From 3cfefeb0f71d54f1d9a76a63be7b97d0943c88ef Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Mon, 23 Nov 2020 14:46:50 -0500 Subject: httpcaddyfile: Configure servers via global options (#3836) * httpcaddyfile: First pass at implementing server options * httpcaddyfile: Add listener wrapper support * httpcaddyfile: Sort sbaddrs to make adapt output more deterministic * httpcaddyfile: Add server options adapt tests * httpcaddyfile: Windows line endings lol * caddytest: More windows line endings lol (sorry Matt) * Update caddyconfig/httpcaddyfile/serveroptions.go Co-authored-by: Matt Holt * httpcaddyfile: Reword listener address "matcher" * Apply suggestions from code review Co-authored-by: Matt Holt * httpcaddyfile: Deprecate experimental_http3 option (moved to servers) * httpcaddyfile: Remove validation step, no longer needed Co-authored-by: Matt Holt --- .../global_server_options_multi.txt | 83 +++++++ .../global_server_options_single.txt | 62 +++++ .../integration/caddyfile_adapt/handle_path.txt | 102 ++++---- .../caddyfile_adapt/handle_path_sorting.txt | 208 ++++++++-------- .../caddyfile_adapt/import_args_file.txt | 96 ++++---- .../caddyfile_adapt/import_args_snippet.txt | 164 ++++++------- .../integration/caddyfile_adapt/log_filters.txt | 136 +++++------ .../caddyfile_adapt/php_fastcgi_expanded_form.txt | 262 ++++++++++----------- .../caddyfile_adapt/php_fastcgi_matcher.txt | 222 ++++++++--------- .../sort_directives_with_any_matcher_first.txt | 100 ++++---- 10 files changed, 790 insertions(+), 645 deletions(-) create mode 100644 caddytest/integration/caddyfile_adapt/global_server_options_multi.txt create mode 100644 caddytest/integration/caddyfile_adapt/global_server_options_single.txt (limited to 'caddytest') diff --git a/caddytest/integration/caddyfile_adapt/global_server_options_multi.txt b/caddytest/integration/caddyfile_adapt/global_server_options_multi.txt new file mode 100644 index 0000000..653eee5 --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/global_server_options_multi.txt @@ -0,0 +1,83 @@ +{ + servers { + timeouts { + idle 90s + } + } + servers :80 { + timeouts { + idle 60s + } + } + servers :443 { + timeouts { + idle 30s + } + } +} + +foo.com { +} + +http://bar.com { +} + +:8080 { +} + +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "idle_timeout": 30000000000, + "routes": [ + { + "match": [ + { + "host": [ + "foo.com" + ] + } + ], + "terminal": true + } + ] + }, + "srv1": { + "listen": [ + ":80" + ], + "idle_timeout": 60000000000, + "routes": [ + { + "match": [ + { + "host": [ + "bar.com" + ] + } + ], + "terminal": true + } + ], + "automatic_https": { + "skip": [ + "bar.com" + ] + } + }, + "srv2": { + "listen": [ + ":8080" + ], + "idle_timeout": 90000000000 + } + } + } + } +} diff --git a/caddytest/integration/caddyfile_adapt/global_server_options_single.txt b/caddytest/integration/caddyfile_adapt/global_server_options_single.txt new file mode 100644 index 0000000..5a5c64c --- /dev/null +++ b/caddytest/integration/caddyfile_adapt/global_server_options_single.txt @@ -0,0 +1,62 @@ +{ + servers { + listener_wrappers { + tls + } + timeouts { + read_body 30s + read_header 30s + write 30s + idle 30s + } + max_header_size 100MB + protocol { + allow_h2c + experimental_http3 + strict_sni_host + } + } +} + +foo.com { +} + +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "listener_wrappers": [ + { + "wrapper": "tls" + } + ], + "read_timeout": 30000000000, + "read_header_timeout": 30000000000, + "write_timeout": 30000000000, + "idle_timeout": 30000000000, + "max_header_bytes": 100000000, + "routes": [ + { + "match": [ + { + "host": [ + "foo.com" + ] + } + ], + "terminal": true + } + ], + "strict_sni_host": true, + "experimental_http3": true, + "allow_h2c": true + } + } + } + } +} \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/handle_path.txt b/caddytest/integration/caddyfile_adapt/handle_path.txt index 7f40fcf..f881743 100644 --- a/caddytest/integration/caddyfile_adapt/handle_path.txt +++ b/caddytest/integration/caddyfile_adapt/handle_path.txt @@ -1,52 +1,52 @@ -:80 -handle_path /api/v1/* { - respond "API v1" -} ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":80" - ], - "routes": [ - { - "match": [ - { - "path": [ - "/api/v1/*" - ] - } - ], - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "handler": "rewrite", - "strip_path_prefix": "/api/v1" - } - ] - }, - { - "handle": [ - { - "body": "API v1", - "handler": "static_response" - } - ] - } - ] - } - ] - } - ] - } - } - } - } +:80 +handle_path /api/v1/* { + respond "API v1" +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":80" + ], + "routes": [ + { + "match": [ + { + "path": [ + "/api/v1/*" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "rewrite", + "strip_path_prefix": "/api/v1" + } + ] + }, + { + "handle": [ + { + "body": "API v1", + "handler": "static_response" + } + ] + } + ] + } + ] + } + ] + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/handle_path_sorting.txt b/caddytest/integration/caddyfile_adapt/handle_path_sorting.txt index 3258dc9..0a89f2a 100644 --- a/caddytest/integration/caddyfile_adapt/handle_path_sorting.txt +++ b/caddytest/integration/caddyfile_adapt/handle_path_sorting.txt @@ -1,105 +1,105 @@ -:80 { - handle /api/* { - respond "api" - } - - handle_path /static/* { - respond "static" - } - - handle { - respond "handle" - } -} ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":80" - ], - "routes": [ - { - "group": "group3", - "match": [ - { - "path": [ - "/static/*" - ] - } - ], - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "handler": "rewrite", - "strip_path_prefix": "/static" - } - ] - }, - { - "handle": [ - { - "body": "static", - "handler": "static_response" - } - ] - } - ] - } - ] - }, - { - "group": "group3", - "match": [ - { - "path": [ - "/api/*" - ] - } - ], - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "body": "api", - "handler": "static_response" - } - ] - } - ] - } - ] - }, - { - "group": "group3", - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "body": "handle", - "handler": "static_response" - } - ] - } - ] - } - ] - } - ] - } - } - } - } +:80 { + handle /api/* { + respond "api" + } + + handle_path /static/* { + respond "static" + } + + handle { + respond "handle" + } +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":80" + ], + "routes": [ + { + "group": "group3", + "match": [ + { + "path": [ + "/static/*" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "rewrite", + "strip_path_prefix": "/static" + } + ] + }, + { + "handle": [ + { + "body": "static", + "handler": "static_response" + } + ] + } + ] + } + ] + }, + { + "group": "group3", + "match": [ + { + "path": [ + "/api/*" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "body": "api", + "handler": "static_response" + } + ] + } + ] + } + ] + }, + { + "group": "group3", + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "body": "handle", + "handler": "static_response" + } + ] + } + ] + } + ] + } + ] + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/import_args_file.txt b/caddytest/integration/caddyfile_adapt/import_args_file.txt index 6947f68..1eb78f1 100644 --- a/caddytest/integration/caddyfile_adapt/import_args_file.txt +++ b/caddytest/integration/caddyfile_adapt/import_args_file.txt @@ -1,49 +1,49 @@ -example.com - -import testdata/import_respond.txt Groot Rocket -import testdata/import_respond.txt you "the confused man" ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":443" - ], - "routes": [ - { - "match": [ - { - "host": [ - "example.com" - ] - } - ], - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "body": "'I am Groot', hears Rocket", - "handler": "static_response" - }, - { - "body": "'I am you', hears the confused man", - "handler": "static_response" - } - ] - } - ] - } - ], - "terminal": true - } - ] - } - } - } - } +example.com + +import testdata/import_respond.txt Groot Rocket +import testdata/import_respond.txt you "the confused man" +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "routes": [ + { + "match": [ + { + "host": [ + "example.com" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "body": "'I am Groot', hears Rocket", + "handler": "static_response" + }, + { + "body": "'I am you', hears the confused man", + "handler": "static_response" + } + ] + } + ] + } + ], + "terminal": true + } + ] + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/import_args_snippet.txt b/caddytest/integration/caddyfile_adapt/import_args_snippet.txt index 8d2ff34..9fce9ab 100644 --- a/caddytest/integration/caddyfile_adapt/import_args_snippet.txt +++ b/caddytest/integration/caddyfile_adapt/import_args_snippet.txt @@ -1,83 +1,83 @@ -(logging) { - log { - output file /var/log/caddy/{args.0}.access.log - } -} - -a.example.com { - import logging a.example.com -} - -b.example.com { - import logging b.example.com -} ----------- -{ - "logging": { - "logs": { - "default": { - "exclude": [ - "http.log.access.log0", - "http.log.access.log1" - ] - }, - "log0": { - "writer": { - "filename": "/var/log/caddy/a.example.com.access.log", - "output": "file" - }, - "include": [ - "http.log.access.log0" - ] - }, - "log1": { - "writer": { - "filename": "/var/log/caddy/b.example.com.access.log", - "output": "file" - }, - "include": [ - "http.log.access.log1" - ] - } - } - }, - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":443" - ], - "routes": [ - { - "match": [ - { - "host": [ - "a.example.com" - ] - } - ], - "terminal": true - }, - { - "match": [ - { - "host": [ - "b.example.com" - ] - } - ], - "terminal": true - } - ], - "logs": { - "logger_names": { - "a.example.com": "log0", - "b.example.com": "log1" - } - } - } - } - } - } +(logging) { + log { + output file /var/log/caddy/{args.0}.access.log + } +} + +a.example.com { + import logging a.example.com +} + +b.example.com { + import logging b.example.com +} +---------- +{ + "logging": { + "logs": { + "default": { + "exclude": [ + "http.log.access.log0", + "http.log.access.log1" + ] + }, + "log0": { + "writer": { + "filename": "/var/log/caddy/a.example.com.access.log", + "output": "file" + }, + "include": [ + "http.log.access.log0" + ] + }, + "log1": { + "writer": { + "filename": "/var/log/caddy/b.example.com.access.log", + "output": "file" + }, + "include": [ + "http.log.access.log1" + ] + } + } + }, + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":443" + ], + "routes": [ + { + "match": [ + { + "host": [ + "a.example.com" + ] + } + ], + "terminal": true + }, + { + "match": [ + { + "host": [ + "b.example.com" + ] + } + ], + "terminal": true + } + ], + "logs": { + "logger_names": { + "a.example.com": "log0", + "b.example.com": "log1" + } + } + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/log_filters.txt b/caddytest/integration/caddyfile_adapt/log_filters.txt index 549f4e6..ab11807 100644 --- a/caddytest/integration/caddyfile_adapt/log_filters.txt +++ b/caddytest/integration/caddyfile_adapt/log_filters.txt @@ -1,69 +1,69 @@ -:80 - -log { - output stdout - format filter { - wrap console - fields { - request>headers>Authorization delete - request>headers>Server delete - request>remote_addr ip_mask { - ipv4 24 - ipv6 32 - } - } - } -} ----------- -{ - "logging": { - "logs": { - "default": { - "exclude": [ - "http.log.access.log0" - ] - }, - "log0": { - "writer": { - "output": "stdout" - }, - "encoder": { - "fields": { - "request\u003eheaders\u003eAuthorization": { - "filter": "delete" - }, - "request\u003eheaders\u003eServer": { - "filter": "delete" - }, - "request\u003eremote_addr": { - "filter": "ip_mask", - "ipv4_cidr": 24, - "ipv6_cidr": 32 - } - }, - "format": "filter", - "wrap": { - "format": "console" - } - }, - "include": [ - "http.log.access.log0" - ] - } - } - }, - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":80" - ], - "logs": { - "default_logger_name": "log0" - } - } - } - } - } +:80 + +log { + output stdout + format filter { + wrap console + fields { + request>headers>Authorization delete + request>headers>Server delete + request>remote_addr ip_mask { + ipv4 24 + ipv6 32 + } + } + } +} +---------- +{ + "logging": { + "logs": { + "default": { + "exclude": [ + "http.log.access.log0" + ] + }, + "log0": { + "writer": { + "output": "stdout" + }, + "encoder": { + "fields": { + "request\u003eheaders\u003eAuthorization": { + "filter": "delete" + }, + "request\u003eheaders\u003eServer": { + "filter": "delete" + }, + "request\u003eremote_addr": { + "filter": "ip_mask", + "ipv4_cidr": 24, + "ipv6_cidr": 32 + } + }, + "format": "filter", + "wrap": { + "format": "console" + } + }, + "include": [ + "http.log.access.log0" + ] + } + } + }, + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":80" + ], + "logs": { + "default_logger_name": "log0" + } + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/php_fastcgi_expanded_form.txt b/caddytest/integration/caddyfile_adapt/php_fastcgi_expanded_form.txt index d453128..bb7c7f7 100644 --- a/caddytest/integration/caddyfile_adapt/php_fastcgi_expanded_form.txt +++ b/caddytest/integration/caddyfile_adapt/php_fastcgi_expanded_form.txt @@ -1,132 +1,132 @@ -:8886 - -route { - # Add trailing slash for directory requests - @canonicalPath { - file { - try_files {path}/index.php - } - not path */ - } - redir @canonicalPath {path}/ 308 - - # If the requested file does not exist, try index files - @indexFiles { - file { - try_files {path} {path}/index.php index.php - split_path .php - } - } - rewrite @indexFiles {http.matchers.file.relative} - - # Proxy PHP files to the FastCGI responder - @phpFiles { - path *.php - } - reverse_proxy @phpFiles 127.0.0.1:9000 { - transport fastcgi { - split .php - } - } -} ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":8886" - ], - "routes": [ - { - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "handler": "static_response", - "headers": { - "Location": [ - "{http.request.uri.path}/" - ] - }, - "status_code": 308 - } - ], - "match": [ - { - "file": { - "try_files": [ - "{http.request.uri.path}/index.php" - ] - }, - "not": [ - { - "path": [ - "*/" - ] - } - ] - } - ] - }, - { - "handle": [ - { - "handler": "rewrite", - "uri": "{http.matchers.file.relative}" - } - ], - "match": [ - { - "file": { - "split_path": [ - ".php" - ], - "try_files": [ - "{http.request.uri.path}", - "{http.request.uri.path}/index.php", - "index.php" - ] - } - } - ] - }, - { - "handle": [ - { - "handler": "reverse_proxy", - "transport": { - "protocol": "fastcgi", - "split_path": [ - ".php" - ] - }, - "upstreams": [ - { - "dial": "127.0.0.1:9000" - } - ] - } - ], - "match": [ - { - "path": [ - "*.php" - ] - } - ] - } - ] - } - ] - } - ] - } - } - } - } +:8886 + +route { + # Add trailing slash for directory requests + @canonicalPath { + file { + try_files {path}/index.php + } + not path */ + } + redir @canonicalPath {path}/ 308 + + # If the requested file does not exist, try index files + @indexFiles { + file { + try_files {path} {path}/index.php index.php + split_path .php + } + } + rewrite @indexFiles {http.matchers.file.relative} + + # Proxy PHP files to the FastCGI responder + @phpFiles { + path *.php + } + reverse_proxy @phpFiles 127.0.0.1:9000 { + transport fastcgi { + split .php + } + } +} +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":8886" + ], + "routes": [ + { + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "static_response", + "headers": { + "Location": [ + "{http.request.uri.path}/" + ] + }, + "status_code": 308 + } + ], + "match": [ + { + "file": { + "try_files": [ + "{http.request.uri.path}/index.php" + ] + }, + "not": [ + { + "path": [ + "*/" + ] + } + ] + } + ] + }, + { + "handle": [ + { + "handler": "rewrite", + "uri": "{http.matchers.file.relative}" + } + ], + "match": [ + { + "file": { + "split_path": [ + ".php" + ], + "try_files": [ + "{http.request.uri.path}", + "{http.request.uri.path}/index.php", + "index.php" + ] + } + } + ] + }, + { + "handle": [ + { + "handler": "reverse_proxy", + "transport": { + "protocol": "fastcgi", + "split_path": [ + ".php" + ] + }, + "upstreams": [ + { + "dial": "127.0.0.1:9000" + } + ] + } + ], + "match": [ + { + "path": [ + "*.php" + ] + } + ] + } + ] + } + ] + } + ] + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/php_fastcgi_matcher.txt