summaryrefslogtreecommitdiff
path: root/modules/caddyhttp/reverseproxy
AgeCommit message (Collapse)Author
2020-02-28reverse_proxy, php_fastcgi: Fix upstream parsing regression (fix #3101)Matthew Holt
2020-02-27Refactor ExtractMatcherSet()Matthew Holt
2020-02-27reverse_proxy: Allow use of URL to specify schemeMatthew Holt
This makes it more convenient to configure quick proxies that use HTTPS but also introduces a lot of logical complexity. We have to do a lot of verification for consistency and errors. Path and query string is not supported (i.e. no rewriting). Scheme and port can be inferred from each other if HTTP(S)/80/443. If omitted, defaults to HTTP. Any explicit transport config must be consistent with the upstream schemes, and the upstream schemes must all match too. But, this change allows a config that used to require this: reverse_proxy example.com:443 { transport http { tls } } to be reduced to this: reverse_proxy https://example.com which is really nice syntactic sugar (and is reminiscent of Caddy 1).
2020-02-27cmd/reverse_proxy: Add --change-host-header flagMatthew Holt
"Transparent mode" is the default, just like the actual handler.
2020-02-27Fix typos (#3087)Success Go
* Fix typo * Fix typo, thanks for Spell Checker under VS Code
2020-02-27Revert "reverse_proxy: Add 'transparent' Caddyfile subdirective (closes #2873)"Matthew Holt
This reverts commit 86b785e51cccd5df18611c380962cbd4faf38af5.
2020-02-27reverse_proxy: Add 'transparent' Caddyfile subdirective (closes #2873)Matthew Holt
2020-02-23reverse_proxy: Health checks: Don't cross the streamsMatthew Holt
Fixes https://caddy.community/t/v2-health-checks-are-going-to-the-wrong-upstream/7084?u=matt ... I think
2020-02-14caddyfile: Refactor; NewFromNextSegment(); fix repeated matchersMatthew Holt
Now multiple instances of the same matcher can be used within a named matcher without overwriting previous ones.
2020-01-22reverseproxy: Fix casing of RootCAPEMFilesMatthew Holt
2020-01-22reverseproxy: Accept integer values for flush_interval (fix #2996)Matthew Holt
2020-01-18reverse_proxy: CB docs; rename type -> factor (#2986)Mohammed Al Sahaf
* v2: add documentation for circuit breaker config and "random selection" load balancing policy * v2: rename circuit breaker config inline key from `type` to `breaker` to avoid json key clash between the `circuit_breaker` type and the `type` field of the generic circuit breaker Config struct used by circuit breaking implementations * v2: restore the circuit breaker inline key to `type` and rename the name circuit breaker config field from `Type` to `Factor`
2020-01-16httpcaddyfile: Fix nested blocks; add handle directive; refactorMatthew Holt
The fix that was initially put forth in #2971 was good, but only for up to one layer of nesting. The real problem was that we forgot to increment nesting when already inside a block if we saw another open curly brace that opens another block (dispenser.go L157-158). The new 'handle' directive allows HTTP Caddyfiles to be designed more like nginx location blocks if the user prefers. Inside a handle block, directives are still ordered just like they are outside of them, but handler blocks at a given level of nesting are mutually exclusive. This work benefitted from some refactoring and cleanup.
2020-01-11http: A little more polish on rewrite handler and try_files directiveMatthew Holt
2020-01-10http: Remove {...query_string} placeholder, in favor of {...query}Matthew Holt
I am not sure if the query_string one is necessary or useful yet. We can always add it later if needed.
2020-01-09Update docs for couple of Caddyfile directivesMatthew Holt
2020-01-09http: Change routes to sequential matcher evaluation (#2967)Matt Holt
Previously, all matchers in a route would be evaluated before any handlers were executed, and a composite route of the matching routes would be created. This made rewrites especially tricky, since the only way to defer later matchers' evaluation was to wrap them in a subroute, or to invoke a "rehandle" which often caused bugs. Instead, this new sequential design evaluates each route's matchers then its handlers in lock-step; matcher-handlers-matcher-handlers... If the first matching route consists of a rewrite, then the second route will be evaluated against the rewritten request, rather than the original one, and so on. This should do away with any need for rehandling. I've also taken this opportunity to avoid adding new values to the request context in the handler chain, as this creates a copy of the Request struct, which may possibly lead to bugs like it has in the past (see PR #1542, PR #1481, and maybe issue #2463). We now add all the expected context values in the top-level handler at the server, then any new values can be added to the variable table via the VarsCtxKey context key, or just the GetVar/SetVar functions. In particular, we are using this facility to convey dial information in the reverse proxy. Had to be careful in one place as the middleware compilation logic has changed, and moved a bit. We no longer compile a middleware chain per- request; instead, we can compile it at provision-time, and defer only the evaluation of matchers to request-time, which should slightly improve performance. Doing this, however, we take advantage of multiple function closures, and we also changed the use of HandlerFunc (function pointer) to Handler (interface)... this led to a situation where, if we aren't careful, allows one request routed a certain way to permanently change the "next" handler for all/most other requests! We avoid this by making a copy of the interface value (which is a lightweight pointer copy) and using exclusively that within our wrapped handlers. This way, the original stack frame is preserved in a "read-only" fashion. The comments in the code describe this phenomenon. This may very well be a breaking change for some configurations, however I do not expect it to impact many people. I will make it clear in the release notes that this change has occurred.
