Age | Commit message (Collapse) | Author | |
---|---|---|---|
2019-10-09 | tls: Add pem_loader module | Matthew Holt | |
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The PEM loader allows you to embed PEM files (certificates and keys) directly into your config, rather than requiring them to be stored on potentially insecure storage, which adds attack vectors. This is useful in automated settings where sensitive key material is stored only in memory. Note that if the config is persisted to disk, that added benefit may go away, but there will still be the benefit of having lesser dependence on external files. | |||
2019-10-09 | reverse_proxy: Add local circuit breaker | Matthew Holt | |
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The local circuit breaker is a simple metrics counter that can cause the reverse proxy to consider a backend unhealthy before it actually goes offline, by measuring recent latencies over a sliding window. Credit to Danny Navarro | |||
2019-10-09 | http: Add work-in-progress cache handler module | Matthew Holt | |
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The cache HTTP handler will be a high-performing, distributed cache layer for HTTP requests. Right now, the implementation is a very basic proof-of-concept, and further development is required. | |||
2019-10-06 | rewrite: Return parse error if too many Caddyfile args (fixes #2791) | Matthew Holt | |
2019-10-05 | reverse_proxy: Implement retry_match; by default only retry GET requests | Matthew Holt | |
See https://caddy.community/t/http-proxy-and-non-get-retries/6304 | |||
2019-10-05 | caddyhttp: Define MatcherSets and RawMatcherSets types | Matthew Holt | |
2019-10-04 | file_server: Set default address to :2015 if --listen not specified | Matthew Holt | |
2019-10-04 | reverse_proxy: Configurable request headers on active health checks | Matthew Holt | |
See https://caddy.community/t/health-check-user-agent/6309 | |||
2019-10-03 | Add file-server and reverse-proxy subcommands | Matthew Holt | |
2019-10-02 | caddytls: nil check on storageClean fields on Stop | Matthew Holt | |
2019-09-30 | caddyhttp: 'not' matcher: Support Caddyfile unmarshaling | Matthew Holt | |
2019-09-30 | Add license header to filestorage.go | Matthew Holt | |
2019-09-30 | tls: Change struct fields to pointers, add nil checks; rate.Burst update | Matthew Holt | |
Making them pointers makes for cleaner JSON when adapting configs, if the struct is empty now it will be omitted entirely. The x/time/rate package was updated to support changing the burst, so we've incorporated that here and removed a TODO. | |||
2019-09-24 | tls: Make cert and OCSP check intervals configurable | Matthew Holt | |
This enables use of ACME CAs that issue shorter-lived certs | |||
2019-09-24 | tls/acme: Ability to customize trusted roots for ACME servers (#2756) | Matt Holt | |
Closes #2702 | |||
2019-09-20 | reverse_proxy/headers: Expose header replacement ability in Caddyfile | Matthew Holt | |
Adds header_up and header_down subdirectives to reverse_proxy | |||
2019-09-19 | httpcaddyfile: Global storage configuration (closes #2758) | Matthew Holt | |
2019-09-18 | http: Improve auto HTTP->HTTPS redirects, fix edge cases | Matthew Holt | |
See https://caddy.community/t/v2-issues-with-multiple-server-blocks-in-caddyfile-style-config/6206/13?u=matt Also print pid when using `caddy start` | |||
2019-09-18 | host matcher: Strip [ ] from IPv6 addresses | Matthew Holt | |
2019-09-17 | Allow domain fronting with TLS client auth if explicitly configured | Matthew Holt | |
2019-09-17 | tls: Clean up expired OCSP staples and certificates | Matthew Holt | |
2019-09-17 | fastcgi: Implement / redirect for index.php with php_fastcgi directive (#2754) | Matt Holt | |
