mirror of
https://github.com/caddyserver/caddy.git
synced 2025-01-06 22:40:31 -05:00
3cfefeb0f7
* httpcaddyfile: First pass at implementing server options * httpcaddyfile: Add listener wrapper support * httpcaddyfile: Sort sbaddrs to make adapt output more deterministic * httpcaddyfile: Add server options adapt tests * httpcaddyfile: Windows line endings lol * caddytest: More windows line endings lol (sorry Matt) * Update caddyconfig/httpcaddyfile/serveroptions.go Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * httpcaddyfile: Reword listener address "matcher" * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * httpcaddyfile: Deprecate experimental_http3 option (moved to servers) * httpcaddyfile: Remove validation step, no longer needed Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
368 lines
9.2 KiB
Go
368 lines
9.2 KiB
Go
// Copyright 2015 Matthew Holt and The Caddy Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package httpcaddyfile
|
|
|
|
import (
|
|
"strconv"
|
|
|
|
"github.com/caddyserver/caddy/v2"
|
|
"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
|
|
"github.com/caddyserver/caddy/v2/modules/caddytls"
|
|
"github.com/caddyserver/certmagic"
|
|
"github.com/mholt/acmez/acme"
|
|
)
|
|
|
|
func init() {
|
|
RegisterGlobalOption("debug", parseOptTrue)
|
|
RegisterGlobalOption("http_port", parseOptHTTPPort)
|
|
RegisterGlobalOption("https_port", parseOptHTTPSPort)
|
|
RegisterGlobalOption("default_sni", parseOptSingleString)
|
|
RegisterGlobalOption("order", parseOptOrder)
|
|
RegisterGlobalOption("experimental_http3", parseOptTrue)
|
|
RegisterGlobalOption("storage", parseOptStorage)
|
|
RegisterGlobalOption("acme_ca", parseOptSingleString)
|
|
RegisterGlobalOption("acme_ca_root", parseOptSingleString)
|
|
RegisterGlobalOption("acme_dns", parseOptSingleString)
|
|
RegisterGlobalOption("acme_eab", parseOptACMEEAB)
|
|
RegisterGlobalOption("cert_issuer", parseOptCertIssuer)
|
|
RegisterGlobalOption("email", parseOptSingleString)
|
|
RegisterGlobalOption("admin", parseOptAdmin)
|
|
RegisterGlobalOption("on_demand_tls", parseOptOnDemand)
|
|
RegisterGlobalOption("local_certs", parseOptTrue)
|
|
RegisterGlobalOption("key_type", parseOptSingleString)
|
|
RegisterGlobalOption("auto_https", parseOptAutoHTTPS)
|
|
RegisterGlobalOption("servers", parseServerOptions)
|
|
}
|
|
|
|
func parseOptTrue(d *caddyfile.Dispenser) (interface{}, error) {
|
|
return true, nil
|
|
}
|
|
|
|
func parseOptHTTPPort(d *caddyfile.Dispenser) (interface{}, error) {
|
|
var httpPort int
|
|
for d.Next() {
|
|
var httpPortStr string
|
|
if !d.AllArgs(&httpPortStr) {
|
|
return 0, d.ArgErr()
|
|
}
|
|
var err error
|
|
httpPort, err = strconv.Atoi(httpPortStr)
|
|
if err != nil {
|
|
return 0, d.Errf("converting port '%s' to integer value: %v", httpPortStr, err)
|
|
}
|
|
}
|
|
return httpPort, nil
|
|
}
|
|
|
|
func parseOptHTTPSPort(d *caddyfile.Dispenser) (interface{}, error) {
|
|
var httpsPort int
|
|
for d.Next() {
|
|
var httpsPortStr string
|
|
if !d.AllArgs(&httpsPortStr) {
|
|
return 0, d.ArgErr()
|
|
}
|
|
var err error
|
|
httpsPort, err = strconv.Atoi(httpsPortStr)
|
|
if err != nil {
|
|
return 0, d.Errf("converting port '%s' to integer value: %v", httpsPortStr, err)
|
|
}
|
|
}
|
|
return httpsPort, nil
|
|
}
|
|
|
|
func parseOptOrder(d *caddyfile.Dispenser) (interface{}, error) {
|
|
newOrder := directiveOrder
|
|
|
|
for d.Next() {
|
|
// get directive name
|
|
if !d.Next() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
dirName := d.Val()
|
|
if _, ok := registeredDirectives[dirName]; !ok {
|
|
return nil, d.Errf("%s is not a registered directive", dirName)
|
|
}
|
|
|
|
// get positional token
|
|
if !d.Next() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
pos := d.Val()
|
|
|
|
// if directive exists, first remove it
|
|
for i, d := range newOrder {
|
|
if d == dirName {
|
|
newOrder = append(newOrder[:i], newOrder[i+1:]...)
