.com/docs/api), but over TLS. - TLS cannot be disabled on this endpoint. - TLS mutual auth is required, and cannot be disabled. - The server's certificate _must_ be obtained and renewed via automated means, such as ACME. It cannot be manually loaded. - The TLS server takes care of verifying the client. - The admin handler takes care of application-layer permissions (methods and paths that each client is allowed to use).\ - Sensible defaults are still WIP. - Config fields subject to change/renaming. 3. Dyanmic config loading at startup Since this feature was planned in tandem with remote admin, and depends on its changes, I am combining them into one PR. Dynamic config loading is where you tell Caddy how to load its config, and then it loads and runs that. First, it will load the config you give it (and persist that so it can be optionally resumed later). Then, it will try pulling its _actual_ config using the module you've specified (dynamically loaded configs are _not_ persisted to storage, since resuming them doesn't make sense). This PR comes with a standard config loader module called `caddy.config_loaders.http`. Caddyfile config for all of this can probably be added later. COMMITS: * admin: Secure socket for remote management Functional, but still WIP. Optional secure socket for the admin endpoint is designed for remote management, i.e. to be exposed on a public port. It enforces TLS mutual authentication which cannot be disabled. The default port for this is :2021. The server certificate cannot be specified manually, it MUST be obtained from a certificate issuer (i.e. ACME). More polish and sensible defaults are still in development. Also cleaned up and consolidated the code related to quitting the process. * Happy lint * Implement dynamic config loading; HTTP config loader module This allows Caddy to load a dynamic config when it starts. Dynamically-loaded configs are intentionally not persisted to storage. Includes an implementation of the standard config loader, HTTPLoader. Can be used to download configs over HTTP(S). * Refactor and cleanup; prevent recursive config pulls Identity management is now separated from remote administration. There is no need to enable remote administration if all you want is identity management, but you will need to configure identity management if you want remote administration. * Fix lint warnings * Rename identities->identifiers for consistency
2021-01-19caddycmd: Add upgrade command (#3972)Matt Holt
Replaces the current Caddy executable with a new one from the build server. Honors custom builds, as long as plugins are registered on the Caddy website. Requires permissions to replace current executable, of course. This is an experimental command that may get changed or removed later.
2021-01-19Revert "requestbody: Allow overwriting remote address"Matthew Holt
This reverts commit 0bf2046da7f2f5bf1b7d9fa055ae28de9a06ddaf. No actual use case.
2021-01-19caddytest: Update Caddyfile tests for formatting, HTTP-only blocksMatthew Holt
Previous commit improved the Caddyfile adapter so it doesn't unnecessarily add names to "skip" in "auto_https" when the server is already HTTP-only. This commit updates the tests to reflect that change, while also fixing the Caddyfile formatting in many of the tests. We also print the line number of the divergence between input and formatted version in Caddyfile adapt warnings - very useful for finding initial formatting problems.
2021-01-19httpcaddyfile: Skip TLS APs for HTTP-only hosts (fix #3977)Matthew Holt
This is probably an invasive change, but existing tests continue to pass. It seems to make sense this way. There is likely an edge case I haven't considered.
2021-01-16cmd: Print more detailed version with --environMatthew Holt
2021-01-16map: Add missing json struct tagMatthew Holt
2021-01-13tests: use actual admin port value in error message (#3973)Sven Dowideit
Signed-off-by: Sven Dowideit <sven.dowideit@csiro.au>
2021-01-12cmd: Implement sd_notify() to notify systemd about readiness (#3963)Stefan Tatschner
Issue: #3786 Based on Gaurav Dhameeja's work in #3908.
2021-01-11templates: Add fileExists and httpError template actionsMatthew Holt
The httpError function isn't particularly useful until https://github.com/golang/go/issues/34201 is fixed in the Go standard lib.
2021-01-11requestbody: Allow overwriting remote addressMatthew Holt
An experimental feature, let's see if it's useful.
2021-01-11rewrite: Use RawPath instead of Path (fix #3596) (#3918)go-d
Prevent information loss, i.e. the encoded form that was sent by the client, when using URL strip/replace.
2021-01-08Update docsMatthew Holt
2021-01-07caddytls: Configurable OCSP stapling; global option (closes #3714)Matthew Holt
Allows user to disable OCSP stapling (including support in the Caddyfile via the ocsp_stapling global option) or overriding responder URLs. Useful in environments where responders are not reachable due to firewalls.
2021-01-07logging: Remove logfmt encoder (close #3575)Matthew Holt
Has been deprecated for about 6 months now because it is broken.
