* caddy adapt for listen_protocols
* adapt listen_socket
* allow multiple listen sockets for port ranges and readd socket fd listen logic
* readd logic to start servers according to listener protocols
* gofmt
* adapt caddytest
* gosec
* fmt and rename listen to listenWithSocket
* fmt and rename listen to listenWithSocket
* more consistent error msg
* non unix listenReusableWithSocketFile
* remove unused func
* doc comment typo
* nonosec
* commit
* doc comments
* more doc comments
* comment was misleading, cardinality did not change
* addressesWithProtocols
* update test
* fd/ and fdgram/
* rm addr
* actually write...
* i guess we doin' "skip": now
* wrong var in placeholder
* wrong var in placeholder II
* update param name in comment
* dont save nil file pointers
* windows
* key -> parsedKey
* osx
* multiple default_bind with protocols
* check for h1 and h2 listener netw
* reverseproxy: allow user to define source address
Closes#6503
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* reverse_proxy: caddyfile support for local_address
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Most of the errors that can be seen here are write errors due to clients
aborting the request from their side. Often seen ones include:
* writing: ... write: broken pipe
* writing: ... connection timed out
* writing: http2: stream closed
* writing: timeout...
* writing: h3 error...
Most of these errors are beyond of the control of caddy on the client side,
probably nothing can be done on the server side. It still warrants
researching when these errors occur very often, so a change in level from
error to warn is better here to not polute the logs with errors in the
normal case.
* Add health_upstream
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
* Add health_upstream to caddyfile parsing
* Add Active Upstream case for health checks
* Update ignore health port comment
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
* Update Upstream json doc
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
* Update modules/caddyhttp/reverseproxy/healthchecks.go
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* Use error rather than log for health_port override
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
* Add comment about port being ignore if using upstream
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
---------
Signed-off-by: Dylan Schultz <9121234+dylanschultzie@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* caddyhttp: Reject 0-RTT early data in IP matchers and set Early-Data header when proxying
See RFC 8470: https://httpwg.org/specs/rfc8470.html
Thanks to Michael Wedl (@MWedl) at the University of Applied Sciences St. Poelten for reporting this.
* Don't return value for {remote} placeholder in early data
* Add Caddyfile support
* added health_follow_redirect in active health checks
* chore: code format
* chore: refactore reversproxy healthcheck redirect variable name and description of the same
* chore: formatting
* changed reverse proxy health check status code range to be between 200-299
* chore: formatting
---------
Co-authored-by: aliasgar <joancena1268@mail.com>
Before this change, a read of size (let's say) < 10, into a buffer of size 10, will return EOF because we're using CopyN to limit to the size of the buffer. That resulted in the body being read from later, which should only happen if it couldn't fit in the buffer.
With this change, the body is properly NOT set when it can all fit in the buffer.
* added new modular ca providers to caddy tls HttpTransport
* reverse-proxy, httptransport: added tests and caddyfile support for ca module
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* reverseproxy: active health check allows configurable health_passes and health_fails
* Need to reset counters after recovery
* rename methods to be more clear that these are coming from active health checks
* do not export methods
* reverseproxy: cookie should be Secure and SameSite=None when TLS
* Update modules/caddyhttp/reverseproxy/selectionpolicies_test.go
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
---------
Co-authored-by: Mohammed Al Sahaf <mohammed@caffeinatedwonders.com>
