summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-28fuzz-ci: fix & enhance fuzzing process (#2835)Mohammed Al Sahaf
* fuzz-ci: fix the authentication call for fuzzit by using the --api-key flag rather than the `auth` command * Allow fuzzing on schedules as well as non-fork PRs Closes #2710
2019-10-25fuzz: introduce continuous fuzzing for Caddy (#2723)Mohammed Al Sahaf
* fuzz: lay down the foundation for continuous fuzzing * improve the fuzzers and add some * fuzz: add Fuzzit badge to README & enable fuzzers submission in CI * v2-fuzz: do away with the submodule approach for fuzzers * fuzz: enable fuzzit
2019-10-21tls: Make the on-demand rate limiter actually workMatthew Holt
This required a custom rate limiter implementation in CertMagic
2019-10-19rewrite: Options to strip prefix/suffix and issue redirectsMatthew Holt
Fixes #2011
2019-10-17v2 ci: speed up some of powershell's processes (#2818)Mohammed Al Sahaf
* v2: speed up some of powershell's processes * v2-ci: downloading latest Go on Windows isn't slow anymore, so update the log message accordingly * v2: CI: use 7z on Windows instead of Expand-Archive
2019-10-16tls: Asynchronous cert management at startup (uses CertMagic v0.8.0)Matthew Holt
2019-10-16Minor enhancements/fixes to rewrite directive and template virt req'sMatthew Holt
2019-10-15v2: Make tests work on Windows (#2782)Matt Holt
* file_server: Make tests work on Windows * caddyfile: Fix escaping when character is not escapable We only escape certain characters depending on inside or outside of quotes (mainly newlines and quotes). We don't want everyone to have to escape Windows file paths like C:\\Windows\\... but we can't drop the \ either if it's just C:\Windows\...
2019-10-15v2: Project-and-CI-wide linter config (#2812)Mohammed Al Sahaf
* v2: split golangci-lint configuration into its own file to allow code editors to take advantage of it * v2: simplify code * v2: set the correct lint output formatting * v2: invert the logic of linter's configuration of output formatting to allow the editor convenience over CI-specific customization. Customize the output format in CI by passing the flag. * v2: remove irrelevant golangci-lint config
2019-10-15caddyhttp: Improve ResponseRecorder to buffer headersMatthew Holt
2019-10-14caddyhttp: host labels placeholders endianness from right->leftMatthew Holt
https://caddy.community/t/labeln-placeholder-endian-issue/5366 (I thought we had this before but it must have gotten lost somewhere)
2019-10-14caddyhttp: Support placeholders in MatchHost (#2810)Pascal
* Replace global placeholders in host matcher * caddyhttp: Fix panic on MatchHost tests
2019-10-11reverse_proxy: optimize MaxIdleConnsPerHost default (#2809)yzongyue
2019-10-11reverse_proxy: Allow dynamic backends (closes #990 and #1539)Matthew Holt
This PR enables the use of placeholders in an upstream's Dial address. A Dial address must represent precisely one socket after replacements. See also #998 and #1639.
2019-10-11go.mod: Use latest certmagic which uses lego v3.1.0Matthew Holt
2019-10-10reverse_proxy: Customize SNI value in upstream request (closes #2483)Matthew Holt
2019-10-10go.mod: Update dependenciesMatthew Holt
2019-10-10Miscellaneous cleanups / commentsMatthew Holt
2019-10-10caddyhttp: Make responseRecorder capable of counting body sizeMatthew Holt
2019-10-10Remove unused/placeholder log handlerMatthew Holt
2019-10-10cmd: Plug in the http.handlers.authentication moduleMatthew Holt
2019-10-10http: authentication module; hash-password cmd; http_basic providerMatthew Holt
This implements HTTP basicauth into Caddy 2. The basic auth module will not work with passwords that are not securely hashed, so a subcommand hash-password was added to make it convenient to produce those hashes. Also included is Caddyfile support. Closes #2747.
2019-10-10caddyhttp: Add RemoteAddr placeholders (#2801)Pascal
* Ignore build artifacts * Add RemoteAddr placeholders
2019-10-10Merge pull request #2799 from caddyserver/v2-enterprise-mergeMatt Holt
v2: Merge enterprise code into open source v2 branch
2019-10-10http: Add Starlark handlerMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to #2786. The Starlark integration needs to be updated since this was made before some significant changes in the v2 code base. When functional, it makes it possible to have very dynamic HTTP handlers. This will be a long-term ongoing project. Credit to Danny Navarro
2019-10-09readme: Remove mentions of Caddy Enterprise (as per #2786)Matthew Holt
2019-10-09tls: Add custom certificate selection policyMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. Custom certificate selection policies allow advanced control over which cert is selected when multiple qualify to satisfy a TLS handshake.
