summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-02-04httpcaddyfile: Make root directive mutually exclusiveMatthew Holt
See https://caddy.community/t/caddyfile-and-v2/6766/22?u=matt
2020-02-04header: caddyfile: Defer header operations for deletions or manuallyMatthew Holt
See https://caddy.community/t/caddy-server-that-returns-only-ip-address-as-text/6928/6?u=matt In most cases, we will want to apply header operations immediately, rather than waiting until the response is written. The exceptions are generally going to be if we are deleting a header field or if a field is to be overwritten. We now automatically defer header ops if deleting a header field, and allow the user to manually enable deferred mode with the defer subdirective.
2020-02-04cmd: adapt: Make --config flag optional when Caddyfile existsMatthew Holt
2020-02-03v2: only compare TLS protocol versions if both are set (#3005)Mohammed Al Sahaf
2020-01-23httpcaddyfile: Skip hosts from auto-https when http:// scheme (fix #2998)Matthew Holt
2020-01-22cmd: Emit error if reload cannot find a config to loadMatthew Holt
2020-01-22http: Fix vars matcherMatthew Holt
2020-01-22rewrite: Prepend "/" if missing from strip path prefixMatthew Holt
Paths always begin with a slash, and omitting the leading slash could be convenient to avoid confusion with a path matcher in the Caddyfile. I do not think there would be any harm to implicitly add the leading slash.
2020-01-22reverseproxy: Fix casing of RootCAPEMFilesMatthew Holt
2020-01-22reverseproxy: Accept integer values for flush_interval (fix #2996)Matthew Holt
2020-01-22httpcaddyfile: Rename 'headers' directive to 'header'Matthew Holt
2020-01-22cmd: Make --config flag optional for reload commandMatthew Holt
In case it is using the default Caddyfile
2020-01-22httpcaddyfile: Update directive docs; put root after rewriteMatthew Holt
2020-01-22httpcaddyfile: Get rid of 'tls off' parameter; probably not usefulMatthew Holt
2020-01-19httpcaddyfile: Fix address parsing; don't infer port at parse-timeMatthew Holt
Before, listener ports could be wrong because ParseAddress doesn't know about the user-configured HTTP/HTTPS ports, instead hard-coding port 80 or 443, which could be wrong if the user changed them to something else. Now we defer port and scheme validation/inference to a later part of building the output JSON.
2020-01-18Merge pull request #2980 from moorereason/bugfix-ciphersuite-loggingZaq? Wiedmann
v2: http: Fix ciphersuite logging
2020-01-18reverse_proxy: CB docs; rename type -> factor (#2986)Mohammed Al Sahaf
* v2: add documentation for circuit breaker config and "random selection" load balancing policy * v2: rename circuit breaker config inline key from `type` to `breaker` to avoid json key clash between the `circuit_breaker` type and the `type` field of the generic circuit breaker Config struct used by circuit breaking implementations * v2: restore the circuit breaker inline key to `type` and rename the name circuit breaker config field from `Type` to `Factor`
2020-01-17httpcaddyfile: Move redir before rewriteMatthew Holt
Using rewrite is like saying, "I accept this request, but I just need to act on it as if it came in differently." Whereas redir implies more of, "I reject this request, send it to me differently, then I will process it." Makes sense for it to come before rewrites. This can always be changed using the 'order' global option if needed.
2020-01-17caddyhttp: Improve docs, and Caddyfile for respond directiveMatthew Holt
2020-01-17cmd: version: Add module replace to outputMatthew Holt
2020-01-16httpcaddyfile: Fix nested blocks; add handle directive; refactorMatthew Holt
The fix that was initially put forth in #2971 was good, but only for up to one layer of nesting. The real problem was that we forgot to increment nesting when already inside a block if we saw another open curly brace that opens another block (dispenser.go L157-158). The new 'handle' directive allows HTTP Caddyfiles to be designed more like nginx location blocks if the user prefers. Inside a handle block, directives are still ordered just like they are outside of them, but handler blocks at a given level of nesting are mutually exclusive. This work benefitted from some refactoring and cleanup.
2020-01-16http: Fix ciphersuite loggingCameron Moore
2020-01-16httpcaddyfile: Replace 'handler_order' option with 'order'Matthew Holt
This allows individual directives to be ordered relative to others, where order matters (for example HTTP handlers). Will primarily be useful when developing new directives, so you don't have to modify the Caddy source code. Can also be useful if you prefer that redir comes before rewrite, for example. Note that these are global options. The route directive can be used to give a specific order to a specific group of HTTP handler directives.
2020-01-16httpcaddyfile: Group try_files routes together (#2891)Matthew Holt
This ensures that only the first matching route is used.
2020-01-15caddyfile: Sort site subroutes by key specificity, and make exclusiveMatthew Holt
In the v1 Caddyfile, only the first matching site definition would be used, so setting these `Terminal: true` ensures that only the first matching one is used in v2, too. We also have to sort by key specificity... Caddy 1 had a special data structure for selecting the most specific site definition, but we don't have that structure in v2, so we need to sort by length (of host and path, separately). For blocks where more than one key is present, we choose the longest host and path (independently, need not be from same key) by which to sort.
2020-01-15rewrite: Make URI modifications more transactional (#2891)Matthew Holt
Before, modifying the path might have affected how a new query string was built if the query string relied on the path. Now, we build each component in isolation and only change the URI on the request later. Also, prevent trailing & in query string.
