summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-04-12caddytls: Disable OCSP stapling for manual certs (#4064)Matthew Holt
2021-04-12caddytls: Configurable storage clean intervalMatthew Holt
Can drastically reduce costs on storage backends where scans are expensive. Also reduced default interval to 24h. See https://github.com/silinternational/certmagic-storage-dynamodb/issues/18
2021-04-09caddyfile: reject cyclic imports (#4022)Mohammed Al Sahaf
* caddyfile: reject recursive self-imports * caddyfile: detect and reject cyclic imports of snippets and files * caddyfile: do not be stickler about connected nodes not being connected already * caddyfile: include missing test artifacts of cyclic imports * address review comments
2021-04-08ci: fuzz: add 4 more fuzzing targets (#4105)Mohammed Al Sahaf
2021-04-08fileserver: Add status code override (#4076)Francis Lavoie
After reading a question about the `handle_response` feature of `reverse_proxy`, I realized that we didn't have a way of serving an arbitrary file with a status code other than 200. This is an issue in situations where you want to serve a custom error page in routes that are not errors, like the aforementioned `handle_response`, where you may want to retain the status code returned by the proxy but write a response with content from a file. This feature is super simple, basically if a status code is configured (can be a status code number, or a placeholder string) then that status will be written out before serving the file - if we write the status code first, then the stdlib won't write its own (only the first HTTP status header wins).
2021-04-05notify: Send all sd_notify signals from main caddy process (#4060)Carl George
Initial sd_notify support was added in #3963, but that sent signals from both cmdRun and cmdReload. This approach has two drawbacks: - Reloads initiated via the API do not send signals. - The signals are sent from different processes, which requires the `NotifyAccess=exec` directive in the unit file. This change moves the NotifyReloading and NotifyReadiness invocations to Load, which address both of those drawbacks. It also adds a complimentary NotifyStopping method which is invoked from handleStop. All the notify methods are defined in a notify package to avoid an import loop.
2021-04-05go.mod: Update quic-go to v0.20.1 (#4075)Marten Seemann
2021-04-02httpcaddyfile: Fix panic in automation policy consolidation (#4104)Francis Lavoie
* httpcaddyfile: Add reproduce test * httpcaddyfile: Don't allow `i` to go below zero
2021-04-02caddyfile: Normalize line endings before comparing fmt result (#4103)Francis Lavoie
2021-04-01ci: accommodate go1.16 changes to go mod (#4102)Mohammed Al Sahaf
As of go1.16, the `go` commands will no longer make automatic changes to go.{mod,sum} files (see: https://blog.golang.org/go116-module-changes). This broke the release script which relied on `go mod download` and/or `go build` to automatically generate the go.sum file. This commit explicitly invokes `go mod tidy` to have the go.sum file generated.
2021-04-01Minor tweaksMatthew Holt
2021-04-01go.mod: Use latest CertMagicMatthew Holt
2021-04-01Use 600 instead of 644 for UUID fileMatthew Holt
Are you happy, linter?
2021-03-30Change os to ioutil for nowMatthew Holt
My editor automatically changed ioutil.ReadFile() to os.ReadFile() in accordance with Go 1.16 changes. I didn't notice this until pushing. But we still have to support Go 1.15 for a little while.
2021-03-30reverseproxy: Set cookie path to `/` when using cookie lb_policy (#4096)Dimitri Masson
2021-03-30caddy: Add InstanceID() methodMatthew Holt
Caddy can now generate and persist its own instance ID, a UUID that is stored in the data directory. This makes it possible to differentiate it from other instances in a cluster.
2021-03-29encode,staticfiles: Content negotiation, precompressed files (#4045)Steffen Brüheim
* encode: implement prefer setting * encode: minimum_length configurable via caddyfile * encode: configurable content-types which to encode * file_server: support precompressed files * encode: use ReponseMatcher for conditional encoding of content * linting error & documentation of encode.PrecompressedOrder * encode: allow just one response matcher also change the namespace of the encoders back, I accidently changed to precompressed >.> default matchers include a * to match to any charset, that may be appended * rounding of the PR * added integration tests for new caddyfile directives * improved various doc strings (punctuation and typos) * added json tag for file_server precompress order and encode matcher * file_server: add vary header, remove accept-ranges when serving precompressed files * encode: move Suffix implementation to precompressed modules
2021-03-29reverseproxy: Implement health_uri, deprecate health_path, supports query ↵Francis Lavoie
(#4050) * reverseproxy: Implement health_uri, replaces health_path, supports query Also fixes a bug with `health_status` Caddyfile parsing , it would always only take the first character of the status code even if it didn't end with "xx". * reverseproxy: Rename to URI, named logger, warn in Provision (for JSON)
2021-03-29go.mod: Migrate to golang.org/x/term (#4073)Simão Gomes Viana
golang.org/x/crypto/ssh/terminal is deprecated in favor of golang.org/x/term See https://github.com/caddyserver/caddy/pull/4073/checks?check_run_id=2152150495 Error: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck) See https://github.com/caddyserver/caddy/pull/4073/checks?check_run_id=2152228516 Error: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck) Test: go test -count=1 './...'
2021-03-29caddyhttp: improve grammar of comment for AllowH2C (#4072)Simão Gomes Viana
2021-03-29sigtrap_posix: add missing comma to SIGTERM info (#4078)Simão Gomes Viana
Was missing a comma, so added it
2021-03-29cmd: Use formatted logger for config adapter warnings (#4080)Francis Lavoie
2021-03-29cmd: main: fix minor doc typos (#4082)Simão Gomes Viana
Fixed typos in the documentation
2021-03-29headers: Fix Caddyfile parsing for `request_header` with matchers (#4085)Francis Lavoie
2021-03-29.gitignore: add IDE files (#4087)Simão Gomes Viana
These tend to clutter up repositories.
