1
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-16 21:56:40 -05:00
Commit graph

2151 commits

Author SHA1 Message Date
Francis Lavoie
2d9a7c48cb
httpcaddyfile: Implement force_automate 2024-11-27 03:01:44 -05:00
Matthew Holt
22b9d51268
go.mod: Upgrade quic-go to 0.48.2 2024-11-26 10:47:55 -07:00
Mohammed Al Sahaf
1d106fa14d
metrics: add go and process collectors (#6704)
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-11-23 02:38:59 +03:00
Rishita Shaw
8c3dd3de70
requestbody: Type-based error handling for MaxBytesError (#6701)
* fix: handle "request body too large" error using type assertion

* fix: address overlooked nil check for MaxBytesError

* fix: replace type assertion with errors.As() for MaxBytesError
2024-11-22 19:45:58 +00:00
Kévin Dunglas
eddbccd298
fastcgi: remove dir redirection when useless in php_fastcgi (#6698)
* perf: remove dir redirection when useless in php_fastcgi

* fix test

* review

* fix

* fix

* simplify

* simplify again

* restore test

* add test
2024-11-21 10:38:31 -07:00
Matthew Holt
197c564f20
caddyhttp: Set default ReadHeaderTimeout (1 min)
Ref. #6663
2024-11-19 11:24:12 -07:00
santhoshkumar
b3ce260389
cmd: ignore missing keys during storage export (#6697) 2024-11-18 14:40:51 +00:00
WeidiDeng
6028ff27fa
chore: make FastAbs comment more easy to understand (#6692) 2024-11-14 20:49:42 -07:00
Francis Lavoie
37f0c4bfae
chore: Add provides to .deb releases (#6691)
Fixes https://github.com/caddyserver/dist/issues/91
2024-11-14 14:15:02 -07:00
Francis Lavoie
315715e90f
core: Implement FastAbs to avoid repeated os.Getwd calls (#6687)
* core: Implement FastAbs to avoid repeated os.Getwd calls

* Lint

* Rename files
2024-11-13 03:55:51 -05:00
Matthew Holt
238f1108e6
reverseproxy: Revert #4952 - don't ignore context cancellation in stream mode
i.e. Revert commit f5dce84a70

Two years ago, the patch in #4952 was a seemingly necessary way to fix an issue (sort of an edge case), but it broke other more common use cases (see #6666).

Now, as of #6669, it seems like the original issue can no longer be replicated, so we are reverting that patch, because it was incorrect anyway.

If it turns out the original issue returns, a more proper patch may be in #6669 (even if used as a baseline for a future fix). A potential future fix could be an opt-in setting.
2024-11-12 13:43:34 -07:00
Nikolai K
b183aec83c
httpcaddyfile: Implement log sampling config (#6682)
* Allow log sampling configuration from Caddyfile

* Add log sampling adapt tests
2024-11-11 16:42:50 -07:00
Sucipto
825fe48e06
reverseproxy: Allow 0 as weights for weighted_round_robin (#6681)
* Allow 0 as weights

Change positive to non-negative

* reverseproxy: allow 0 as weighted round robin value

* test: add more wrr select test

---------

Co-authored-by: peanutduck <peanutduck@yahoo.com>
2024-11-07 17:58:31 -05:00
Mohammed Al Sahaf
b285763969
ci: use commit sha in goreleaser-check (#6677)
* ci: use commit sha in goreleaser-check

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* fix output assignment

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* run only on non-fork or caddyserver repo, and use branch name

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-11-05 16:07:25 -05:00
Matthew Holt
da88ec152c go.mod: Update certmagic 2024-11-05 11:03:54 -07:00
Francis Lavoie
5c8dc34418
caddytls: Allow disabling storage cleaning, avoids writing two files (#6593) 2024-11-05 10:47:41 -07:00
Francis Lavoie
5823eccf99
rewrite: Don't add / in Caddyfile, do it after replacer (#6662) 2024-11-05 10:15:31 -07:00
Atakan Yenel
cc23ad6402
fileserver: Add file_limit option for browse (to be experimental) (#6648)
* Add file_limit option for file_server browse

* Move file_limit inside browse.