b/caddytest/integration/caddyfile_adapt/php_fastcgi_matcher.txt index 2f4e6fe..488c525 100644 --- a/caddytest/integration/caddyfile_adapt/php_fastcgi_matcher.txt +++ b/caddytest/integration/caddyfile_adapt/php_fastcgi_matcher.txt @@ -1,112 +1,112 @@ -:8884 - -@api host example.com -php_fastcgi @api localhost:9000 ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":8884" - ], - "routes": [ - { - "match": [ - { - "host": [ - "example.com" - ] - } - ], - "handle": [ - { - "handler": "subroute", - "routes": [ - { - "handle": [ - { - "handler": "static_response", - "headers": { - "Location": [ - "{http.request.uri.path}/" - ] - }, - "status_code": 308 - } - ], - "match": [ - { - "file": { - "try_files": [ - "{http.request.uri.path}/index.php" - ] - }, - "not": [ - { - "path": [ - "*/" - ] - } - ] - } - ] - }, - { - "handle": [ - { - "handler": "rewrite", - "uri": "{http.matchers.file.relative}" - } - ], - "match": [ - { - "file": { - "split_path": [ - ".php" - ], - "try_files": [ - "{http.request.uri.path}", - "{http.request.uri.path}/index.php", - "index.php" - ] - } - } - ] - }, - { - "handle": [ - { - "handler": "reverse_proxy", - "transport": { - "protocol": "fastcgi", - "split_path": [ - ".php" - ] - }, - "upstreams": [ - { - "dial": "localhost:9000" - } - ] - } - ], - "match": [ - { - "path": [ - "*.php" - ] - } - ] - } - ] - } - ] - } - ] - } - } - } - } +:8884 + +@api host example.com +php_fastcgi @api localhost:9000 +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":8884" + ], + "routes": [ + { + "match": [ + { + "host": [ + "example.com" + ] + } + ], + "handle": [ + { + "handler": "subroute", + "routes": [ + { + "handle": [ + { + "handler": "static_response", + "headers": { + "Location": [ + "{http.request.uri.path}/" + ] + }, + "status_code": 308 + } + ], + "match": [ + { + "file": { + "try_files": [ + "{http.request.uri.path}/index.php" + ] + }, + "not": [ + { + "path": [ + "*/" + ] + } + ] + } + ] + }, + { + "handle": [ + { + "handler": "rewrite", + "uri": "{http.matchers.file.relative}" + } + ], + "match": [ + { + "file": { + "split_path": [ + ".php" + ], + "try_files": [ + "{http.request.uri.path}", + "{http.request.uri.path}/index.php", + "index.php" + ] + } + } + ] + }, + { + "handle": [ + { + "handler": "reverse_proxy", + "transport": { + "protocol": "fastcgi", + "split_path": [ + ".php" + ] + }, + "upstreams": [ + { + "dial": "localhost:9000" + } + ] + } + ], + "match": [ + { + "path": [ + "*.php" + ] + } + ] + } + ] + } + ] + } + ] + } + } + } + } } \ No newline at end of file diff --git a/caddytest/integration/caddyfile_adapt/sort_directives_with_any_matcher_first.txt b/caddytest/integration/caddyfile_adapt/sort_directives_with_any_matcher_first.txt index 6203a89..3859a7e 100644 --- a/caddytest/integration/caddyfile_adapt/sort_directives_with_any_matcher_first.txt +++ b/caddytest/integration/caddyfile_adapt/sort_directives_with_any_matcher_first.txt @@ -1,51 +1,51 @@ -:80 - -respond 200 - -@untrusted not remote_ip 10.1.1.0/24 -respond @untrusted 401 ----------- -{ - "apps": { - "http": { - "servers": { - "srv0": { - "listen": [ - ":80" - ], - "routes": [ - { - "match": [ - { - "not": [ - { - "remote_ip": { - "ranges": [ - "10.1.1.0/24" - ] - } - } - ] - } - ], - "handle": [ - { - "handler": "static_response", - "status_code": 401 - } - ] - }, - { - "handle": [ - { - "handler": "static_response", - "status_code": 200 - } - ] - } - ] - } - } - } - } +:80 + +respond 200 + +@untrusted not remote_ip 10.1.1.0/24 +respond @untrusted 401 +---------- +{ + "apps": { + "http": { + "servers": { + "srv0": { + "listen": [ + ":80" + ], + "routes": [ + { + "match": [ + { + "not": [ + { + "remote_ip": { + "ranges": [ + "10.1.1.0/24" + ] + } + } + ] + } + ], + "handle": [ + { + "handler": "static_response", + "status_code": 401 + } + ] + }, + { + "handle": [ + { + "handler": "static_response", + "status_code": 200 + } + ] + } + ] + } + } + } + } } \ No newline at end of file -- cgit v1.2.3