summaryrefslogtreecommitdiff
path: root/admin.go
AgeCommit message (Collapse)Author
2022-07-06admin: support ETag on config endpoints (#4579)jhwz
* admin: support ETags * support etags Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-03-25go.mod: Upgrade CertMagic to v0.16.0Matthew Holt
Includes several breaking changes; code base updated accordingly. - Added lots of context arguments - Use fs.ErrNotExist - Rename ACMEManager -> ACMEIssuer; CertificateManager -> Manager
2022-03-03core: Retry dynamic config load if config unchangedMatthew Holt
(see discussion in #4603)
2022-03-03core: Retry dynamic config load if error or no-op (#4603)Matthew Holt
Also fix ineffectual assignment (unrelated)
2022-03-02pki: Implement API endpoints for certs and `caddy trust` (#4443)Francis Lavoie
* admin: Implement /pki/certificates/<id> API * pki: Lower "skip_install_trust" log level to INFO See https://github.com/caddyserver/caddy/issues/4058#issuecomment-976132935 It's not necessary to warn about this, because this was an option explicitly configured by the user. Still useful to log, but we don't need to be so loud about it. * cmd: Export functions needed for PKI app, return API response to caller * pki: Rewrite `caddy trust` command to use new admin endpoint instead * pki: Rewrite `caddy untrust` command to support using admin endpoint * Refactor cmd and pki packages for determining admin API endpoint
2022-03-01core: Config LoadInterval -> LoadDelay for clarityMatthew Holt
And improve/clarify docs about this feature See #4577
2022-02-15admin: Write proper status on invalid requests (#4569) (fix #4561)Alok Naushad
2022-02-15admin: Enforce and refactor origin checkingMatthew Holt
Using URLs seems a little cleaner and more correct cf: https://caddy.community/t/protect-admin-endpoint/15114 (This used to work. Something must have changed recently.)
2022-01-05admin: Require identity for remote (fix #4478)Matthew Holt
2021-11-29caddyhttp: Split up logged remote address into IP and port (#4403)Francis Lavoie
2021-09-29Move from deprecated ioutil to os and io packages (#4364)KallyDev
2021-08-16admin: Sync server variables (fix #4260) (#4274)Steven Angles
* Synchronize server assignment/references to avoid data race * only hold lock during var reassignment
2021-07-28admin: Implement load_interval to pull config on a timer (#4246)王清雨
* feat: implement a simple timer to pull config mostly referenced to the issue re #4106 * Update admin.go use `caddy.Duration` Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Update caddy.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Update admin.go Co-authored-by: Francis Lavoie <lavofr@gmail.com> * fix: sync load config when no pull interval provided try not to make break change * fix: change PullInterval to LoadInterval * fix: change pull_interval to load_interval * Update caddy.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-06-05admin: Replace admin cert cache when reloading (fix #4184)Matthew Holt
2021-05-19admin: Reinstate internal redirect for /id/ requestsMatthew Holt
Fix regression from ab80ff4fd2911afc394b9dbceeb9f71c7a0b7ec1 (probably a mistake when rebasing) See https://caddy.community/t/id-selector-is-not-working-after-upgrade-to-2-4-0/12513?u=matt
2021-04-05notify: Send all sd_notify signals from main caddy process (#4060)Carl George
Initial sd_notify support was added in #3963, but that sent signals from both cmdRun and cmdReload. This approach has two drawbacks: - Reloads initiated via the API do not send signals. - The signals are sent from different processes, which requires the `NotifyAccess=exec` directive in the unit file. This change moves the NotifyReloading and NotifyReadiness invocations to Load, which address both of those drawbacks. It also adds a complimentary NotifyStopping method which is invoked from handleStop. All the notify methods are defined in a notify package to avoid an import loop.
