summaryrefslogtreecommitdiff
path: root/modules
AgeCommit message (Collapse)Author
2023-02-24cmd: Expand cobra support, add short flags (#5379)Francis Lavoie
* cmd: Expand cobra support * Convert commands to cobra, add short flags * Fix version command typo Co-authored-by: Emily Lange <git@indeednotjames.com> * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> --------- Co-authored-by: Emily Lange <git@indeednotjames.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-24reverseproxy: refactor HTTP transport layer (#5369)Mohammed Al Sahaf
Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Weidi Deng <weidi_deng@icloud.com>
2023-02-22caddytls: Relax the warning for on-demand (#5384)Francis Lavoie
2023-02-16cmd: Adjust documentation for commands (#5377)Francis Lavoie
2023-02-11reverseproxy: Don't buffer chunked requests (fix #5366) (#5367)Matt Holt
* reverseproxy: Don't buffer chunked requests (fix #5366) Mostly reverts 845bc4d50b437995d574819850206e4b3db4040d (#5289) Adds warning for unsafe config. Deprecates unsafe properties in favor of simpler, safer designed ones. * Update modules/caddyhttp/reverseproxy/caddyfile.go Co-authored-by: Y.Horie <u5.horie@gmail.com> * Update modules/caddyhttp/reverseproxy/reverseproxy.go Co-authored-by: Y.Horie <u5.horie@gmail.com> * Update modules/caddyhttp/reverseproxy/reverseproxy.go Co-authored-by: Y.Horie <u5.horie@gmail.com> * Remove unused code --------- Co-authored-by: Y.Horie <u5.horie@gmail.com>
2023-02-08go.mod: Upgrade various dependencies (#5362)Francis Lavoie
* chore: Upgrade various dependencies * Support CEL file matcher with no args * Document `http.request.orig_uri.path.*`, reorder placeholders in docs --------- Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-08core: Support Windows absolute paths for UDS proxy upstreams (#5114)Steffen Brüheim
* added some tests for parseUpstreamDialAddress Test 4 fails because it produces "[[::1]]:80" instead of "[::1]:80" * support absolute windows path in unix reverse proxy address * make IsUnixNetwork public, support +h2c and reuse it * add new tests
2023-02-06reverseproxy: Log status code and byte count for websockets (#5140)WeidiDeng
* log response size for websocket request * record size when using hijack bufio.Writer
2023-02-06caddyhttp: Pluggable trusted proxy IP range sources (#5328)Francis Lavoie
* caddyhttp: Pluggable trusted proxy IP range sources * Add request to the IPRangeSource interface
2023-02-06caddyauth: Use singleflight for basic auth (#5344)Y.Horie
* caddyauth: Add singleflight for basic auth * Fixes #5338 * it occurred the thunder herd problem like this https://medium.com/@mhrlife/avoid-duplicate-requests-while-filling-cache-98c687879f59 * Update modules/caddyhttp/caddyauth/basicauth.go Fix comment Co-authored-by: Francis Lavoie <lavofr@gmail.com> --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-06chore: Build with Go 1.20, keep minimum at 1.18 for now (#5353)Francis Lavoie
2023-01-31chore: Fix warning "range variable captured by func literal" (#5348)Francis Lavoie
2023-01-30caddytls: Debug log for ask endpointMatthew Holt
2023-01-25reverseproxy: Add flag to short command to disable redirects (#5330)Y.Horie
Co-authored-by: Francis Lavoie <lavofr@gmail.com> Fixes undefined
2023-01-25tracing: Support placeholders in span name (#5329)David Frickert
Fixes https://github.com/caddyserver/caddy/issues/5171
2023-01-10caddyhttp: Add server-level `trusted_proxies` config (#5103)Francis Lavoie
2023-01-09reverseproxy: Fix hanging for Transfer-Encoding: chunked (#5289)Y.Horie
* Fixes #5236 * enable request body buffering in reverse proxy when the request header has Transfer-Encoding: chunked
2023-01-06reverseproxy: Don't enable auto-https when `--from` flag is http (#5269)Emily Lange
2023-01-06reverseproxy: Set origreq in active health check (#5284)Matt Holt
* reverseproxy: Set origreq in active health check Fix #5281 * Oops; dereference Request
2023-01-06caddytls: Add `dns_ttl` config, improve Caddyfile `tls` options (#5287)Yannick Ihmels
2023-01-04fileserver: Add a couple test casesMatthew Holt
With placeholders
2022-12-20encode: Respect Cache-Control no-transform (#5257)darkweak
* encode: respect Cache-Control HTTP header no-transform * encode: switch to strings.Contains
2022-12-08go.mod: Update quic-go to v0.31.0Matthew Holt
And fix a comment typo
2022-12-06acme_server: Configurable default lifetime for issued certificates (#5232)Kyle McCullough
* acme_server: add certificate lifetime configuration option Signed-off-by: Kyle McCullough <kylemcc@gmail.com> * pki: allow intermediate cert lifetime to be configured Signed-off-by: Kyle McCullough <kylemcc@gmail.com> Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
2022-12-05reverseproxy: Improve hostByHashing distribution (#5229)Alban Lecocq
* If upstreams are all using same host but with different ports ie: foobar:4001 foobar:4002 foobar:4003 ... Because fnv-1a has not a good enough avalanche effect Then the hostByHashing result is not well balanced over all upstreams As last byte FNV input tend to affect few bits, the idea is to change the concatenation order between the key and the upstream strings So the upstream last byte have more impact on hash diffusion
2022-11-30Clarify some docsMatthew Holt
2022-11-23caddypki: Use go.step.sm/crypto to generate the PKI (#5217)Mariano Cano
This commit replaces the use of github.com/smallstep/cli to generate the root and intermediate certificates and uses go.step.sm/crypto instead. It also upgrades the version of github.com/smallstep/certificates to the latest version.