* fastcgi: Implement / redirect for index.php with php_fastcgi directive See #2752 and https://caddy.community/t/v2-redirect-path-to-path-index-php-with-assets/6196?u=matt * caddyhttp: MatchNegate implements json.Marshaler * fastcgi: Add /index.php element to try_files matcher * fastcgi: Make /index.php redirect permanent | |||
2019-09-16 | httpcaddyfile: static_response -> respond; minor cleanups | Matthew Holt | |
2019-09-14 | reverse_proxy: Close idle connections on module unload | Matthew Holt | |
2019-09-14 | Eliminate some TODOs | Matthew Holt | |
2019-09-14 | reverse_proxy: Ability to mutate headers; set upstream placeholders | Matthew Holt | |
2019-09-14 | headers: Ability to mutate request headers including http.Request.Host | Matthew Holt | |
Also a few bug fixes | |||
2019-09-13 | Forgot to commit caddyfile.go changes in last commit | Matthew Holt | |
2019-09-13 | headers: Add ability to replace substrings in header fields | Matthew Holt | |
This will probably be useful so the proxy can rewrite header values. | |||
2019-09-13 | encode: Fix bug where default status code was being written | Matthew Holt | |
for small responses. See https://caddy.community/t/v2-permanent-redirect-prompt/6190?u=matt | |||
2019-09-13 | http: Consider wildcards when evaluating automatic HTTPS | Matthew Holt | |
2019-09-12 | tls: Do away with SetDefaults which did nothing useful | Matthew Holt | |
CertMagic uses the same defaults for us | |||
2019-09-12 | go.mod: Use lego v3 and CertMagic 0.7.0 | Matthew Holt | |
2019-09-11 | tls: Remove support for TLS 1.0 and TLS 1.1 | Matthew Holt | |
2019-09-11 | reverseproxy: Fix host and port on requests; fix Caddyfile parser | Matthew Holt | |
2019-09-11 | tls: Use Let's Encrypt production endpoint | Matthew Holt | |
We're done testing this in staging | |||
2019-09-11 | http: Set Alt-Svc header if experimental HTTP3 server is enabled | Matthew Holt | |
2019-09-11 | headers: New 'request_header' directive; handle Host header specially | Matthew Holt | |
Before this change, only response headers could be manipulated with the Caddyfile's 'header' directive. Also handle the request Host header specially, since the Go standard library treats it separately from the other header fields... | |||
2019-09-11 | reverseproxy: Add 'tls' option to enable HTTPS with HTTP transport | Matthew Holt | |
2019-09-10 | caddyfile: Improve Dispenser.NextBlock() to support nesting | Matthew Holt | |
2019-09-10 | New 'php_fastcgi' directive for convenient PHP+FastCGI reverse proxy | Matthew Holt | |
2019-09-10 | rewrite: Caddyfile directive should always invoke a rehandle | Matthew Holt | |
This is unless each route's matcher is dynamically executed after previous handlers... | |||
2019-09-10 | fastcgi: Make EnvVars a map instead of a slice | Matthew Holt | |
2019-09-10 | Require Go 1.13; use Go 1.13's default support for TLS 1.3 | Matthew Holt | |
2019-09-10 | Experimental IETF-standard HTTP/3 support (known issue exists) (#2727) | Matt Holt | |
* Begin WIP integration of HTTP/3 support * http3: Set actual Handler, make fakeClosePacketConn type for UDP sockets Also use latest quic-go for ALPN fix * Manually keep track of and close HTTP/3 listeners * Update quic-go after working through some http3 bugs * Fix go mod * Make http3 optional for now | |||
2019-09-10 | Fix build (sigh) | Matthew Holt | |
2019-09-09 | Merge pull request #2737 from caddyserver/fastcgi (reverse proxy!) | Matt Holt | |
v2: Refactor reverse proxy and add FastCGI support | |||
2019-09-09 | Migrate some selection policy tests over to v2 | Matthew Holt | |
2019-09-09 | reverse_proxy: Caddyfile integration (and fix blocks in Dispenser) | Matthew Holt | |
2019-09-09 | Log when auto HTTPS or auto HTTP->HTTPS redirects are disabled | Matthew Holt | |