| Age | Commit message (Collapse) | Author |
|---|
|
* cmd: fix cli when admin endpoint uses new unix socket permission format
Fixes a bug where the following Caddyfile
```Caddyfile
{
admin unix/admin.sock|0660
}
```
and `caddy reload --config Caddyfile`
would throw the following error instead of reloading it:
```
INFO using provided configuration {"config_file": "Caddyfile", "config_adapter": ""}
Error: sending configuration to instance: performing request: Post "http://127.0.0.1/load": dial unix admin.sock|0660: connect: no such file or directory
[ERROR] exit status 1
```
---
This bug also affected `caddy start` and `caddy stop`.
* Move splitter function to internal
---------
Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
|
|
* core: Add optional unix socket file permissions
This commit also changes the default unix socket file permissions to `u=w,g=,o=` (octal: `0200`).
It used to default to the shell's umask (usually `u=rwx,g=rx,o=rx`, octal: `0755`).
`/run/caddy.sock` -> `/run/caddy.sock` with `0200` default perms
`/run/caddy.sock|0222` -> `/run/caddy.sock` with `0222` perms
`|` instead of `:` is used as a separator, to account for the `:` in Windows drive letters (e.g. `C:\absolute\path.sock`)
Fun fact:
The old unix(7) man page (pre Jun 2016) stated a socket needs both read and write perms.
Turns out, only write perms are needed.
Corrected in https://github.com/mkerrisk/man-pages/commit/7578ea2f85b272363d22680d69e7d32f0b59c83b
Despite this, most implementations still default to read+write to this date.
* Add cases with Windows paths to test
* Require write perms for the owning user
|
|
* acmeserver: Configurable `resolvers`, fix smallstep deprecations
* Improve default net/port
* Update proxy resolvers parsing to use the new function
* Update listeners.go
Co-authored-by: itsxaos <33079230+itsxaos@users.noreply.github.com>
---------
Co-authored-by: itsxaos <33079230+itsxaos@users.noreply.github.com>
|
|
|
|
Previously, our "duplicate key in server block" logic was flawed because
it did not account for the site's bind address. We defer this check to
when the listener addresses have been assigned, but before we commit
a server block to its listener.
Also refined how network address parsing and joining works, which was
necessary for a less convoluted fix.
|
|
With a simple heuristic for loopback addresses, we can enable this by
default without adding unnecessary inconvenience.
|
|
|
|
See https://caddy.community/t/caddy-v2-php-fpm-502-error/6571?u=matt
|
|
* fix OOM issue caught by fuzzing
* use ParsedAddress as the struct name for the result of ParseNetworkAddress
* simplify code using the ParsedAddress type
* minor cleanups
|
|
This PR enables the use of placeholders in an upstream's Dial address.
A Dial address must represent precisely one socket after replacements.
See also #998 and #1639.
|
|
My goodness that was complicated
Blessed be request.Context
Sort of
|
|
|