2021-01-27admin: Identity management, remote admin, config loaders (#3994)Matt Holt
This commits dds 3 separate, but very related features: 1. Automated server identity management How do you know you're connecting to the server you think you are? How do you know the server connecting to you is the server instance you think it is? Mutually-authenticated TLS (mTLS) answers both of these questions. Using TLS to authenticate requires a public/private key pair (and the peer must trust the certificate you present to it). Fortunately, Caddy is really good at managing certificates by now. We tap into that power to make it possible for Caddy to obtain and renew its own identity credentials, or in other words, a certificate that can be used for both server verification when clients connect to it, and client verification when it connects to other servers. Its associated private key is essentially its identity, and TLS takes care of possession proofs. This configuration is simply a list of identifiers and an optional list of custom certificate issuers. Identifiers are things like IP addresses or DNS names that can be used to access the Caddy instance. The default issuers are ZeroSSL and Let's Encrypt, but these are public CAs, so they won't issue certs for private identifiers. Caddy will simply manage credentials for these, which other parts of Caddy can use, for example: remote administration or dynamic config loading (described below). 2. Remote administration over secure connection This feature adds generic remote admin functionality that is safe to expose on a public interface. - The "remote" (or "secure") endpoint is optional. It does not affect the standard/local/plaintext endpoint. - It's the same as the [API endpoint on localhost:2019](https://caddyserver.com/docs/api), but over TLS. - TLS cannot be disabled on this endpoint. - TLS mutual auth is required, and cannot be disabled. - The server's certificate _must_ be obtained and renewed via automated means, such as ACME. It cannot be manually loaded. - The TLS server takes care of verifying the client. - The admin handler takes care of application-layer permissions (methods and paths that each client is allowed to use).\ - Sensible defaults are still WIP. - Config fields subject to change/renaming. 3. Dyanmic config loading at startup Since this feature was planned in tandem with remote admin, and depends on its changes, I am combining them into one PR. Dynamic config loading is where you tell Caddy how to load its config, and then it loads and runs that. First, it will load the config you give it (and persist that so it can be optionally resumed later). Then, it will try pulling its _actual_ config using the module you've specified (dynamically loaded configs are _not_ persisted to storage, since resuming them doesn't make sense). This PR comes with a standard config loader module called `caddy.config_loaders.http`. Caddyfile config for all of this can probably be added later. COMMITS: * admin: Secure socket for remote management Functional, but still WIP. Optional secure socket for the admin endpoint is designed for remote management, i.e. to be exposed on a public port. It enforces TLS mutual authentication which cannot be disabled. The default port for this is :2021. The server certificate cannot be specified manually, it MUST be obtained from a certificate issuer (i.e. ACME). More polish and sensible defaults are still in development. Also cleaned up and consolidated the code related to quitting the process. * Happy lint * Implement dynamic config loading; HTTP config loader module This allows Caddy to load a dynamic config when it starts. Dynamically-loaded configs are intentionally not persisted to storage. Includes an implementation of the standard config loader, HTTPLoader. Can be used to download configs over HTTP(S). * Refactor and cleanup; prevent recursive config pulls Identity management is now separated from remote administration. There is no need to enable remote administration if all you want is identity management, but you will need to configure identity management if you want remote administration. * Fix lint warnings * Rename identities->identifiers for consistency
2020-11-22ci: Use golangci's github action for linting (#3794)Dave Henderson
* ci: Use golangci's github action for linting Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix most of the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the prealloc lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the misspell lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the varcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the errcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the bodyclose lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the deadcode lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the unused lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosec lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the gosimple lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the ineffassign lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Fix the staticcheck lint errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert the misspell change, use a neutral English Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove broken golangci-lint CI job Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Re-add errantly-removed weakrand initialization Signed-off-by: Dave Henderson <dhenderson@gmail.com> * don't break the loop and return * Removing extra handling for null rootKey * unignore RegisterModule/RegisterAdapter Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> * single-line log message Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Fix lint after a1808b0dbf209c615e438a496d257ce5e3acdce2 was merged Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Revert ticker change, ignore it instead Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Ignore some of the write errors Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Remove blank line Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Use lifetime Signed-off-by: Dave Henderson <dhenderson@gmail.com> * close immediately Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * Preallocate configVals Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Update modules/caddytls/distributedstek/distributedstek.go Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-09-25admin: lower log level to Debug for /metrics requests (#3749)Dave Henderson
* admin: lower log level to Debug for /metrics requests Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-09-22metrics: Always track method label in uppercase (#3742)Dave Henderson
* metrics: Always track method label in uppercase Signed-off-by: Dave Henderson <dhenderson@gmail.com> * Just use strings.ToUpper for clarity Signed-off-by: Dave Henderson <dhenderson@gmail.com>
2020-09-17metrics: Initial integration of Prometheus metrics (#3709)Dave Henderson
Signed-off-by: Dave Henderson <dhenderson@gmail.com>
2020-07-31admin,templates,core: Minor enhancements and error handling (#3607)Bart
* fix 2 possible bugs * handle unhandled errors
2020-05-21admin: Disallow websocketsMatthew Holt
No currently-known exploit here, just being conservative
2020-05-13cmd: Add pidfile support (closes #3235)Matthew Holt
2020-05-12all: Recover from panics in goroutinesMatthew Holt
2020-04-16admin: Disable host checking if wildcard interface is specifiedMatthew Holt
To clarify, listening on wildcard interfaces is NOT the default and should only be done under certain circumstances and when you know what you're doing. Emits a warning in the log. Fixes https://github.com/caddyserver/caddy-docker/issues/71
2020-04-10admin: Always enforce Host header checksMatthew Holt
With a simple heuristic for loopback addresses, we can enable this by default without adding unnecessary inconvenience.
