0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-30 22:34:15 -05:00
Commit graph

2258 commits

Author SHA1 Message Date
Kevin Stock
689591ef01 tls: Add option for backend to approve on-demand cert (#1939)
This adds the ask sub-directive to tls that defines the URL of a backend HTTP service to be queried during the TLS handshake to determine if an on-demand TLS certificate should be acquired for incoming hostnames. When the ask sub-directive is defined, Caddy will query the URL for permission to acquire a cert by making a HTTP GET request to the URL including the requested domain in the query string. If the backend service returns a 2xx response Caddy will acquire a cert. Any other response code (including 3xx redirects) are be considered a rejection and the certificate will not be acquired.
2017-11-03 23:01:30 -06:00
Sayem Chowdhury
2782553231 readme: Update build instructions (#1916)
* Update build instruction

This changes add proper an easy instruction for building.

* Update README.md
2017-11-02 06:11:18 -06:00
Craig Peterson
4ec5522a33 Merge branch 'macros' of github.com:mholt/caddy into macros 2017-10-31 23:56:35 -04:00
Craig Peterson
ad2956fd1d snippets now 2017-10-31 23:56:24 -04:00
frk
34a34c565d FreeBSD init: Remove unnecessary daemon -u option (#1924)
The rc.subr framework already takes care of substituting user. So, using
daemon's -u option is double user-substitution and fails if $caddy_user
is non-root.
2017-10-31 10:31:09 -06:00
Arthur Silva
74d4fd3c29 improve error checking (#1938) 2017-10-31 10:19:51 -06:00
Arthur Silva
ac1f3bfaaa a few code improvements (#1936)
caddy.go:569: could be simplified

sigtrap_posix.go:87: value of inst is never used

upgrade.go:151: should omit nil check; len() for nil slices is defined as zero
2017-10-31 10:12:05 -06:00
Mohammed Al Sahaf
f7a70266ed Implement per-site index (#1906) 2017-10-29 21:13:10 +00:00
elcore
fc75527eb5 onevent/startupshutdown: run command once per server block (#1934) 2017-10-23 00:27:44 +02:00
Toby Allen
e5d04f9a96 Change log output for startup and shutdown (#1932)
Changes the log output of on startup
2017-10-22 13:43:40 +01:00
Craig Peterson
91a60a8d25 Merge branch 'master' into macros 2017-10-20 10:32:21 -04:00
Craig Peterson
5c9fc3a473 Merge branch 'macros' of github.com:mholt/caddy into macros 2017-10-19 19:55:14 -04:00
Craig Peterson
02ac1f61c4 retrigger build 2017-10-19 19:54:15 -04:00
elcore
59a8ada4a8 Fix CI Tests (#1929) 2017-10-19 11:02:56 -06:00
Craig Peterson
1889049ef3 Merge branch 'master' into macros 2017-10-19 10:34:13 -04:00
Craig Peterson
68a495f144 actually return error on redeclaration 2017-10-19 10:27:10 -04:00
Matthew Holt
a2db340378
tls: Final check of OCSP response validity date before stapling 2017-10-16 17:25:55 -06:00
Alex Gaynor
c6a2911725 tls: Handle when OCSP responder cert expires before a response it issued (#1922)
* Handle the case of an OCSP responder certificate expiring before an OCSP response it issued

