summaryrefslogtreecommitdiff
path: root/modules
AgeCommit message (Collapse)Author
2019-11-15cmd: Disable admin endpoint for file-server and reverse-proxy commandsMatthew Holt
This makes it easier to use multiple instances on the same machine
2019-11-15Minor cleanupsMatthew Holt
2019-11-15http: Make path matcher case-insensitiveMatthew Holt
Adds tests for both the path matcher and host matcher for case insensitivity. If case sensitivity is required for the path, a regexp matcher can be used instead. This is the v2 equivalent fix of PR #2882.
2019-11-11core: Use port ranges to avoid OOM with bad inputs (#2859)Mohammed Al Sahaf
* fix OOM issue caught by fuzzing * use ParsedAddress as the struct name for the result of ParseNetworkAddress * simplify code using the ParsedAddress type * minor cleanups
2019-11-11http: Add response headers to access logsMatthew Holt
2019-11-11http: Use permanent redirects for HTTP->HTTPSMatthew Holt
2019-11-11logging: Support placeholders in level and filename (#2872)Sarat Chandra
* Add support for placeholders in Config Fixes #2870 * Replace placeholders only in logging config. Placeholders in log level and filename incase of file output are replaced. * Add Provision to filewriter module for replacing placeholders
2019-11-06reverse_proxy: Fix NTLM auth detectionMatthew Holt
D'oh. Got mixed up in a refactoring.
2019-11-05reverse_proxy: Add support for NTLMMatthew Holt
2019-11-05http: Eliminate allocation in cloneURL; add RemoteAddr to origRequestMatthew Holt
2019-11-05reverse_proxy: Make HTTP versions configurable, don't set NextProtosMatthew Holt
2019-11-04Prepare for beta 9 tagMatthew Holt
2019-11-04reverse_proxy: Add UnmarshalCaddyfile for random_choose selection policyMatthew Holt
Also allow caddy.Duration to be given integer values which are treated like regular time.Duration values (nanoseconds). Fixes #2856
2019-11-04reverse_proxy: Add port to upstream address if only implied in schemeMatthew Holt
2019-11-04http: Only log handler errors >= 500Matthew Holt
Errors in the 4xx range are client errors, and they don't need to be entered into the server's error logs. 4xx errors are still recorded in the access logs at the error level.
2019-11-04cmd: Move module imports into standard packagesMatthew Holt
This makes it easier to make "standard" caddy builds, since you'll only need to add a single import to get all of Caddy's standard modules. There is a package for all of Caddy's standard modules (modules/standard) and a package for the HTTP app's standard modules only (modules/caddyhttp/standard). We still need to decide which of these, if not all of them, should be kept in the standard build. Those which aren't should be moved out of this repo. See #2780.
2019-10-31http: Ensure server loggers are not nil (fixes #2849)Matthew Holt
2019-10-31reverse_proxy: Fix panic for some CLI flag values (closes #2848)Matthew Holt
2019-10-30http: Avoid panic if handler errors lack underlying error valueMatthew Holt
Fixes #2845
2019-10-30auth: Clean up basicauthMatthew Holt
2019-10-29reverse_proxy: Structured logsMatthew Holt
2019-10-29Remove unused fields from HandlerErrorMatthew Holt
2019-10-29proxy: Forgot to commit importMatthew Holt
2019-10-29caddyhttp: Fix nil pointer dereferenceMatthew Holt
2019-10-29proxy: Enable HTTP/2 on transport to backendMatthew Holt
2019-10-28cache: Make peer addresses configurableMatthew Holt
2019-10-28caddyhttp: Minor cleanup and fix nil pointer deref in caddyfile adapterMatthew Holt
2019-10-28v2: Logging! (#2831)Matt Holt
* logging: Initial implementation * logging: More encoder formats, better defaults * logging: Fix repetition bug with FilterEncoder; add more presets * logging: DiscardWriter; delete or no-op logs that discard their output * logging: Add http.handlers.log module; enhance Replacer methods The Replacer interface has new methods to customize how to handle empty or unrecognized placeholders. Closes #2815. * logging: Overhaul HTTP logging, fix bugs, improve filtering, etc. * logging: General cleanup, begin transitioning to using new loggers * Fixes after merge conflict
2019-10-21tls: Make the on-demand rate limiter actually workMatthew Holt
This required a custom rate limiter implementation in CertMagic
2019-10-19rewrite: Options to strip prefix/suffix and issue redirectsMatthew Holt
Fixes #2011
2019-10-16tls: Asynchronous cert management at startup (uses CertMagic v0.8.0)Matthew Holt
2019-10-16Minor enhancements/fixes to rewrite directive and template virt req'sMatthew Holt
2019-10-15v2: Make tests work on Windows (#2782)Matt Holt
* file_server: Make tests work on Windows * caddyfile: Fix escaping when character is not escapable We only escape certain characters depending on inside or outside of quotes (mainly newlines and quotes). We don't want everyone to have to escape Windows file paths like C:\\Windows\\... but we can't drop the \ either if it's just C:\Windows\...