2020-01-13http: Refactor automatic HTTPS (fixes #2972)Matthew Holt
This splits automatic HTTPS into two phases. The first provisions the route matchers and uses them to build the domain set and configure auto HTTP->HTTPS redirects. This happens before the rest of the provisioning does. The second phase takes place at the beginning of the app start. It attaches pointers to the tls app to each server, and begins certificate management for the domains that were found in the first phase.
2020-01-12cmd: adapt: Set config filename so it can be hidden (fixes #2974)Matthew Holt
2020-01-12http: Fix subroutes, ensure that next handlers can still be calledMatthew Holt
2020-01-12http: Fix empty responsesMatthew Holt
Sigh... this is what I get for writing code when I'm tired and sick. See https://github.com/caddyserver/caddy/commit/8be1f0ea668492000cdefbd937e0359bdc24bfc1#r36764627
2020-01-11cmd: Assume Caddyfile if name starts with CaddyfileMatthew Holt
And doesn't have .json extension -- in case someone names their JSON config something like Caddyfile.json, which is unconventional.
2020-01-11http: A little more polish on rewrite handler and try_files directiveMatthew Holt
2020-01-11rewrite: Fix query string logicMatthew Holt
2020-01-11http: Ensure primary routes always get compiled (fix #2972)Matthew Holt
Including servers for HTTP->HTTPS redirects which do not get provisioned like the rest.
2020-01-10http: Remove {...query_string} placeholder, in favor of {...query}Matthew Holt
I am not sure if the query_string one is necessary or useful yet. We can always add it later if needed.
2020-01-10rewrite: Rename parameters; implement custom query string parserMatthew Holt
Our new parser also preserves original parameter order, rather than re-encoding using the std lib (which sorts). The renamed parameters are a breaking change but they're new enough that I don't think anyone is using them.
2020-01-10cmd: Add build-info command; update CertMagicMatthew Holt
2020-01-09caddyfile: advance cursor for claimed token in NewFromNextTokens() (#2971)Zaq? Wiedmann
When we append a token to the new dispenser, we need to consume it in the parent, too; otherwise it gets scanned twice, which in this case messed up the nesting count which got decremented once too many times.
2020-01-09caddyfile: fix replacing variables on imported files (#2970)Mark Sargent
* fix replacing variables on imported files * refactored replaceEnvVars to ensure it is always called * Use byte slices for easier use Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-01-09caddyfile: Use of vars no longer requires nesting in subroutesMatthew Holt
This is because of our sequential handling logic which was recently merged; if vars is the first handler in the chain, it will be run before the next route's matchers are executed, so there's no need to nest the handlers anymore.
2020-01-09http: Don't use a Host matcher for HTTP->HTTPS redirectsMatthew Holt
In case on-demand TLS is enabled, in that case we don't know the only names that have automatic HTTPS. See https://caddy.community/t/v2-http-to-https-redirects-fail-for-on-demand-ssl-certs/6742?u=matt
2020-01-09Update docs for couple of Caddyfile directivesMatthew Holt
2020-01-09v2: Implement Caddyfile enhancements (breaking changes) (#2960)Matt Holt
* http: path matcher: exact match by default; substring matches (#2959) This is a breaking change. * caddyfile: Change "matcher" directive to "@matcher" syntax (#2959) * cmd: Assume caddyfile adapter for config files named Caddyfile * Sub-sort handlers by path matcher length (#2959) Caddyfile-generated subroutes have handlers, which are sorted first by directive order (this is unchanged), but within directives we now sort by specificity of path matcher in descending order (longest path first, assuming that longest path is most specific). This only applies if there is only one matcher set, and the path matcher in that set has only one path in it. Path matchers with two or more paths are not sorted like this; and routes with more than one matcher set are not sorted like this either, since specificity is difficult or impossible to infer correctly. This is a special case, but definitely a very common one, as a lot of routing decisions are based on paths. * caddyfile: New 'route' directive for appearance-order handling (#2959) * caddyfile: Make rewrite directives mutually exclusive (#2959) This applies only to rewrites in the top-level subroute created by the HTTP caddyfile.
2020-01-09caddyfile: Less strict URL parsing; allows placeholdersMatthew Holt
See https://caddy.community/t/caddy-v2-reusable-snippets/6744/11?u=matt
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2020-01-09caddyfile: Preprocess env vars in {$THIS} format (#2963)Mark Sargent
* transform a caddyfile with environment variables * support adapt time and runtime variables in the caddyfile * caddyfile: Pre-process environment variables before parsing Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-01-08go.mod: Update lego, tidy upMatthew Holt
2020-01-08http: Always set status code via response recorderMatthew Holt
Fixes panic if no upstream handler wrote anything to the response
2020-01-07reverse_proxy: Add tls_trusted_ca_certs to Caddyfile (#2936)Zaq? Wiedmann
Allows specifying ca certs with by filename in `reverse_proxy.transport`. Example ``` reverse_proxy /api api:443 { transport http { tls tls_trusted_ca_certs certs/rootCA.pem } } ```
2020-01-07basicauth: Accept placeholders; move base64 decoding to provisionMatthew Holt
See https://caddy.community/t/v2-basicauth-bug/6738?u=matt