* add file_server_file_limit caddyfile adapt test.
2024-11-05 09:35:32 -07:00
Mohammed Al Sahaf
91e34139a1
go.mod: upgrade only some otel deps (#6676)
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-11-04 19:10:05 -05:00
Francis Lavoie
09b2cbcf4d
caddyhttp: Add MatchWithError to replace SetVar hack (#6596)
* caddyhttp: Add `MatchWithError` to replace SetVar hack

* Error in IP matchers on TLS handshake not complete

* Use MatchWithError everywhere possible

* Move implementations to MatchWithError versions

* Looser interface checking to allow fallback

* CEL factories can return RequestMatcherWithError

* Clarifying comment since it's subtle that an err is returned

* Return 425 Too Early status in IP matchers

* Keep AnyMatch signature the same for now

* Apparently Deprecated can't be all-uppercase to get IDE linting

* Linter
2024-11-04 23:18:50 +00:00
Matthew Holt
a3481f871b Fix tests 2024-11-04 16:04:10 -07:00
Francis Lavoie
05cfb121ec
forwardauth: Skip copying missing response headers (#6608) 2024-11-04 14:58:53 -07:00
Matthew Holt
00f948c605
go.mod: Update dependencies 2024-11-04 14:53:10 -07:00
Andreas Kohn
1d156527ea
events: Use WithLazy to prevent eager serialization of the event data (#6671) 2024-11-01 11:28:50 -06:00
Matthew Holt
350ad38f63
fileserver: Fix Caddyfile parsing
Reported at https://github.com/mholt/caddy-sqlite-fs/issues/3
2024-10-31 10:37:37 -06:00
Francis Lavoie
b129ed6be8
httpcaddyfile: Fixes for prefer_wildcard mode (#6636)
* httpcaddyfile: Fixes for prefer_wildcard mode

The wildcard hosts need to be collected first, then considered after, because there's no guarantee that all non-wildcards will appear after all wildcards when looping. Also we should not add a domain to Skip if it doesn't qualify for TLS anyway.

* Alternate solution by avoiding adding APs altogether if covered by wildcard
2024-10-30 17:09:12 +00:00
Lucas VerÍssimo Botelho
d398898b35
cmd: Allow add-package to select version of package (#6665)
* feat: allow versioning of packages

* docs: remove xcaddy issue reference
2024-10-30 16:48:36 +00:00
Kévin Dunglas
eaaa2e5872
chore: compile without nosql's support for Postgres and MySQL (#6655)
* chore: compile without nosql's support for Postgres and MySQL

* Update cross-build.yml

* Update cross-build.yml

* Update README.md
2024-10-22 14:53:14 -06:00
Francis Lavoie
4457afc170
chore: Bump quic-go to 0.48.1, fixing a panic (#6654) 2024-10-22 19:29:46 +00:00
Francis Lavoie
fbf0f4c425
reverseproxy: Sync changes from stdlib for 1xx handling (#6656)
* reverseproxy: Sync changes from stdlib for 1xx handling

Sourced from 960654be0c

* Use clear()

3bc28402fa
2024-10-22 12:10:46 -06:00
Matthew Holt
5e6024c48d
reverseproxy: Fix log message
Fixes regression from #6560
2024-10-21 12:19:04 -06:00
Yifan Yang
669fc41e63
tracing: Add spanID field to access logs and http.vars.span_id placeholder (#6646)
* logging: Add spanID field to access logs when tracing is enabled

Signed-off-by: YifanYang6 <yifanyang6@link.cuhk.edu.cn>

* tracing: add `http.vars.span_id` placeholder when tracing is enabled

Signed-off-by: YifanYang6 <yifanyang6@link.cuhk.edu.cn>

---------

Signed-off-by: YifanYang6 <yifanyang6@link.cuhk.edu.cn>
2024-10-21 11:06:55 -06:00
Aaron Paterson
0182fb87fa
core: addresses.go funcs renames (#6622)
* right side in tls ln

* remove ParseNetworkAddressFromHostPort

* ignore placeholder port

* remove println

* update test cases (!!!)