2021-01-07httpcaddyfile: Support repeated use of cert_issuer global optionMatthew Holt
This changes the signature of UnmarshalGlobalFunc but this is probably OK since it's only used by this repo as far as we know. We need this change in order to "remember" the previous value in case a global option appears more than once, which is now a possibility with the cert_issuer option since Caddy now supports multiple issuers in the order defined by the user. Bonus: the issuer subdirective of tls now supports one-liner for "acme" when all you need to set is the directory: issuer acme <dir>
2021-01-06caddytls: add 'key_type' subdirective (#3956)Jordi Masip
* caddytls: add 'key_type' subdirective * Suggested change * *string -> string * test
2021-01-05caddyfile: Refactor unmarshaling of module tokensMatthew Holt
Eliminates a fair amount of repeated code
2021-01-04go.mod: Update CertMagic and acmez (improved IDN support)Matthew Holt
2021-01-04reverseproxy: Caddyfile health check headers, host header support (#3948)yaxin
* reverse_proxy: 1.health check headers can be set through Caddyfile using health_headers directive; 2.health check header host can be set properly * reverse_proxy: replace example with syntax definition inline health_headers directive parse function * bugfix: change caddyfile_adapt testcase file from space to tab * reverseproxy: modify health_header value document as optional and add more test cases
2021-01-04httpcaddyfile: Adjust iterator when removing AP (fix #3953)Matthew Holt
2021-01-04cmd: Organize list-modules output; --packages flag (#3925)Matt Holt
2021-01-04caddyfile: Introduce basic linting and fmt check (#3923)Matt Holt
* caddyfile: Introduce basic linting and fmt check This will help encourage people to keep their Caddyfiles tidy. * Remove unrelated tests I am not sure that testing the output of warnings here is quite the right idea; these tests are just for syntax and parsing success.
2020-12-30ci: force fetch the upstream tags (#3947)Mohammed Al Sahaf
2020-12-30metrics: allow disabling OpenMetrics negotiation (#3944)Dave Henderson
* metrics: allow disabling OpenMetrics negotiation Signed-off-by: Dave Henderson <dhenderson@gmail.com> * fixup! metrics: allow disabling OpenMetrics negotiation
2020-12-30ci: Add pushing to cloudsmith (#3941)Francis Lavoie
* ci: Add pushing to cloudsmith * ci: Update comments, remove env TODO * ci: Fix Cloudsmith installation by setting PATH * docs: Add Cloudsmith attribution to README * ci: Switch to keeping armv7 as the armhf .deb
2020-12-30fileserver: Fix "go up" links in browse listings (closes #3942)Matthew Holt
At some point we changed how paths are represented down the function calls of browse listings and forgot to update the canGoUp logic. I think this is right? It's simpler now.
2020-12-30ci: Update goreleaser to fix deprecation notices (#3945)Francis Lavoie
See https://goreleaser.com/deprecations#nfpmsfiles and https://goreleaser.com/deprecations#nfpmsconfig_files
2020-12-29ci: reject tags if not signed by Matthew Holt's key (#3932)Mohammed Al Sahaf
* ci: reject tags if not signed by Matthew Holt's key * ci: don't reject tags if an intermediate commits are not signed
2020-12-16caddyfile: Fix minor bug in formatterMatthew Holt
2020-12-15caddytls: Improve alt chain preference settingsMatthew Holt
This allows for finer-grained control when choosing alternate chains than simply the previous/Certbot-esque behavior of "choose first chain that contains an issuer's common name." This update allows you to sort by length (if optimizing for efficiency on the wire) and also to select the chain with a specific root CommonName.
2020-12-14reverseproxy: Minor lint fixesMatthew Holt
2020-12-10caddyhttp: Optionally use forwarded IP for remote_ip matcherMatthew Holt
The remote_ip matcher was reading the X-Forwarded-For header by default, but this behavior was not documented in anything that was released. This is also a less secure default, as it is trivially easy to spoof request headers. Reading IPs from that header should be optional, and it should not be the default. This is technically a breaking change, but anyone relying on the undocumented behavior was just doing so by coincidence/luck up to this point since it was never in any released documentation. We'll still add a mention in the release notes about this.
2020-12-10caddyhttp: Clean up internal auto-HTTPS redirect codeMatthew Holt
Refactor redirect route creation into own function. Improve condition for appending port. Fixes a bug manifested through new test case: TestAutoHTTPRedirectsWithHTTPListenerFirstInAddresses
2020-12-09caddyhttp: Document that remote_ip reads X-Forwarded-For headerMatthew Holt
https://caddy.community/t/remote-ip-behaviour/10762?u=matt
2020-12-09go.mod: Update CertMagic (fix #3911)Matthew Holt
2020-12-09httpcaddyfile: support matching headers that do not exist (#3909)Jack Baron
* add integration test for null header matcher * implement null header matcher syntax * avoid repeating magic ! * check for field following ! character
2020-12-08go.mod: Upgrade some dependenciesMatthew Holt
2020-12-07httpcaddyfile: Decrement counter when removing conn policy (fix #3906)Matthew Holt
2020-12-04fastcgi: Set PATH_INFO to file matcher remainder as fallback (#3739)Francis Lavoie
* fastcgi: Set PATH_INFO to file matcher remainder as fallback * fastcgi: Avoid changing scriptName when not necessary * Stylistic tweaks Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2020-12-04go.mod: update quic-go to v0.19.3 (#3901)Marten Seemann
2020-12-03caddyauth: Use structured logMatthew Holt
2020-12-03Merge remote-tracking branch 'origin/master'Matthew Holt