summaryrefslogtreecommitdiffhomepage
path: root/modules/caddyhttp/server.go
diff options
context:
space:
mode:
authorMatthew Holt <[email protected]>2020-01-13 16:16:20 -0700
committerMatthew Holt <[email protected]>2020-01-13 16:16:20 -0700
commit271b5af14894a8cca5fc6aa6f1c17823a1fb5ff3 (patch)
treeeacc2a410024429bd67496c0942bcd27c2a9fbc7 /modules/caddyhttp/server.go
parent99e2b56519b89237a28dd176c4eb0604d1cf5297 (diff)
downloadcaddy-271b5af14894a8cca5fc6aa6f1c17823a1fb5ff3.tar.gz
caddy-271b5af14894a8cca5fc6aa6f1c17823a1fb5ff3.zip
http: Refactor automatic HTTPS (fixes #2972)
This splits automatic HTTPS into two phases. The first provisions the route matchers and uses them to build the domain set and configure auto HTTP->HTTPS redirects. This happens before the rest of the provisioning does. The second phase takes place at the beginning of the app start. It attaches pointers to the tls app to each server, and begins certificate management for the domains that were found in the first phase.
Diffstat (limited to 'modules/caddyhttp/server.go')
-rw-r--r--modules/caddyhttp/server.go53
1 files changed, 5 insertions, 48 deletions
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go
index ce61b13b0..1c896a441 100644
--- a/modules/caddyhttp/server.go
+++ b/modules/caddyhttp/server.go
@@ -173,7 +173,7 @@ func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
}
log("handled request",
- zap.String("common_log", repl.ReplaceAll(CommonLogFormat, "-")),
+ zap.String("common_log", repl.ReplaceAll(commonLogFormat, "-")),
zap.Duration("latency", latency),
zap.Int("size", wrec.Size()),
zap.Int("status", wrec.Status()),
@@ -317,49 +317,6 @@ func (s *Server) hasTLSClientAuth() bool {
return false
}
-// AutoHTTPSConfig is used to disable automatic HTTPS
-// or certain aspects of it for a specific server.
-// HTTPS is enabled automatically and by default when
-// qualifying hostnames are available from the config.
-type AutoHTTPSConfig struct {
- // If true, automatic HTTPS will be entirely disabled.
- Disabled bool `json:"disable,omitempty"`
-
- // If true, only automatic HTTP->HTTPS redirects will
- // be disabled.
- DisableRedir bool `json:"disable_redirects,omitempty"`
-
- // Hosts/domain names listed here will not be included
- // in automatic HTTPS (they will not have certificates
- // loaded nor redirects applied).
- Skip []string `json:"skip,omitempty"`
-
- // Hosts/domain names listed here will still be enabled
- // for automatic HTTPS (unless in the Skip list), except
- // that certificates will not be provisioned and managed
- // for these names.
- SkipCerts []string `json:"skip_certificates,omitempty"`
-
- // By default, automatic HTTPS will obtain and renew
- // certificates for qualifying hostnames. However, if
- // a certificate with a matching SAN is already loaded
- // into the cache, certificate management will not be
- // enabled. To force automated certificate management
- // regardless of loaded certificates, set this to true.
- IgnoreLoadedCerts bool `json:"ignore_loaded_certificates,omitempty"`
-}
-
-// Skipped returns true if name is in skipSlice, which
-// should be one of the Skip* fields on ahc.
-func (ahc AutoHTTPSConfig) Skipped(name string, skipSlice []string) bool {
- for _, n := range skipSlice {
- if name == n {
- return true
- }
- }
- return false
-}
-
// HTTPErrorConfig determines how to handle errors
// from the HTTP handlers.
type HTTPErrorConfig struct {
@@ -466,11 +423,11 @@ func cloneURL(from, to *url.URL) {
}
const (
- // CommonLogFormat is the common log format. https://en.wikipedia.org/wiki/Common_Log_Format
- CommonLogFormat = `{http.request.remote.host} ` + CommonLogEmptyValue + ` {http.authentication.user.id} [{time.now.common_log}] "{http.request.orig_method} {http.request.orig_uri} {http.request.proto}" {http.response.status} {http.response.size}`
+ // commonLogFormat is the common log format. https://en.wikipedia.org/wiki/Common_Log_Format
+ commonLogFormat = `{http.request.remote.host} ` + commonLogEmptyValue + ` {http.authentication.user.id} [{time.now.common_log}] "{http.request.orig_method} {http.request.orig_uri} {http.request.proto}" {http.response.status} {http.response.size}`
- // CommonLogEmptyValue is the common empty log value.
- CommonLogEmptyValue = "-"
+ // commonLogEmptyValue is the common empty log value.
+ commonLogEmptyValue = "-"
)
// Context keys for HTTP request context values.