* []

* comment

* Trim

* Update addresses.go
2024-10-21 08:02:29 -06:00
David Wood
1391e8ed9a
chore: fix some function names in comment (#6650) 2024-10-21 07:39:58 +00:00
Logan Fleur
9753c44510
fileserver: fix try_policy when instantiating file matcher from CEL (#6624)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-10-20 14:08:30 +00:00
Kévin Dunglas
b443190b66
sigtrap: always ignore SIGPIPE (#6645) 2024-10-19 07:33:50 -06:00
Mohammed Al Sahaf
388c7e898c
metrics: move metrics up, outside servers (#6606)
* metrics: move `metrics`  up, outside `servers`

This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers.

Fix #6604

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* normalize domain name

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-10-18 09:54:21 -06:00
WeidiDeng
c6f2979986
caddyhttp: Close http3 server gracefully (#6213)
* close http3 server gracefully

* update server field

* update from upstream

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-10-15 21:28:20 -04:00
Marten Seemann
a211c656f1
chore: update quic-go to v0.48.0 (#6627) 2024-10-15 09:38:10 -04:00
WeidiDeng
48ce47f1d4
reverseproxy: Use correct cases for websocket related headers (#6621)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-10-11 09:02:23 +00:00
Francis Lavoie
ef4e0224a8
caddyfile: Fix comma edgecase in address parsing (#6616) 2024-10-10 20:26:59 +00:00
Mohammed Al Sahaf
c8a76d003f
docs: expand proxy protocol docs (#6620) 2024-10-10 16:21:26 -04:00
Mohammed Al Sahaf
dd5decabe7
tests: fix caddyfile adapt warnings (#6619)
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-10-10 13:38:49 -06:00
Francis Lavoie
d7564d632f
caddytls: Drop rate_limit and burst, has been deprecated (#6611) 2024-10-07 17:39:47 -04:00
Matthew Holt
88fd5f3491
caddyhttp: Use internal issuer for IPs when no APs configured
This fixes a regression in 2.8 where IP addresses
would be considered qualifying for public certs
by auto-HTTPS. The default issuers do not issue
IP certs at this time, so if no APs are explicitly
configured, we assign them to the internal
issuer. We have to add a couple lines of code because
CertMagic can no longer consider IPs as not
qualifying for public certs, since there are public CAs
that issue IP certs. This edge case is specific to Caddy's
auto-HTTPS.

Without this patch, Caddy will try using Let's Encrypt
or ZeroSSL's ACME endpoint to get IP certs, neither
of which support that.
2024-10-04 10:23:30 -06:00
Matthew Holt
2ae58ac13e
go.mod: Upgrade some dependencies 2024-10-02 16:00:48 -06:00
Mohammed Al Sahaf
01be1b54a8
ci: install xcaddy to fix release flow (#6602) 2024-10-02 16:12:29 +00:00
Mohammed Al Sahaf
41f5dd56e1
metrics: scope metrics to active config, add optional per-host metrics (#6531)
* Add per host config

* Pass host label when option is enabled

* Test per host enabled

* metrics: scope metrics per loaded config

* doc and linter

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* inject the custom registry into the admin handler

Co-Authored-By: Dave Henderson <dhenderson@gmail.com>

* remove `TODO` comment

* fixes

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* refactor to delay metrics admin handler provision

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Hussam Almarzooq <me@hussam.io>
Co-authored-by: Dave Henderson <dhenderson@gmail.com>
2024-10-02 08:23:26 -06:00
Francis Lavoie
16724842d9
caddyhttp: Implement auto_https prefer_wildcard option (#6146)
* Allow specifying multiple `auto_https` options

* Implement `auto_https prefer_wildcard` option

* Adapt tests, add mock DNS module for config testing

* Rebase fix
2024-10-02 07:31:58 -06:00
Francis Lavoie
792f1c7ed7
caddyhttp: Escaping placeholders in CEL, add vars and vars_regexp (#6594)
* caddyhttp: Escaping placeholders in CEL

* Simplify some of the test cases

* Implement vars and vars_regexp in CEL

* dupl lint is dumb

* Better consts for the placeholder CEL shortcut

* Bump CEL version, register a few extensions

* Refactor s390x test script for readability

* Add retries for s390x to smooth over flakiness

* Switch to `ph` for the CEL shortcut (match it in templates cause why not)
2024-10-02 06:34:04 -06:00