2020-01-07reverse_proxy: Add tls_trusted_ca_certs to Caddyfile (#2936)Zaq? Wiedmann
Allows specifying ca certs with by filename in `reverse_proxy.transport`. Example ``` reverse_proxy /api api:443 { transport http { tls tls_trusted_ca_certs certs/rootCA.pem } } ```
2020-01-03v2: housekeeping: address minor lint complaints (#2957)Mohammed Al Sahaf
* v2: housekeeping: update tools * v2: housekeeping: adhere to US locale in spelling * v2: housekeeping: simplify code
2019-12-29Improve docs, especially w.r.t. placeholders and template actionsMatthew Holt
2019-12-29Export Replacer and use concrete type instead of interfaceMatthew Holt
The interface was only making things difficult; a concrete pointer is probably best.
2019-12-28fastcgi: Set SERVER_SOFTWARE, _NAME, and _PORT properly (fixes #2952)Matthew Holt
2019-12-23Improve godocs all aroundMatthew Holt
These will be used in the new automated documentation system
2019-12-17http: Patch path matcher to ignore dots and spaces (#2917)Matthew Holt
(Try saying "patch path match" ten times fast)
2019-12-12try_files, rewrite: allow query string in try_files (fix #2891)Matthew Holt
Also some minor cleanup/improvements discovered along the way
2019-12-12Minor improvements; comments and shorter placeholders & module IDsMatthew Holt
2019-12-10v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)Matt Holt
This commit goes a long way toward making automated documentation of Caddy config and Caddy modules possible. It's a broad, sweeping change, but mostly internal. It allows us to automatically generate docs for all Caddy modules (including future third-party ones) and make them viewable on a web page; it also doubles as godoc comments. As such, this commit makes significant progress in migrating the docs from our temporary wiki page toward our new website which is still under construction. With this change, all host modules will use ctx.LoadModule() and pass in both the struct pointer and the field name as a string. This allows the reflect package to read the struct tag from that field so that it can get the necessary information like the module namespace and the inline key. This has the nice side-effect of unifying the code and documentation. It also simplifies module loading, and handles several variations on field types for raw module fields (i.e. variations on json.RawMessage, such as arrays and maps). I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that the ID is the "full name" which includes both the module namespace and the name. This clarity is helpful when describing module hierarchy. As of this change, Caddy modules are no longer an experimental design. I think the architecture is good enough to go forward.
2019-12-06Use "IsUnixNetwork" function instead of repeating the logicMatthew Holt
2019-12-04Fix misspellings (#2908)lu4p
2019-11-27reverse_proxy: Add flush_interval to caddyfile syntax (#1460)Matthew Holt
Also add godoc for Caddyfile syntax for file_server
2019-11-18reverse_proxy: Fix invalid argument to Intn in RandomChoice selectionMatthew Holt
2019-11-15reverse_proxy: Allow buffering of client requestsMatthew Holt
This is a bad idea, but some backends apparently require it. See discussion in #176.
2019-11-15cmd: Disable admin endpoint for file-server and reverse-proxy commandsMatthew Holt
This makes it easier to use multiple instances on the same machine
2019-11-11core: Use port ranges to avoid OOM with bad inputs (#2859)Mohammed Al Sahaf
* fix OOM issue caught by fuzzing * use ParsedAddress as the struct name for the result of ParseNetworkAddress * simplify code using the ParsedAddress type * minor cleanups
2019-11-06reverse_proxy: Fix NTLM auth detectionMatthew Holt
D'oh. Got mixed up in a refactoring.
2019-11-05reverse_proxy: Add support for NTLMMatthew Holt
2019-11-05reverse_proxy: Make HTTP versions configurable, don't set NextProtosMatthew Holt
2019-11-04reverse_proxy: Add UnmarshalCaddyfile for random_choose selection policyMatthew Holt
Also allow caddy.Duration to be given integer values which are treated like regular time.Duration values (nanoseconds). Fixes #2856
2019-11-04reverse_proxy: Add port to upstream address if only implied in schemeMatthew Holt
2019-10-31reverse_proxy: Fix panic for some CLI flag values (closes #2848)Matthew Holt
2019-10-29reverse_proxy: Structured logsMatthew Holt
2019-10-29proxy: Forgot to commit importMatthew Holt
2019-10-29proxy: Enable HTTP/2 on transport to backendMatthew Holt
2019-10-28caddyhttp: Minor cleanup and fix nil pointer deref in caddyfile adapterMatthew Holt
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-11reverse_proxy: optimize MaxIdleConnsPerHost default (#2809)yzongyue
2019-10-11reverse_proxy: Allow dynamic backends (closes #990 and #1539)Matthew Holt
This PR enables the use of placeholders in an upstream's Dial address. A Dial address must represent precisely one socket after replacements. See also #998 and #1639.
2019-10-10reverse_proxy: Customize SNI value in upstream request (closes #2483)Matthew Holt
2019-10-10Miscellaneous cleanups / commentsMatthew Holt
2019-10-09reverse_proxy: Add local circuit breakerMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The local circuit breaker is a simple metrics counter that can cause the reverse proxy to consider a backend unhealthy before it actually goes offline, by measuring recent latencies over a sliding window. Credit to Danny Navarro