|
|
break
|
|
}
|
|
}
|
|
|
|
// act on the positional
|
|
switch pos {
|
|
case "first":
|
|
newOrder = append([]string{dirName}, newOrder...)
|
|
if d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
directiveOrder = newOrder
|
|
return newOrder, nil
|
|
case "last":
|
|
newOrder = append(newOrder, dirName)
|
|
if d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
directiveOrder = newOrder
|
|
return newOrder, nil
|
|
case "before":
|
|
case "after":
|
|
default:
|
|
return nil, d.Errf("unknown positional '%s'", pos)
|
|
}
|
|
|
|
// get name of other directive
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
otherDir := d.Val()
|
|
if d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
|
|
// insert directive into proper position
|
|
for i, d := range newOrder {
|
|
if d == otherDir {
|
|
if pos == "before" {
|
|
newOrder = append(newOrder[:i], append([]string{dirName}, newOrder[i:]...)...)
|
|
} else if pos == "after" {
|
|
newOrder = append(newOrder[:i+1], append([]string{dirName}, newOrder[i+1:]...)...)
|
|
}
|
|
break
|
|
}
|
|
}
|
|
}
|
|
|
|
directiveOrder = newOrder
|
|
|
|
return newOrder, nil
|
|
}
|
|
|
|
func parseOptStorage(d *caddyfile.Dispenser) (interface{}, error) {
|
|
if !d.Next() { // consume option name
|
|
return nil, d.ArgErr()
|
|
}
|
|
if !d.Next() { // get storage module name
|
|
return nil, d.ArgErr()
|
|
}
|
|
modName := d.Val()
|
|
mod, err := caddy.GetModule("caddy.storage." + modName)
|
|
if err != nil {
|
|
return nil, d.Errf("getting storage module '%s': %v", modName, err)
|
|
}
|
|
unm, ok := mod.New().(caddyfile.Unmarshaler)
|
|
if !ok {
|
|
return nil, d.Errf("storage module '%s' is not a Caddyfile unmarshaler", mod.ID)
|
|
}
|
|
err = unm.UnmarshalCaddyfile(d.NewFromNextSegment())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
storage, ok := unm.(caddy.StorageConverter)
|
|
if !ok {
|
|
return nil, d.Errf("module %s is not a StorageConverter", mod.ID)
|
|
}
|
|
return storage, nil
|
|
}
|
|
|
|
func parseOptACMEEAB(d *caddyfile.Dispenser) (interface{}, error) {
|
|
eab := new(acme.EAB)
|
|
for d.Next() {
|
|
if d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
for nesting := d.Nesting(); d.NextBlock(nesting); {
|
|
switch d.Val() {
|
|
case "key_id":
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
eab.KeyID = d.Val()
|
|
|
|
case "mac_key":
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
eab.MACKey = d.Val()
|
|
|
|
default:
|
|
return nil, d.Errf("unrecognized parameter '%s'", d.Val())
|
|
}
|
|
}
|
|
}
|
|
return eab, nil
|
|
}
|
|
|
|
func parseOptCertIssuer(d *caddyfile.Dispenser) (interface{}, error) {
|
|
if !d.Next() { // consume option name
|
|
return nil, d.ArgErr()
|
|
}
|
|
if !d.Next() { // get issuer module name
|
|
return nil, d.ArgErr()
|
|
}
|
|
modName := d.Val()
|
|
mod, err := caddy.GetModule("tls.issuance." + modName)
|
|
if err != nil {
|
|
return nil, d.Errf("getting issuer module '%s': %v", modName, err)
|
|
}
|
|
unm, ok := mod.New().(caddyfile.Unmarshaler)
|
|
if !ok {
|
|
return nil, d.Errf("issuer module '%s' is not a Caddyfile unmarshaler", mod.ID)
|
|
}
|
|
err = unm.UnmarshalCaddyfile(d.NewFromNextSegment())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
iss, ok := unm.(certmagic.Issuer)