2022-11-14reverseproxy: Mask the WS close message when we're the client (#5199)Francis Lavoie
* reverseproxy: Mask the WS close message when we're the client * weakrand * Bump golangci-lint version so path ignores work on Windows * gofmt * ugh, gofmt everything, I guess
2022-11-08caddypki: Prefer user-configured root instead of generating new one (#5189)Jonathan Garcia
instead of generating a new root certificate at the default location load the certificate from the configuration. fixes: #5181
2022-10-29caddyhttp: Canonicalize header field names (#5176)Alexander Graf
2022-10-24caddyhttp: add placeholder {http.request.orig_uri.path.*} (#5161)XYenon
2022-10-24fileserver: Reject non-GET/HEAD requests (close #5166) (#5167)Matt Holt
* fileserver: Reject non-GET/HEAD requests (close #5166) * Set Allow header according to RFC 9110 10.2.1
2022-10-18fileserver: Reject ADS and short name paths; trim trailing dots and spaces ↵Matt Holt
on Windows (#5148) * fileserver: Reject ADS and short name paths * caddyhttp: Trim trailing space and dot on Windows Windows ignores trailing dots and spaces in filenames. * Fix test * Adjust path filters * Revert Windows test * Actually revert the test * Just check for colons
2022-10-18map: Clarified how destination values should be formatted (#5156)Scott Mebberson
2022-10-16docs: Fix templates documentation, stray newline breaks godoc (#5149)Francis Lavoie
2022-10-13httpcaddyfile: Improve detection of indistinguishable TLS automation ↵Matt Holt
policies (#5120) * httpcaddyfile: Skip some logic if auto_https off * Try removing this check altogether... * Refine test timeouts slightly, sigh * caddyhttp: Assume udp for unrecognized network type Seems like the reasonable thing to do if a plugin registers its own network type. * Add comment to document my lack of knowledge * Clean up and prepare to merge Add comments to try to explain what happened
2022-10-12httpcaddyfile: Wrap site block in subroute if host matcher used (#5130)Matt Holt
* httpcaddyfile: Wrap site block in subroute if host matcher used (fix #5124) * Correct boolean logic (oops)
2022-10-08fileserver: stop listing dir when request context is cancelled (#5131)Abdussamet Koçak
Prevents caddy from performing disk IO needlessly when the request is cancelled before the listing is finished. Closes #5129
2022-10-05logging: Fix `skip_hosts` with wildcards (#5102)Francis Lavoie
Fix #4859
2022-10-05caddytest: Revise sleep durationsMatthew Holt
Attempt to reduce flakiness a bit more Test suite needs to be rewritten.
2022-10-05forwardauth: Canonicalize header fields (fix #5038) (#5097)Matt Holt
2022-10-04logging: Perform filtering on arrays of strings (where possible) (#5101)Francis Lavoie
* logging: Perform filtering on arrays of strings (where possible) * Add test for ip_mask filter * Oops, need to continue when it's not an IP * Test for invalid IPs
2022-10-05logging: Add `time_local` option to use local time instead of UTC (#5108)Francis Lavoie
2022-10-04fileserver: Treat invalid file path as NotFound (#5099)xufanglu
treat invalid file path as notFound so that PassThru can work
2022-10-04logging: Better `console` encoder defaults (#5109)Francis Lavoie
This is something that has bothered me for a while, so I figured I'd do something about it now since I'm playing in the logging code lately. The `console` encoder doesn't actually match the defaults that zap's default logger uses. This makes it match better with the rest of the logs when using the `console` encoder alongside somekind of filter, which requires you to configure an encoder to wrap.
2022-10-01fileserver: better dark mode visited link contrast (#5105)iliana etaoin
PR #4066 added a dark color scheme to the file_server browse template. PR #4356 later set the links for the `:visited` pseudo-class, but did not set anything for the dark mode, resulting in poor contrast. I selected some new colors by feel. This commit also adds an `a:visited:hover` for both, to go along with the normal blue hover colors.
2022-09-30caddyhttp: Remote IP prefix placeholdersMatthew Holt
See https://github.com/mholt/caddy-ratelimit/issues/12
2022-09-29map: Remove infinite recursion check (#5094)Matt Holt
It was not accurate. Placeholders could be used in outputs that are defined in the same mapping as long as that placeholder does not do the same. A more general solution would be to detect it at run-time in the replacer directly, but that's a bit tedious and will require allocations I think. A better implementation of this check could still be done, but I don't know if it would always be accurate. Could be a "best-effort" thing? But I've also never heard of an actual case where someone configured infinite recursion...
2022-09-29Fix commentMatthew Holt
I apparently read the diff backwards in 2a8c458ffedf886af9542541ea1b1de62370929d
2022-09-29reverseproxy: Parse humanized byte size (fix #5095)Matthew Holt