summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-08-06cmd: Split unix sockets for admin endpoint addresses (#5696)Emily
* cmd: fix cli when admin endpoint uses new unix socket permission format Fixes a bug where the following Caddyfile ```Caddyfile { admin unix/admin.sock|0660 } ``` and `caddy reload --config Caddyfile` would throw the following error instead of reloading it: ``` INFO using provided configuration {"config_file": "Caddyfile", "config_adapter": ""} Error: sending configuration to instance: performing request: Post "http://127.0.0.1/load": dial unix admin.sock|0660: connect: no such file or directory [ERROR] exit status 1 ``` --- This bug also affected `caddy start` and `caddy stop`. * Move splitter function to internal --------- Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2023-08-05reverseproxy: do not parse upstream address too early if it contains ↵Mohammed Al Sahaf
replaceble parts (#5695) * reverseproxy: do not parse upstream address too early if it contains replaceble parts * remove unused method * cleanup * accommodate partially replaceable port
2023-08-04caddyfile: check that matched key is not a substring of the replacement key ↵WeidiDeng
(#5685)
2023-08-04chore: use `--clean` instead of `--rm-dist` for goreleaser (#5691)Mohammed Al Sahaf
2023-08-03go.mod: Upgrade quic-go to v0.37.2 (fix #5680)Matthew Holt
2023-08-03fileserver: browse: Render SVG images in gridMatthew Holt
2023-08-03reverseproxy: Fix hijack ordering which broke websockets (#5679)WeidiDeng
2023-08-03httpcaddyfile: Fix `string does not match ~[]E` error (#5675)Herman Slatman
Only happens for some people. Unable to confirm.
2023-08-02encode: Fix infinite recursion (#5672)Francis Lavoie
2023-08-02caddyhttp: Make use of `http.ResponseController` (#5654)Francis Lavoie
* caddyhttp: Make use of http.ResponseController Also syncs the reverseproxy implementation with stdlib's which now uses ResponseController as well https://github.com/golang/go/commit/2449bbb5e614954ce9e99c8a481ea2ee73d72d61 * Enable full-duplex for HTTP/1.1 * Appease linter * Add warning for builds with Go 1.20, so it's less surprising to users * Improved godoc for EnableFullDuplex, copied text from stdlib * Only wrap in encode if not already wrapped
2023-08-02go.mod: Upgrade dependencies esp. smallstep/certificatesMatthew Holt
This prevents initialization of a .step folder when it's not used.
2023-08-02core: Allow loopback hosts for admin endpoint (fix #5650) (#5664)Matt Holt
2023-08-02httpcaddyfile: Allow `hostnames` & logger name overrides for log directive ↵Francis Lavoie
(#5643) * httpcaddyfile: Allow `hostnames` override for log directive * Implement access logger name overrides * Fix panic & default logger clobbering edgecase
2023-08-01reverseproxy: Connection termination cleanup (#5663)mmm444
2023-07-31go.mod: Use quic-go 0.37.1Matthew Holt
Should fix panic in Go 1.21 where there was no RemoteAddr.
2023-07-25reverseproxy: Export ipVersions type (#5648)Omar Ramadan
allows AUpstreams to be instantiated externally
2023-07-25go.mod: Use latest CertMagic (v0.19.1)Matthew Holt
Fixes race condition
2023-07-25caddyhttp: Preserve original error (fix #5652)Matthew Holt
2023-07-22fileserver: add lazy image loading (#5646)ydylla
2023-07-21go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644)Marten Seemann
* update quic-go to v0.37.0 * Bump to Go 1.20 * Bump golangci-lint version, yml syntax consistency * Use skip-pkg-cache workaround * Workaround needed for both? * Seeding weakrand is no longer necessary --------- Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-07-21core: Refine mutex during reloads (fix #5628) (#5645)Matt Holt
Separate currentCtxMu to protect currentCtx, and a new rawCfgMu to protect rawCfg and synchronize loads.
2023-07-17go.mod: update quic-go to v0.36.2 (#5636)bt90
2023-07-17fileserver: Tweak grid view of browse templateMatthew Holt
All cells on row have same height. Center-align vertically.
