Mohammed Al Sahaf
e965b111cd
tls: modularize trusted CA providers ( #5784 )
...
* tls: modularize client authentication trusted CA
* add `omitempty` to `CARaw`
* docs
* initial caddyfile support
* revert anything related to leaf cert validation
The certs are used differently than the CA pool flow
* complete caddyfile unmarshalling implementation
* Caddyfile syntax documentation
* enhance caddyfile parsing and documentation
Apply suggestions from code review
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* add client_auth caddyfile tests
* add caddyfile unmarshalling tests
* fix and add missed adapt tests
* fix rebase issue
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 11:44:41 +03:00
Francis Lavoie
b9c40e7111
logging: Automatic wrap
default for filter
encoder ( #5980 )
...
Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
2024-01-25 04:00:22 +00:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers ( #6037 )
2024-01-23 19:36:59 -05:00
Aziz Rmadi
4181c79a81
httpcaddyfile: Add optional status code argument to handle_errors
directive ( #5965 )
...
Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>
2024-01-16 01:24:17 -05:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root
and rewrite
parsing to allow omitting matcher ( #5844 )
2024-01-15 09:57:08 -07:00
Aziz Rmadi
80acf1bf23
replacer: Fix escaped closing braces ( #5995 )
2024-01-13 20:24:03 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs
directive ( #5833 )
2024-01-13 20:12:43 +00:00
Francis Lavoie
da7d8cb26d
httpcaddyfile: Sort skip_hosts for deterministic JSON ( #5990 )
...
* httpcaddyfile: Sort skip_hosts for deterministic JSON
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* Fix test
* Bah
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-12-18 12:54:52 -07:00
WeidiDeng
96f638eaad
httpredirectlistener: Only set read limit for when request is HTTP ( #5917 )
2023-11-20 12:31:36 +00:00
Mohammed Al Sahaf
d949caf459
test: acmeserver: add smoke test for the ACME server directory ( #5914 )
2023-10-24 13:59:53 -04:00
Francis Lavoie
ac1f20b9e4
httpcaddyfile: Remove port from logger names ( #5881 )
...
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-10-16 23:57:03 -06:00
Francis Lavoie
7984e6f6fd
httpcaddyfile: Fix TLS automation policy merging with get_certificate ( #5896 )
2023-10-14 14:23:50 -06:00
Francis Lavoie
05dbe1c171
reverseproxy: Replace health header placeholders ( #5861 )
2023-10-11 09:50:28 -06:00
Fred Cox
b245ecd325
reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers ( #5828 )
2023-10-11 04:42:40 -04:00
Đỗ Trọng Hải
df99502977
httpcaddyfile: Enable TLS for catch-all site if tls
directive is specified ( #5808 )
2023-10-10 21:46:39 +00:00
Christoph
e0aaefab80
encode: Add application/wasm*
to the default content types ( #5869 )
2023-10-10 21:18:37 +00:00
Karun Agarwal
288216e1fb
httpcaddyfile: Stricter errors for site and upstream address schemes ( #5757 )
...
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-08-19 07:28:25 -04:00
Matthew Holt
11166889c5
Fix tests
...
I thought Go ordered JSON objects when marshaling, but I guess not.
2023-08-09 11:25:59 -06:00
Mohammed Al Sahaf
65e33fc1ee
reverseproxy: do not parse upstream address too early if it contains replaceble parts ( #5695 )
...
* reverseproxy: do not parse upstream address too early if it contains replaceble parts
* remove unused method
* cleanup
* accommodate partially replaceable port
2023-08-05 23:30:02 +02:00
Francis Lavoie
cd486c25d1
caddyhttp: Make use of http.ResponseController
( #5654 )
...
* caddyhttp: Make use of http.ResponseController
Also syncs the reverseproxy implementation with stdlib's which now uses ResponseController as well 2449bbb5e6
* Enable full-duplex for HTTP/1.1
* Appease linter
* Add warning for builds with Go 1.20, so it's less surprising to users
* Improved godoc for EnableFullDuplex, copied text from stdlib
* Only wrap in encode if not already wrapped
2023-08-02 20:03:26 +00:00
Francis Lavoie
5c51c1db2c
httpcaddyfile: Allow hostnames
& logger name overrides for log directive ( #5643 )
...
* httpcaddyfile: Allow `hostnames` override for log directive
* Implement access logger name overrides
* Fix panic & default logger clobbering edgecase
2023-08-02 03:13:46 -04:00
Saber Haj Rabiee
361946eb0c
reverseproxy: weighted_round_robin load balancing policy ( #5579 )
...
* added weighted round robin algorithm to load balancer
* added an adapt integration test for wrr and fixed a typo
* changed args format to Caddyfile args convention
* added provisioner and validator for wrr
* simplified the code and improved doc
2023-06-20 11:42:58 -06:00
Francis Lavoie
3b19aa2b5a
headers: Allow >
to defer shortcut for replacements ( #5574 )
2023-06-15 17:18:55 -06:00
Francis Lavoie
cbf16f6d9e
caddyhttp: Implement named routes, invoke
directive ( #5107 )
...
