summaryrefslogtreecommitdiff
path: root/caddytest
AgeCommit message (Collapse)Author
2021-12-17reverseproxy: Fix incorrect `health_headers` Caddyfile parsing (#4485)Francis Lavoie
Fixes #4481
2021-12-13caddyhttp: Enhance vars matcher (#4433)Matt Holt
* caddyhttp: Enhance vars matcher Enable "or" logic for multiple values. Fall back to checking placeholders if not a var name. * Fix tests (thanks @mohammed90 !)
2021-12-13httpcaddyfile: Fix sorting edgecase for nested `handle_path` (#4477)Francis Lavoie
2021-12-02logging: add support for hashing data (#4434)Kévin Dunglas
* logging: add support for hashing data * Update modules/logging/filters.go Co-authored-by: wiese <wiese@users.noreply.github.com> * Update modules/logging/filters.go Co-authored-by: wiese <wiese@users.noreply.github.com> Co-authored-by: wiese <wiese@users.noreply.github.com>
2021-12-02caddyhttp: Make logging of credential headers opt-in (#4438)Francis Lavoie
2021-11-29caddyhttp: Split up logged remote address into IP and port (#4403)Francis Lavoie
2021-11-29logging: Remove common_log field and single_field encoder (#4149) (#4282)Matt Holt
2021-11-28caddyfile: make renew_interval option configurable (#4451)Rainer Borene
2021-11-24reverseproxy: Adjust defaults, document defaults (#4436)Francis Lavoie
* reverseproxy: Adjust defaults, document defaults Related to some of the issues in https://github.com/caddyserver/caddy/issues/4245, a complaint about the proxy transport defaults not being properly documented in https://caddy.community/t/default-values-for-directives/14254/6. - Dug into the stdlib to find the actual defaults for some of the timeouts and buffer limits, documenting them in godoc so the JSON docs get them next release. - Moved the keep-alive and dial-timeout defaults from `reverseproxy.go` to `httptransport.go`. It doesn't make sense to set defaults in the proxy, because then any time the transport is configured with non-defaults, the keep-alive and dial-timeout defaults are lost! - Sped up the dial timeout from 10s to 3s, in practice it rarely makes sense to wait a whole 10s for dialing. A shorter timeout helps a lot with the load balancer retries, so using something lower helps with user experience. * reverseproxy: Make keepalive interval configurable via Caddyfile * fastcgi: DialTimeout default for fastcgi transport too
2021-11-23logging: add a regexp filter (#4426)Kévin Dunglas
2021-11-23logging: add a filter for cookies (#4425)Kévin Dunglas
* feat(logging): add a filter for cookies * Improve godoc and add validation
2021-11-23logging: add a filter for query parameters (#4424)Kévin Dunglas
Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2021-10-26httpcaddyfile: Empty tls policy for internal http localhost (#4398)Marc Easen
* test: replicated empty tls automation policy issue * fix: empty tls policy for an http:// endpoint running on a non-standard http port
2021-09-29Move from deprecated ioutil to os and io packages (#4364)KallyDev
2021-09-17fastcgi: Implement `try_files` override in Caddyfile directive (#4347)Francis Lavoie
2021-09-11fastcgi: Fix Caddyfile parsing when `handle_response` is used (#4342)Francis Lavoie
2021-08-26httpcaddyfile: Reorder some directives (#4311)Francis Lavoie
We realized we made some mistakes with the directive ordering, so we're making some minor adjustments. `abort` and `error` don't really make sense to be after other handler directives, because you would expect to be able to "fail-fast" and throw an error before falling through to some `file_server` or `respond` typically. So we're moving them up to just before `respond`, i.e. before the common handler directives. This is also more consistent with our existing examples in the docs, which actually didn't work due to the directive ordering. See https://caddyserver.com/docs/caddyfile/directives/error#examples Also, `push` doesn't quite make sense to be after `handle`/`route`, since its job is to read from response headers to push additional resources if necessary, and `handle`/`route` may be terminal so push would not be reached if it was declared outside those. And also, it would make sense to be _before_ `templates` because a template _could_ add a `Link` header to the response dynamically.
