Infrastructure/caddy
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-03-18 02:22:59 -05:00
Code Issues Activity
1811 commits 27 branches 142 tags 32 MiB
Commit graph

235 commits

Author SHA1 Message Date
Matthew Holt
8f2196c047 tls: No arguments to directive and no block is an error 2016-01-12 08:52:43 -07:00
Matthew Holt
c7d4d051cb letsencrypt: Ensure no prompt if user is not there 
Also only set custom address if alternate port is specified (rather than using a blank address; just cleaner this way)
 2016-01-12 08:52:08 -07:00
Matthew Holt
8a6c778c8d Log if host is not configured for server 2016-01-11 09:07:14 -07:00
Matthew Holt
77eae62d9f letsencrypt: Don't prompt if user is not there 
This change fixes the scenario where you reload the config and it tries to obtain a cert from the ACME server, but no email address is found or terms have not been agreed to in-process. This is unfortunate but it should not stop the server from reloading, so we assume empty email address in this case.
 2016-01-10 23:40:55 -07:00
Matthew Holt
ed0c0db6a3 If scheme and port defy convention, it is an error 
This prevents serving HTTPS over port 80 or HTTP over 443. It's confusing and we don't allow it.
 2016-01-10 20:51:50 -07:00
Matthew Holt
202849055c tls: Extra requirements to set port to 443 
It is unexpected to serve localhost on port 443 or any server on 443 if TLS is disabled, even if the port is blank. Also don't warn about how to force TLS on the HTTP port.
 2016-01-10 20:47:43 -07:00
Matthew Holt
0830c728fe Remove pidfile when program exits (closes ) 2016-01-09 21:48:07 -07:00
Matthew Holt
dab679df86 import: Fix multiple imports (closes ) 2016-01-09 10:52:21 -07:00
Matthew Holt
9453224639 Merge branch 'letsencryptfix' 2016-01-08 23:59:15 -07:00
Matthew Holt
fd1765973a letsencrypt: Tests for handler that proxies challenge requests 
Doesn't test the SkipInsecureVerify proxy setting, but that can be done at another time.
 2016-01-08 16:44:54 -07:00
Matthew Holt
a3f3bc67e1 Merge branch 'browse-tpl' 2016-01-08 14:02:55 -07:00
Matthew Holt
8b93bfe751 letsencrypt: More tests! \o/ 2016-01-08 13:49:06 -07:00
Matthew Holt
897b6c5b0e letsencrypt: More tests, other minor improvements 2016-01-08 12:32:47 -07:00
Matthew Holt
fc928e0b3b letsencrypt: Couple minor refactors/fixes 2016-01-08 11:55:31 -07:00
Matthew Holt
ce4981d046 Merge branch 'master' into letsencryptfix 
# Conflicts:
#	caddy/letsencrypt/letsencrypt.go
#	caddy/letsencrypt/letsencrypt_test.go
 2016-01-06 22:21:15 -07:00
Matthew Holt
62b210b544 browse: Minor changes to improve icon positioning in template 
Also make sure column header cells don't wrap
 2016-01-06 22:18:17 -07:00
Matt Holt
5f6a0a4c0b Merge pull request from abiosoft/rewrite-patch 
rewrite: not_has, not_match, multiple to, and status codes
 2016-01-06 22:08:16 -07:00
Matthew Holt
6d49392602 Improve tests, fix a few lint warnings 2016-01-06 16:04:33 -07:00
Matthew Holt
4593982065 letsencrypt: Major refactor of Activate(), fixes and closes 
Makes restarts cleaner and improves configuration usability related to the tls directive
 2016-01-06 16:04:08 -07:00
Matthew Holt
94100a7ba6 Fix failing tests 2016-01-04 17:34:10 -07:00
Matthew Holt
e9c2e50684 Merge branch 'master' into letsencryptfix 
# Conflicts:
#	caddy/letsencrypt/letsencrypt.go
 2016-01-03 23:56:22 -07:00
Ben Schumacher
82b0c0b9eb Make Let's Encrypt module honor the Bind settings 2016-01-03 23:56:14 -07:00
Matthew Holt
55601d3ec2 letsencrypt: Fix OCSP stapling and restarts with new LE-capable hosts 
Before, Caddy couldn't support graceful (zero-downtime) restarts when the reloaded Caddyfile had a host in it that was elligible for a LE certificate because the port was already in use. This commit makes it possible to do zero-downtime reloads and issue certificates for new hosts that need it. Supports only http-01 challenge at this time.