2020-04-08chore: make the linter happier (#3245)Mohammed Al Sahaf
* chore: make the linter happier * chore: remove reference to maligned linter in .golangci.yml
2020-03-24admin: Fix regex for removing @id fields (closes #3187)Matthew Holt
2020-03-21caddyconfig: register adapters as Caddy modules (#3132)Mohammed Al Sahaf
* admin: Refactor /load endpoint out of caddy package This eliminates the caddy package's dependency on the caddyconfig package, which helps prevent import cycles. * v2: adapter: register config adapters as Caddy modules * v2: adapter: simplify adapter registration as adapters and modules * v2: adapter: let RegisterAdapter be in charge of registering adapters as modules * v2: adapter: remove underscrores placeholders * v2: adapter: explicitly ignore the error of writing response of writing warnings back to client * Implicitly wrap config adapters as modules Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
2019-12-31Config auto-save; run --resume flag; update environ output (close #2903)Matthew Holt
Config auto-saving is on by default and can be disabled. The --environ flag (or environ subcommand) now print more useful information from Caddy and the runtime, including some nifty paths.
2019-12-23admin: Only write most CORS headers in OPTIONS requestsMatthew Holt
2019-12-17admin: POST /... expands and appends all array elementsMatthew Holt
Makes it easy to append many items to an array in one command
2019-12-16admin: /stop endpoint gracefully shuts down; fixes caddy stop commandMatthew Holt
2019-12-15logging: Implement net writer (#2884)Abdelmalek Ihdene
* Implement UDP writer * Implement Net Writer * Utilize Caddy's address parsing functions * A couple little fixes (see #2884)
2019-12-12cmd: Fix validate command when JSON contains "@id" fieldsMatthew Holt
Also, don't run admin server when validating...
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-11-27admin: Preserve "@id" fields through partial changes (fixes #2902)Matthew Holt
2019-11-11core: Use port ranges to avoid OOM with bad inputs (#2859)Mohammed Al Sahaf
* fix OOM issue caught by fuzzing * use ParsedAddress as the struct name for the result of ParseNetworkAddress * simplify code using the ParsedAddress type * minor cleanups
2019-11-04admin: Remove /unload endpoint (is same as DELETE /config/)Matthew Holt
2019-11-04core: Major refactor of admin endpoint and config handlingMatthew Holt
Fixed several bugs and made other improvements. All config changes are now mediated by the global config state manager. It used to be that initial configs given at startup weren't tracked, so you could start caddy with --config caddy.json and then do a GET /config/ and it would return null. That is fixed, along with several other general flow/API enhancements, with more to come.
2019-10-30admin listener as opt-in for initial config (#2834)Andreas Schneider
* Always cleanup admin endpoint first * Error out if no config has been set (#2833) * Ignore explicitly missing admin config (#2833) * Separate config loading from admin initialization (#2833) * Add admin option to specify admin listener address (#2833) * Use zap for reporting admin endpoint status
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-09admin: /config and /id endpointsMatthew Holt
This integrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The /config and /id endpoints make granular config changes possible as well as the exporting of the current configuration. The /load endpoint has been modified to wrap the /config handler so that the currently-running config can always be available for export. The difference is that /load allows configs of varying formats and converts them using config adapters. The adapted config is then processed with /config as JSON. The /config and /id endpoints accept only JSON.
2019-09-13admin: Allow listening on unix socket (closes #2749)Matthew Holt
2019-09-02caddyconfig: Add JSON5 and JSON-C adapters (closes #2735)Matthew Holt
2019-08-23Fix caddyconfig import in admin.go (#2725)Ariel Núñez
2019-08-22admin: Support config adapters at /load endpointMatthew Holt
Based on Content-Type
2019-08-21Refactor Caddyfile adapter and module registrationMatthew Holt
Use piles from which to draw config values. Module values can return their name, so now we can do two-way mapping from value to name and name to value; whereas before we could only map name to value. This was problematic with the Caddyfile adapter since it receives values and needs to know the name to put in the config.
2019-08-09Implement config adapters and beginning of Caddyfile adapterMatthew Holt
Along with several other changes, such as renaming caddyhttp.ServerRoute to caddyhttp.Route, exporting some types that were not exported before, and tweaking the caddytls TLS values to be more consistent. Notably, we also now disable automatic cert management for names which already have a cert (manually) loaded into the cache. These names no longer need to be specified in the "skip_certificates" field of the automatic HTTPS config, because they will be skipped automatically.