2021-08-17logging: Warn for deprecated single_field encoderMatthew Holt
2021-08-02httpcaddyfile: Ensure hosts to skip for logs can always be collected (#4258)Frederik Ring
* httpcaddyfile: ensure hosts to skip can always be collected Previously, some hosts that should be skipped in logging would be missed as the current logic would only collect them after encountering the first server that would log. This change makes sure the ServerLogConfig is initialized before iterating over the server blocks. * httpcaddyfile: add test case for skip hosts behavior
2021-07-14caddyhttp: Fix edgecase with auto HTTP->HTTPS logic (#4243)Francis Lavoie
2021-07-06reverseproxy: Keep path to unix socket as dial address (#4232)elnoro
2021-07-01fileserver: Add `disable_canonical_uris` Caddyfile subdirective (#4222)mritd
* feat(fileserver): add 'canonical_uris' parameter to caddyfile add 'canonical_uris' parameter to caddyfile reference #2741 Signed-off-by: mritd <mritd@linux.com> * feat(file_server): rename subdirective canonical_uris to disable_canonical_uris rename subdirective canonical_uris to disable_canonical_uris Signed-off-by: mritd <mritd@linux.com> * test(caddyfile_adapt): add disable_canonical_uris subdirective test file add disable_canonical_uris subdirective test file Signed-off-by: mritd <mritd@linux.com>
2021-06-25httpcaddyfile: Don't put localhost in public APs (fix #4220)Matthew Holt
If an email is specified in global options, a site called 'localhost' shouldn't be bunched together with public DNS names in the automation policies, which get the default, public-CA issuers. Fix old test that did this. I also noticed that these two: localhost { } example.com { } and localhost, example.com { } produce slightly different TLS automation policies. The former is what the new test case covers, and we have logic that removes the empty automation policy for localhost so that auto-HTTPS can implicitly create one. (We prefer that whenever possible.) But the latter case produces two automation policies, with the second one being for localhost, with an explicit internal issuer. It's not wrong, just more explicit than it needs to be. I'd really like to completely rewrite the code from scratch that generates automation policies, hopefully there is a simpler, more correct algorithm.
2021-06-15reverseproxy: Adjust test related to #4201Matthew Holt
Commit 7c68809f4e13a7ac7c9e216a69410e7c1966c1df
2021-06-09httpcaddyfile: Don't add HTTP hosts to TLS APs (fix #4176 and fix #4198)Matthew Holt
In the Caddyfile, hosts specified for HTTP sockets (either scheme is "http" or it is on the HTTP port) should not be used as subjects in TLS automation policies (APs).
2021-06-08httpcaddyfile: Add `preferred_chains` global option and issuer subdirective ↵Klooven
(#4192) * Added preferred_chains option to Caddyfile * Caddyfile adapt tests for preferred_chains
2021-06-07caddytls: Add Caddyfile support for `propagation_timeout` (#4178)Peter Magnusson
* add propagation_timeout to UnmarshalCaddyfile - Closes #4177 * added caddyfile_adapt test
2021-06-07httpcaddyfile: Add `skip_install_trust` global option (#4153)Francis Lavoie
Fixes https://github.com/caddyserver/caddy/issues/4002
2021-05-11httpcaddyfile: Fix automation policy consolidation again (fix #4161)Matthew Holt
Also fix a previous test that asserted incorrect behavior.
2021-05-10encode: Drop `prefer` from Caddyfile (#4156)Francis Lavoie
Followup to #4150, #4151 /cc @ueffel @polarathene After a bit of discussion with @mholt, we decided to remove `prefer` as a subdirective and just go with using the order implicitly always. Simpler config, simpler docs, etc. Effectively changes 7776471 and reverts a small part of f35a7fa.
2021-05-10encode: Default to order the formats are enabled for `prefer` in Caddyfile ↵Francis Lavoie
(#4151)
2021-05-07httpcaddyfile: Add `grace_period` global option (#4152)Francis Lavoie
See https://caddyserver.com/docs/json/apps/http/#grace_period
2021-05-02reverseproxy: Add `handle_response` blocks to `reverse_proxy` (#3710) (#4021)Francis Lavoie
* reverseproxy: Add `handle_response` blocks to `reverse_proxy` (#3710) * reverseproxy: complete handle_response test * reverseproxy: Change handle_response matchers to use named matchers reverseproxy: Add support for changing status code * fastcgi: Remove obsolete TODO We already have d.Err("transport already specified") in the reverse_proxy parsing code which covers this case * reverseproxy: Fix support for "4xx" type status codes * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * caddyhttp: Reorganize response matchers * reverseproxy: Reintroduce caddyfile.Unmarshaler * reverseproxy: Add comment mentioning Finalize should be called Co-authored-by: Maxime Soulé <btik-git@scoubidou.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-05-02httpcaddyfile: Add `auto_https ignore_loaded_certs` (#4077)Francis Lavoie
2021-05-02httpcaddyfile: Add global option for `storage_clean_interval` (#4134)Francis Lavoie
Followup to https://github.com/caddyserver/caddy/commit/42b7134ffa3bf3e9e86514c82407979c2627a5ab
2021-04-29httpcaddyfile: Fix unexpectedly removed policy (#4128)Alban Lecocq
* httpcaddyfile: Fix unexpectedly removed policy When user set on_demand tls option in a catch-all (:443) policy, we expect other policies to not have the on_demand enabled See ex in tls_automation_policies_5.txt Btw, we can remove policies if they are **all** empty. * Update caddyconfig/httpcaddyfile/tlsapp.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-04-22caddyfile: Fix `import` replacing unrelated placeholders (#4129)Francis Lavoie
* caddyfile: Fix `import` replacing unrelated placeholders See https://caddy.community/t/snippet-issue-works-outside-snippet/12231 So it turns out that `NewReplacer()` gives a replacer with some global defaults (like `{env.*}` and some system and time placeholders), which is not ideal when running `import` because we just want to replace `{args.*}` only, and nothing else. * caddyfile: Add test
2021-04-19caddyhttp: Implement better logic for inserting the HTTP->HTTPS redirs (#4033)Francis Lavoie
* caddyhttp: Implement better logic for inserting the HTTP->HTTPS redirs * caddyhttp: Add integration test
2021-04-16httpcaddyfile: Take into account host scheme/port (fix #4113)Matthew Holt
2021-04-08fileserver: Add status code override (#4076)Francis Lavoie
After reading a question about the `handle_response` feature of `reverse_proxy`, I realized that we didn't have a way of serving an arbitrary file with a status code other than 200. This is an issue in situations where you want to serve a custom error page in routes that are not errors, like the aforementioned `handle_response`, where you may want to retain the status code returned by the proxy but write a response with content from a file. This feature is super simple, basically if a status code is configured (can be a status code number, or a placeholder string) then that status will be written out before serving the file - if we write the status code first, then the stdlib won't write its own (only the first HTTP status header wins).