2023-07-13fileserver: add `export-template` sub-command to `file-server` (#5630)Mohammed Al Sahaf
2023-07-12caddyfile: Fix comparing if two tokens are on the same line (#5626)WeidiDeng
* fix comparing if two tokens are on the same line * compare tokens from copies when importing
2023-07-11caddytls: Reuse certificate cache through reloads (#5623)Matt Holt
* caddytls: Don't purge cert cache on config reload * Update CertMagic This actually avoids reloading managed certs from storage when already in the cache, d'oh. * Fix bug; re-implement HasCertificateForSubject * Update go.mod: CertMagic tag
2023-07-08Minor tweaks to security.mdMatt Holt
2023-07-08reverseproxy: Pointer receiverMatthew Holt
This avoids copying the Upstream, which has an atomically-accessed value in it.
2023-07-08caddyhttp: Trim dot/space only on Windows (fix #5613)Matthew Holt
Follow-up to #2917. Path matcher needs to trim dots and spaces but only on Windows.
2023-07-01update quic-go to v0.36.1 (#5611)Marten Seemann
2023-06-30caddyconfig: Specify config adapter for HTTP loader (close #5607)Matthew Holt
2023-06-30core: Embed net.UDPConn to gain optimizations (#5606)WeidiDeng
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-06-30chore: remove deprecated property `rlcp` in goreleaser config (#5608)Mohammed Al Sahaf
2023-06-24core: Skip `chmod` for abstract unix sockets (#5596)Emily
because those aren't real paths on the filesystem and thus can't be `chmod`ed
2023-06-23core: Add optional unix socket file permissions (#4741)Emily
* core: Add optional unix socket file permissions This commit also changes the default unix socket file permissions to `u=w,g=,o=` (octal: `0200`). It used to default to the shell's umask (usually `u=rwx,g=rx,o=rx`, octal: `0755`). `/run/caddy.sock` -> `/run/caddy.sock` with `0200` default perms `/run/caddy.sock|0222` -> `/run/caddy.sock` with `0222` perms `|` instead of `:` is used as a separator, to account for the `:` in Windows drive letters (e.g. `C:\absolute\path.sock`) Fun fact: The old unix(7) man page (pre Jun 2016) stated a socket needs both read and write perms. Turns out, only write perms are needed. Corrected in https://github.com/mkerrisk/man-pages/commit/7578ea2f85b272363d22680d69e7d32f0b59c83b Despite this, most implementations still default to read+write to this date. * Add cases with Windows paths to test * Require write perms for the owning user
2023-06-22reverseproxy: Honor `tls_except_port` for active health checks (#5591)Francis Lavoie
2023-06-21Appease linterMatthew Holt
2023-06-21Fix compile on Windows, hopefullyMatthew Holt
2023-06-21core: Properly preserve unix sockets (fix #5568)Matthew Holt
2023-06-21go.mod: Upgrade CertMagic for hotfixMatthew Holt
2023-06-21go.mod: Upgrade some dependenciesMatthew Holt
2023-06-21chore: upgrade otel (#5586)Omer Demirok
2023-06-21go.mod: Update quic-go to v0.36.0 (#5584)Marten Seemann
2023-06-20reverseproxy: weighted_round_robin load balancing policy (#5579)Saber Haj Rabiee
* added weighted round robin algorithm to load balancer * added an adapt integration test for wrr and fixed a typo * changed args format to Caddyfile args convention * added provisioner and validator for wrr * simplified the code and improved doc
2023-06-19reverseproxy: Experimental streaming timeouts (#5567)mmm444
* reverseproxy: WIP streaming timeouts * More verbose logging by using the child logger * reverseproxy: Implement streaming timeouts * reverseproxy: Refactor cleanup * reverseproxy: Avoid **time.Timer --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-06-16chore: remove refs of deprecated io/ioutil (#5576)guangwu
2023-06-15headers: Allow `>` to defer shortcut for replacements (#5574)Francis Lavoie
2023-06-13caddyhttp: Support custom network for HTTP/3 (#5573)Dominik Roos
Allow registering a custom network mapping for HTTP/3. This is useful if the original network for HTTP/1.1 and HTTP/2 is not a standard `unix`, `tcp4`, or `tcp6` network. To keep backwards compatibility, we fall back to `udp` if the original network is not registered in the mapping. Fixes #5555
2023-06-12reverseproxy: Fix parsing of source IP in case it's an ipv6 address (#5569)Corin Langosch
2023-06-05fileserver: browse: Better grid layout (#5564)365cent
* feat: better implementation of grid layout * fix: vertical alignment