2019-10-09tls: Add distributed_stek moduleMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. TLS session ticket keys are sensitive, so they should be rotated on a regular basis. Only Caddy does this by default. However, a cluster of servers that rotate keys without synchronization will lose the benefits of having sessions in the first place if the client is routed to a different backend. This module coordinates STEK rotation in a fleet so the same keys are used, and rotated, across the whole cluster. No other server does this, but Twitter wrote about how they hacked together a solution a few years ago: https://blog.twitter.com/engineering/en_us/a/2013/forward-secrecy-at-twitter.html
2019-10-09tls: Add pem_loader moduleMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The PEM loader allows you to embed PEM files (certificates and keys) directly into your config, rather than requiring them to be stored on potentially insecure storage, which adds attack vectors. This is useful in automated settings where sensitive key material is stored only in memory. Note that if the config is persisted to disk, that added benefit may go away, but there will still be the benefit of having lesser dependence on external files.
2019-10-09reverse_proxy: Add local circuit breakerMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The local circuit breaker is a simple metrics counter that can cause the reverse proxy to consider a backend unhealthy before it actually goes offline, by measuring recent latencies over a sliding window. Credit to Danny Navarro
2019-10-09http: Add work-in-progress cache handler moduleMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The cache HTTP handler will be a high-performing, distributed cache layer for HTTP requests. Right now, the implementation is a very basic proof-of-concept, and further development is required.
2019-10-09admin: /config and /id endpointsMatthew Holt
This integrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The /config and /id endpoints make granular config changes possible as well as the exporting of the current configuration. The /load endpoint has been modified to wrap the /config handler so that the currently-running config can always be available for export. The difference is that /load allows configs of varying formats and converts them using config adapters. The adapted config is then processed with /config as JSON. The /config and /id endpoints accept only JSON.
2019-10-08cmd: Built-in commands all use RegisterCommand (#2794)yzongyue
2019-10-06cmd/main: Plug in json5 and jsonc config adaptersMatthew Holt
2019-10-06cmd: adapt: Default --adapter value is "caddyfile"Matthew Holt
2019-10-06rewrite: Return parse error if too many Caddyfile args (fixes #2791)Matthew Holt
2019-10-05reverse_proxy: Implement retry_match; by default only retry GET requestsMatthew Holt
See https://caddy.community/t/http-proxy-and-non-get-retries/6304
2019-10-05caddyhttp: Define MatcherSets and RawMatcherSets typesMatthew Holt
2019-10-04file_server: Set default address to :2015 if --listen not specifiedMatthew Holt
2019-10-04reverse_proxy: Configurable request headers on active health checksMatthew Holt
See https://caddy.community/t/health-check-user-agent/6309
2019-10-03Add file-server and reverse-proxy subcommandsMatthew Holt
2019-10-02caddytls: nil check on storageClean fields on StopMatthew Holt
2019-10-01Update CLI docs in READMEMatthew Holt
2019-10-01v2: introduce CI (#2768)Mohammed Al Sahaf
* v2: introduce CI for v2 branch * v2-ci: split test report generation from test pass to preserve exit code * v2-ci: spilt lint results from unit test results * v2-ci: fix testRunTitle name * v2-ci: break up the steps for more accurate status indicators * v2-ci: break steps into different jobs * v2-ci: revert back to single-job pattern * v2-ci: reflect the true result by coercing SucceededWithIssues into Failed in the last step * v2-ci: don't fail the build on lint errors
2019-10-01go.mod: Use latest certmagicMatthew Holt
2019-10-01cmd: CLI improvements; add --validate to adapt commandMatthew Holt
2019-09-30cmd: Add validate subcommand; list-modules --versions; some renamingMatthew Holt
Renames --config-adapter flag to --adapter, adapt-config command to adapt, --print-env flag to --environ, and --input flag to --config.
2019-09-30cmd: Refactor subcommands, add help, make them pluggableaca
* cli: Change command structure, add help subcommand (#328) * cli: improve subcommand structure - make help command as normal subcommand - add flag usage message for each command * cmd: Refactor subcommands and command line help; make commands pluggable
2019-09-30caddytls: Ensure automation field is not nil when appending (fix #2779)Matthew Holt