2019-10-15v2: Project-and-CI-wide linter config (#2812)Mohammed Al Sahaf
* v2: split golangci-lint configuration into its own file to allow code editors to take advantage of it * v2: simplify code * v2: set the correct lint output formatting * v2: invert the logic of linter's configuration of output formatting to allow the editor convenience over CI-specific customization. Customize the output format in CI by passing the flag. * v2: remove irrelevant golangci-lint config
2019-10-15caddyhttp: Improve ResponseRecorder to buffer headersMatthew Holt
2019-10-14caddyhttp: host labels placeholders endianness from right->leftMatthew Holt
https://caddy.community/t/labeln-placeholder-endian-issue/5366 (I thought we had this before but it must have gotten lost somewhere)
2019-10-14caddyhttp: Support placeholders in MatchHost (#2810)Pascal
* Replace global placeholders in host matcher * caddyhttp: Fix panic on MatchHost tests
2019-10-11reverse_proxy: optimize MaxIdleConnsPerHost default (#2809)yzongyue
2019-10-11reverse_proxy: Allow dynamic backends (closes #990 and #1539)Matthew Holt
This PR enables the use of placeholders in an upstream's Dial address. A Dial address must represent precisely one socket after replacements. See also #998 and #1639.
2019-10-10reverse_proxy: Customize SNI value in upstream request (closes #2483)Matthew Holt
2019-10-10go.mod: Update dependenciesMatthew Holt
2019-10-10Miscellaneous cleanups / commentsMatthew Holt
2019-10-10caddyhttp: Make responseRecorder capable of counting body sizeMatthew Holt
2019-10-10Remove unused/placeholder log handlerMatthew Holt
2019-10-10http: authentication module; hash-password cmd; http_basic providerMatthew Holt
This implements HTTP basicauth into Caddy 2. The basic auth module will not work with passwords that are not securely hashed, so a subcommand hash-password was added to make it convenient to produce those hashes. Also included is Caddyfile support. Closes #2747.
2019-10-10caddyhttp: Add RemoteAddr placeholders (#2801)Pascal
* Ignore build artifacts * Add RemoteAddr placeholders
2019-10-10http: Add Starlark handlerMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to #2786. The Starlark integration needs to be updated since this was made before some significant changes in the v2 code base. When functional, it makes it possible to have very dynamic HTTP handlers. This will be a long-term ongoing project. Credit to Danny Navarro
2019-10-09tls: Add custom certificate selection policyMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. Custom certificate selection policies allow advanced control over which cert is selected when multiple qualify to satisfy a TLS handshake.
2019-10-09tls: Add distributed_stek moduleMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. TLS session ticket keys are sensitive, so they should be rotated on a regular basis. Only Caddy does this by default. However, a cluster of servers that rotate keys without synchronization will lose the benefits of having sessions in the first place if the client is routed to a different backend. This module coordinates STEK rotation in a fleet so the same keys are used, and rotated, across the whole cluster. No other server does this, but Twitter wrote about how they hacked together a solution a few years ago: https://blog.twitter.com/engineering/en_us/a/2013/forward-secrecy-at-twitter.html
2019-10-09tls: Add pem_loader moduleMatthew Holt
This migrates a feature that was previously reserved for enterprise users, according to https://github.com/caddyserver/caddy/issues/2786. The PEM loader allows you to embed PEM files (certificates and keys) directly into your config, rather than requiring them to be stored on potentially insecure storage, which adds attack vectors. This is useful in automated settings where sensitive key material is stored only in memory. Note that if the config is persisted to disk, that added benefit may go away, but there will still be the benefit of having lesser dependence on external files.