2021-03-19fileserver: Add a few more debug lines (#4063)Francis Lavoie
2021-03-19fileserver: Browse listing supports dark mode (#4066)rai
* Add dark color scheme media query * Theme search box, make everything less contrasting * Further contrast tweaks
2021-03-19CONTRIBUTING: fix spelling (#4070)Simão Gomes Viana
Minor spelling fixes to make this document even better
2021-03-12httpcaddyfile: Add `error` directive for the existing handler (#4034)Francis Lavoie
* httpcaddyfile: Add `error` directive for the existing handler * httpcaddyfile: Move `error` to the end of the order
2021-03-12logging: add replace filter for static value replacement (#4029)Aaron Taylor
This filter is intended to be useful in scenarios where you may want to redact a value with a static string, giving you information that the field did previously exist and was present, but not revealing the value itself in the logs. This was inspired by work on adding more complete support for removing sensitive values from logs [1]. An example use case would be the Authorization header in request log output, for which the value should usually not be logged, but it may be quite useful for debugging to confirm that the header was present in the request. [1] https://github.com/caddyserver/caddy/issues/3958
2021-03-12caddyconfig: add global option for configuring loggers (#4028)Aaron Taylor
This change is aimed at enhancing the logging module within the Caddyfile directive to allow users to configure logs other than the HTTP access log stream, which is the current capability of the Caddyfile [1]. The intent here is to leverage the same syntax as the server log directive at a global level, so that similar customizations can be added without needing to resort to a JSON-based configuration. Discussion for this approach happened in the referenced issue. Closes https://github.com/caddyserver/caddy/issues/3958 [1] https://caddyserver.com/docs/caddyfile/directives/log
2021-03-10map: Accept regex substitution in outputs (#3991)Rajat Jain
* Replace placeholders with regex groups * using Matcher methods * test added * linting fix * Revert "linting fix" This reverts commit cafd7296f43639bbcd2601bea79a47f60763a200. * Revert "test added" This reverts commit 3a76cc7b0bc5dcef15ca5c8ec22efcd4067d484c. * Revert "using Matcher methods" This reverts commit cc34337b8ebb61d40ec343cee0fc225a694d3db6. * tests added
2021-03-03reverseproxy: Fix upstreams with placeholders with no port (#4046)Francis Lavoie
2021-03-01rewrite: Implement regex path replacementsMatthew Holt
https://caddy.community/t/collapsing-multiple-forward-slashes-in-path-only/11626
2021-03-01fileserver: Don't replace in request paths (fix #4027)Matthew Holt
2021-02-26caddypki: Add SignWithRoot option for ACME serverMatthew Holt
See https://caddy.community/t/setting-up-a-caddy-pki-based-on-a-windows- root-ca-was-getting-pki-config/11616/7 Also improved a godoc comment in the caddytls package.
2021-02-25reverseproxy: Fix round robin data race (#4038)Matthew Holt
2021-02-24Update docs; commit setcap.shMatthew Holt
2021-02-24go.mod: Latest CertMagic (updated libdns conventions)Matthew Holt
2021-02-23core: Initialize logging before adminMatthew Holt
We'll see how this goes. https://caddy.community/t/calling-the-admin-api-from-within-a-route-route-causes-a-deadlock/11319
2021-02-22caddytls: Remove old asset migration code (close #3894)Matthew Holt
2021-02-22reverseproxy: Add duration/latency placeholders (close #4012) (#4013)Matt Holt
* reverseproxy: Add duration/latency placeholders (close #4012) (and #2268) Adds 4 placeholders, one is actually outside reverse proxy though: {http.request.duration} is how long since the server decoded the HTTP request (headers). {http.reverse_proxy.upstream.latency} is how long it took a proxy upstream to write the response header. {http.reverse_proxy.upstream.duration} is total time proxying to the upstream, including writing response body to client. {http.reverse_proxy.duration} is total time spent proxying, including selecting an upstream and retries. Obviously, most of these are only useful at the end of a request, like when writing response headers or logs. See also: https://caddy.community/t/any-equivalent-of-request-time-and-upstream-header-time-from-nginx/11418 * Add new placeholders to documentation
2021-02-22httpcaddyfile: Fix catch-all site block sortingMatthew Holt
A site block that has a catch-all and the shortest address is now sorted better. https://caddy.community/t/caddy-suddenly-directs-my-site-to-the-wrong-directive/11597/2
2021-02-18ci: Build and test on Go 1.16, bump minimum to 1.15 (#4024)Francis Lavoie
* ci: Build and test on Go 1.16 * ci: Drop Go 1.14 support
2021-02-16caddy: Support SetReadBuffer and SyscallConn for QUIC (fix #3998)Matthew Holt
Supersedes #3999
2021-02-16Improve security warningsMatthew Holt
2021-02-15httpcaddyfile: Configure other apps from global options (#3990)Francis Lavoie
2021-02-15cmd: Clean up `build-info` and `upgrade` outputMatthew Holt
2021-02-11caddyhttp: Support placeholders in header matcher values (close #3916)Matthew Holt
2021-02-10caddytls: Save email with account if not already specifiedMatthew Holt
I'm pretty sure this fixes a bug when the default email is used...