OCSP stapling is improved in that it updates before the expiration time when the validity window has shifted forward. See 30c949085c. Before it only used to update when the status changed.

This commit also sets the user agent for Let's Encrypt requests with a string containing "Caddy".
 2016-01-03 17:05:10 -07:00
Matthew Holt
829a0f34d0 Preserve and clean up original host input in Caddyfile-JSON conversions 2016-01-03 16:46:26 -07:00
Matthew Holt
bb80f99190 tls: Allow opening block without specifying cert+key args 2016-01-03 16:44:30 -07:00
Matthew Holt
946ff5e87b Parser separate scheme/port, refactor config loading 
By separating scheme and port at the parser, we are able to set the port appropriately and also keep the semantics of the scheme being specified by the user later on. The parser also stores an address' original input. Also, the config refactor makes it possible to partially load a config - valuable for determining which ones will need Let's Encrypt integration turned on during a restart.
 2016-01-03 16:41:29 -07:00
Abiola Ibrahim
be2f5c4b38 Support for 4xx status codes. 2015-12-31 23:19:11 +01:00
Abiola Ibrahim
3468986260 Support multiple values for to in simple rule. 2015-12-31 20:11:31 +01:00
Matthew Holt
1af7865e6c Move SVG up to top and make layout mobile-friendly 2015-12-31 11:18:43 -07:00
Matthew Holt
94e3e7e5eb browse: New default template 2015-12-31 00:23:10 -07:00
Abiola Ibrahim
bb23f68a43 Merge pull request from abiosoft/rewrite-improvements 
Rewrite improvements
 2015-12-30 19:42:13 +01:00
Matt Holt
6a27968f73 Merge pull request from radim/master 
Support glob character in import
 2015-12-29 16:21:26 -07:00
Radim Marek
1e7ec3397b Import allows only one expression 2015-12-29 23:32:59 +01:00
Abiola Ibrahim
92bd914418 Fix vet errors. 2015-12-23 13:23:43 +01:00
Abiola Ibrahim
9110dc4745 Refactor. Tests and tests data. 2015-12-23 12:11:11 +01:00
Abiola Ibrahim
1ed786f836 Cleanups and panic prevention in tests. 2015-12-23 09:36:00 +01:00
Abiola Ibrahim
4d5bc9fa6c Backward compatibility ensured. 2015-12-23 09:02:52 +01:00
Abiola Ibrahim
98d8c0f81b Added new rewrite features. 2015-12-22 23:19:22 +01:00
Matt Holt
a5836aebfa Merge pull request from pavlik/master 
tls: Remove ECDHE-RSA-3DES-EDE-CBC-SHA and RSA-3DES-EDE-CBC-SHA from the default TLS config
 2015-12-19 11:57:45 -07:00
Pavel Pavlenko
3dd4c0eb6a Fix TestTLSParseBasic 2015-12-19 14:37:38 +03:00
Pavel Pavlenko
1e27b5be89 Remove ECDHE-RSA-3DES-EDE-CBC-SHA and RSA-3DES-EDE-CBC-SHA from the default TLS config 2015-12-19 14:30:25 +03:00
Matthew Holt
b0397df719 Save obtained certs even if there were failures 2015-12-11 15:42:22 -07:00
Radim Marek
eb48885d4d Updated comments 2015-12-11 22:02:31 +01:00
Radim Marek
afbda595f6 import glob tests 2015-12-11 21:52:35 +01:00
Pavel Pavlenko
e4ff77ed07 fix tls_test.go 2015-12-09 11:27:59 +03:00
Pavel Pavlenko
b6c4178f0a Remove ECDHE-RSA-3DES-EDE-CBC-SHA and RSA-3DES-EDE-CBC-SHA from the default TLS config 2015-12-09 11:10:55 +03:00
Abiola Ibrahim
ab5087e215 Gzip: support for min_length. 2015-12-07 23:17:05 +01:00
Radim Marek
d56a9a1c5d Correct position of the newly imported tokens 2015-12-06 23:50:26 +01:00
Radim Marek
d1216f409d Handle no matches 2015-12-04 23:22:03 +01:00
Radim Marek
12f594779c Added support magic characters in import pattern 
Import now allows to use the star wildcard, question mark and square
brackets as used by filepath.Glob
 2015-12-04 23:04:12 +01:00