|
|
if !ok {
|
|
return nil, d.Errf("module %s is not a certmagic.Issuer", mod.ID)
|
|
}
|
|
return iss, nil
|
|
}
|
|
|
|
func parseOptSingleString(d *caddyfile.Dispenser) (interface{}, error) {
|
|
d.Next() // consume parameter name
|
|
if !d.Next() {
|
|
return "", d.ArgErr()
|
|
}
|
|
val := d.Val()
|
|
if d.Next() {
|
|
return "", d.ArgErr()
|
|
}
|
|
return val, nil
|
|
}
|
|
|
|
func parseOptAdmin(d *caddyfile.Dispenser) (interface{}, error) {
|
|
adminCfg := new(caddy.AdminConfig)
|
|
for d.Next() {
|
|
if d.NextArg() {
|
|
listenAddress := d.Val()
|
|
if listenAddress == "off" {
|
|
adminCfg.Disabled = true
|
|
if d.Next() { // Do not accept any remaining options including block
|
|
return nil, d.Err("No more option is allowed after turning off admin config")
|
|
}
|
|
} else {
|
|
adminCfg.Listen = listenAddress
|
|
if d.NextArg() { // At most 1 arg is allowed
|
|
return nil, d.ArgErr()
|
|
}
|
|
}
|
|
}
|
|
for nesting := d.Nesting(); d.NextBlock(nesting); {
|
|
switch d.Val() {
|
|
case "enforce_origin":
|
|
adminCfg.EnforceOrigin = true
|
|
|
|
case "origins":
|
|
adminCfg.Origins = d.RemainingArgs()
|
|
|
|
default:
|
|
return nil, d.Errf("unrecognized parameter '%s'", d.Val())
|
|
}
|
|
}
|
|
}
|
|
if adminCfg.Listen == "" && !adminCfg.Disabled {
|
|
adminCfg.Listen = caddy.DefaultAdminListen
|
|
}
|
|
return adminCfg, nil
|
|
}
|
|
|
|
func parseOptOnDemand(d *caddyfile.Dispenser) (interface{}, error) {
|
|
var ond *caddytls.OnDemandConfig
|
|
for d.Next() {
|
|
if d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
for nesting := d.Nesting(); d.NextBlock(nesting); {
|
|
switch d.Val() {
|
|
case "ask":
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
if ond == nil {
|
|
ond = new(caddytls.OnDemandConfig)
|
|
}
|
|
ond.Ask = d.Val()
|
|
|
|
case "interval":
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
dur, err := caddy.ParseDuration(d.Val())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if ond == nil {
|
|
ond = new(caddytls.OnDemandConfig)
|
|
}
|
|
if ond.RateLimit == nil {
|
|
ond.RateLimit = new(caddytls.RateLimit)
|
|
}
|
|
ond.RateLimit.Interval = caddy.Duration(dur)
|
|
|
|
case "burst":
|
|
if !d.NextArg() {
|
|
return nil, d.ArgErr()
|
|
}
|
|
burst, err := strconv.Atoi(d.Val())
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if ond == nil {
|
|
ond = new(caddytls.OnDemandConfig)
|
|
}
|
|
if ond.RateLimit == nil {
|
|
ond.RateLimit = new(caddytls.RateLimit)
|
|
}
|
|
ond.RateLimit.Burst = burst
|
|
|
|
default:
|
|
return nil, d.Errf("unrecognized parameter '%s'", d.Val())
|
|
}
|
|
}
|
|
}
|
|
if ond == nil {
|
|
return nil, d.Err("expected at least one config parameter for on_demand_tls")
|
|
}
|
|
return ond, nil
|
|
}
|
|
|
|
func parseOptAutoHTTPS(d *caddyfile.Dispenser) (interface{}, error) {
|
|
d.Next() // consume parameter name
|
|
if !d.Next() {
|
|
return "", d.ArgErr()
|
|
}
|
|
val := d.Val()
|
|
if d.Next() {
|
|
return "", d.ArgErr()
|
|
}
|
|
if val != "off" && val != "disable_redirects" {
|
|
return "", d.Errf("auto_https must be either 'off' or 'disable_redirects'")
|
|
}
|
|
return val, nil
|
|
}
|
|
|
|
func parseServerOptions(d *caddyfile.Dispenser) (interface{}, error) {
|
|
return unmarshalCaddyfileServerOptions(d)
|
|
}
|