* caddyhttp: Implement named routes, `invoke` directive
* gofmt
* Add experimental marker
* Adjust route compile comments
2023-05-16 15:27:52 +00:00
Francis Lavoie
e8352aef38
headers: Add > Caddyfile shortcut for enabling defer ( #5535 )
2023-05-16 01:18:13 -04:00
Francis Lavoie
75b690d248
reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile ( #5494 )
...
* reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile
* Add clarifying comment
2023-05-15 12:14:50 -06:00
Francis Lavoie
4636109ce1
reverseproxy: Remove deprecated lookup_srv
( #5396 )
2023-04-10 20:08:40 +00:00
Francis Lavoie
05e9974570
caddyhttp: Determine real client IP if trusted proxies configured ( #5104 )
...
* caddyhttp: Determine real client IP if trusted proxies configured
* Support customizing client IP header
* Implement client_ip matcher, deprecate remote_ip's forwarded option
2023-03-27 20:22:59 +00:00
Francis Lavoie
330be2d8c7
httpcaddyfile: Adjust path matcher sorting to solve for specificity ( #5462 )
2023-03-27 15:43:44 -04:00
Emily Lange
941eae5f61
reverseproxy: allow specifying ip version for dynamic a
upstream ( #5401 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-02-27 17:23:09 +00:00
Francis Lavoie
f3379f650a
caddyfile: Fix heredoc fuzz crasher, drop trailing newline ( #5404 )
...
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-02-26 16:56:48 -05:00
Francis Lavoie
960150bb03
caddyfile: Implement heredoc support ( #5385 )
2023-02-26 00:34:27 +00:00
Mohammed Al Sahaf
e3909cc385
reverseproxy: refactor HTTP transport layer ( #5369 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Weidi Deng <weidi_deng@icloud.com>
2023-02-24 19:54:04 +00:00
Francis Lavoie
12bcbe2c49
caddyhttp: Pluggable trusted proxy IP range sources ( #5328 )
...
* caddyhttp: Pluggable trusted proxy IP range sources
* Add request to the IPRangeSource interface
2023-02-06 12:44:11 -07:00
Y.Horie
d73660f7c3
httpcaddyfile: Add persist_config global option ( #5339 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-01-27 23:31:37 -05:00
Francis Lavoie
7f2a93e6c3
caddyfile: Allow overriding server names ( #5323 )
2023-01-27 14:56:39 -05:00
WeidiDeng
c38a040e85
httpcaddyfile: Fix handle
grouping inside route
( #5315 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-01-18 16:04:41 -05:00
Francis Lavoie
223cbe3d0b
caddyhttp: Add server-level trusted_proxies
config ( #5103 )
2023-01-10 00:08:23 -05:00
Yannick Ihmels
66ce0c5c63
caddytls: Add test cases for Caddyfile tls
options ( #5293 )
2023-01-09 15:18:12 -05:00
Yannick Ihmels
55035d327a
caddytls: Add dns_ttl
config, improve Caddyfile tls
options ( #5287 )
2023-01-06 14:44:00 -05:00
Kyle McCullough
bfaf2a8201
acme_server: Configurable default lifetime for issued certificates ( #5232 )
...
* acme_server: add certificate lifetime configuration option
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
* pki: allow intermediate cert lifetime to be configured
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
2022-12-06 00:12:26 -07:00
Mohammed Al Sahaf
fef9cb3e05
caddytest: internalize init config into '.go' file ( #5230 )
2022-12-05 18:49:41 +00:00
Matt Holt
6bad878a22
httpcaddyfile: Improve detection of indistinguishable TLS automation policies ( #5120 )
...
* httpcaddyfile: Skip some logic if auto_https off
* Try removing this check altogether...
* Refine test timeouts slightly, sigh
* caddyhttp: Assume udp for unrecognized network type
Seems like the reasonable thing to do if a plugin registers its own
network type.
* Add comment to document my lack of knowledge
* Clean up and prepare to merge
Add comments to try to explain what happened
2022-10-13 11:30:57 -06:00
Matt Holt
3e1fd2a8d4
httpcaddyfile: Wrap site block in subroute if host matcher used ( #5130 )
...
* httpcaddyfile: Wrap site block in subroute if host matcher used (fix #5124 )
* Correct boolean logic (oops)
2022-10-12 09:27:08 -06:00
Francis Lavoie
99ffe93388
logging: Fix skip_hosts
with wildcards ( #5102 )
...
Fix #4859
2022-10-05 12:14:13 -06:00
Matthew Holt
e07a267276
caddytest: Revise sleep durations
...
Attempt to reduce flakiness a bit more
Test suite needs to be rewritten.
2022-10-05 11:40:41 -06:00
Francis Lavoie
2808de1e30
httpcaddyfile: Skip automate
when auto_https off
is specified ( #5110 )
2022-10-04 20:58:19 -06:00
Matt Holt
897a38958c
Merge pull request #5076 from caddyserver/fastcgi-redir
...
fastcgi: Redirect using original URI path (fix #5073 ) and rewrite: Only trim prefix if matched
2022-09-28 15:22:45 -06:00
Mohammed Al Sahaf
b5727b9c44
ci: fix integration tests ( #5079 )
2022-09-24 19:00:55 +00:00
Matthew Holt
e747a9bb12
Fix tests
2022-09-23 16:47:59 -06:00