2021-04-02httpcaddyfile: Fix panic in automation policy consolidation (#4104)Francis Lavoie
* httpcaddyfile: Add reproduce test * httpcaddyfile: Don't allow `i` to go below zero
2021-03-29encode,staticfiles: Content negotiation, precompressed files (#4045)Steffen Brüheim
* encode: implement prefer setting * encode: minimum_length configurable via caddyfile * encode: configurable content-types which to encode * file_server: support precompressed files * encode: use ReponseMatcher for conditional encoding of content * linting error & documentation of encode.PrecompressedOrder * encode: allow just one response matcher also change the namespace of the encoders back, I accidently changed to precompressed >.> default matchers include a * to match to any charset, that may be appended * rounding of the PR * added integration tests for new caddyfile directives * improved various doc strings (punctuation and typos) * added json tag for file_server precompress order and encode matcher * file_server: add vary header, remove accept-ranges when serving precompressed files * encode: move Suffix implementation to precompressed modules
2021-03-29reverseproxy: Implement health_uri, deprecate health_path, supports query ↵Francis Lavoie
(#4050) * reverseproxy: Implement health_uri, replaces health_path, supports query Also fixes a bug with `health_status` Caddyfile parsing , it would always only take the first character of the status code even if it didn't end with "xx". * reverseproxy: Rename to URI, named logger, warn in Provision (for JSON)
2021-03-29headers: Fix Caddyfile parsing for `request_header` with matchers (#4085)Francis Lavoie
2021-03-12logging: add replace filter for static value replacement (#4029)Aaron Taylor
This filter is intended to be useful in scenarios where you may want to redact a value with a static string, giving you information that the field did previously exist and was present, but not revealing the value itself in the logs. This was inspired by work on adding more complete support for removing sensitive values from logs [1]. An example use case would be the Authorization header in request log output, for which the value should usually not be logged, but it may be quite useful for debugging to confirm that the header was present in the request. [1] https://github.com/caddyserver/caddy/issues/3958
2021-03-12caddyconfig: add global option for configuring loggers (#4028)Aaron Taylor
This change is aimed at enhancing the logging module within the Caddyfile directive to allow users to configure logs other than the HTTP access log stream, which is the current capability of the Caddyfile [1]. The intent here is to leverage the same syntax as the server log directive at a global level, so that similar customizations can be added without needing to resort to a JSON-based configuration. Discussion for this approach happened in the referenced issue. Closes https://github.com/caddyserver/caddy/issues/3958 [1] https://caddyserver.com/docs/caddyfile/directives/log
2021-03-10map: Accept regex substitution in outputs (#3991)Rajat Jain
* Replace placeholders with regex groups * using Matcher methods * test added * linting fix * Revert "linting fix" This reverts commit cafd7296f43639bbcd2601bea79a47f60763a200. * Revert "test added" This reverts commit 3a76cc7b0bc5dcef15ca5c8ec22efcd4067d484c. * Revert "using Matcher methods" This reverts commit cc34337b8ebb61d40ec343cee0fc225a694d3db6. * tests added
2021-03-03reverseproxy: Fix upstreams with placeholders with no port (#4046)Francis Lavoie
2021-02-22httpcaddyfile: Fix catch-all site block sortingMatthew Holt
A site block that has a catch-all and the shortest address is now sorted better. https://caddy.community/t/caddy-suddenly-directs-my-site-to-the-wrong-directive/11597/2
2021-02-08httpcaddyfile: Fix automation policiesMatthew Holt
Fixes a bug introduced in #3862