* oops

* doh, gofmt
2017-10-16 17:23:21 -06:00
Matthew Holt
654f26cb91
tls: Evict existing certificates from cache when loading ones from disk 2017-10-16 16:40:43 -06:00
Craig Peterson
dd4b3efa47 remove 'macro foo' syntax 2017-10-15 19:10:56 -04:00
Craig Peterson
3a969bc075 add nil check 2017-10-13 11:08:17 -04:00
Craig Peterson
425f61142f initial implementation of caddyfile macros 2017-10-13 11:04:44 -04:00
Wèi Cōngruì
79072828a5 staticfiles: remove mapFSRootOpenErr because Go stdlib has fixed the relevant issue (#1919) 2017-10-13 08:01:30 -06:00
Eugene Dementiev
0548b97701 init: Fix upstart script for Centos6 (and Amazon Linux) (#1914) 2017-10-12 17:02:46 -06:00
Guilherme Bernal
99625ae3f6 on: Allow nonblocking command with no other arguments (#1913) 2017-10-12 10:11:50 -06:00
Matthew Holt
c4dfbb9956
Update readme and changelog for v0.10.10 2017-10-08 22:20:05 -06:00
Matthew Holt
b0d9c058cc
Change CASE_SENSITIVE_PATH default to false
A default of true is risky when protecting assets by matching base path.
It's not obvious that protecting /foo/ will allow /Foo/ through, and if
accessing static files on a case-insensitive file system... that's no
good. So the default is now to be case-INsensitive when matching paths.
2017-10-08 22:19:35 -06:00
Matthew Holt
cccfe3b4ef
proxy: Allow insecure certificate in QUIC tests 2017-10-05 11:11:48 -06:00
Matthew Holt
f71955e89c
Grammar improvements 2017-10-04 18:37:11 -06:00
elcore
dd44491e13 startupshutdown: gofmt code (#1902) 2017-10-03 07:18:29 -06:00
Mohammad Gufran
ac865e8910 fastcgi: Add support for SRV upstreams (#1870) 2017-10-03 07:17:54 -06:00
elcore
b7167803f2 startupshutdown: is an alias for 'on' (#1880) 2017-10-01 20:41:45 -06:00
Kevin Stock
97710ced7e Add hook for instance startup (#1888)
Provides a new hook for plugins as a means to provide the current caddy.Instance when starting or restarting.
2017-10-01 20:36:23 -06:00
elcore
f878247a18 Implement CertRenewEvent (#1879) 2017-10-01 11:25:30 -06:00
elcore
118cf5f240 Implement 'http.on' plugin and replace UUID lib (#1864)
* Implement 'command' plugin

* Rename 'command' to 'on'

* Split this PR
2017-10-01 11:24:50 -06:00
Matthew Holt
f9cba03d25
redir: Do not count multiple rules with if statements as duplicates
This allows you to have multiple redir directives conditioned solely
upon if statements, without regard to path.
2017-09-28 11:41:11 -06:00
Matthew Holt
baf6db5b57
Apply Apache license to all .go source files (closes #1865)
I am not a lawyer, but according to the appendix of the license,
these boilerplate notices should be included with every source file.
2017-09-22 23:56:58 -06:00
Matthew Holt
e60400a92e
caddyfile: Use full, absolute file path in token structs (fixes #1892)
When two Caddyfiles with the same name, but different paths, are
imported, it can cause a weird bug because isNewLine() returned false
when it should return true, since the files are actually different,
but it couldn't know that because only the base name was stored,
not the whole path.
2017-09-22 20:02:48 -06:00
Tw
e377eeff50 proxy: websocket proxy exits immediately if backend is shutdown (#1869)
Signed-off-by: Tw <tw19881113@gmail.com>
2017-09-22 18:10:48 -06:00
Matthew Holt
84a2f8e89e
Add iOS 11 stable ClientHello to MITM test corpus (issue #1890) 2017-09-22 17:41:47 -06:00
Matthew Holt
64be3e410c
websocket: Avoid multiple calls to WriteHeader if Upgrade fails 2017-09-22 17:39:18 -06:00
Matthew Holt
643dac688c
Clarify unofficial builds in version string 2017-09-22 17:25:43 -06:00
Daniel van Dorp
0a624f87ff Merge pull request #1884 from timothywlewis/fix-pid-error-in-linux-sysvinit
Fix pid error in linux sysvinit
2017-09-22 16:45:55 +02:00
Tim Lewis
fea8f37f9d Fix linux-sysvinit script to prevent missing caddy.log
Create /var/log/caddy.log and chown prior to starting caddy.
Caddy running as DAEMONUSER does not have permission to create the /var/log/caddy.log.
2017-09-18 19:16:15 -04:00
Tim Lewis
a808252079 Fix spurious .pid file error in linux-sysvinit
This change eliminates the `[ERROR] Could not write pidfile: open /var/run/caddy.pid: permission denied` from caddy.log.
The start-stop-daemon writes the file as root so the DAEMONUSER that caddy runs as cannot write to the .pid file.
2017-09-18 19:14:56 -04:00
Davor Kapsa
93bcca0ccc travis: add 1.x instead 1.9 go version (#1868) 2017-09-16 09:48:27 -06:00
Fake ID
d39b95600a readme: fixed build instructions (#1875) 2017-09-16 09:35:58 -06:00
Matthew Holt
545fa844bb
EULA: Remove restriction clause related to sponsors header 2017-09-14 21:45:32 -06:00
Adam Williams
b6e10e3cb2 Revert "Implement Caddy-Sponsors HTTP response header" (#1866)
This reverts commit 56453e9664.
2017-09-14 21:42:22 -06:00
Matthew Holt
bc56793d3b
Update readme and changes for version 0.10.9 2017-09-12 11:02:53 -06:00