Age | Commit message (Collapse) | Author |
|
|
|
* added health_follow_redirect in active health checks
* chore: code format
* chore: refactore reversproxy healthcheck redirect variable name and description of the same
* chore: formatting
* changed reverse proxy health check status code range to be between 200-299
* chore: formatting
---------
Co-authored-by: aliasgar <[email protected]>
|
|
* Allow usage of root CA without a key. Fixes #6290
* Update modules/caddypki/crypto.go
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
|
|
|
|
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 4 to 5.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v4...v5)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
* caddytls: Evict internal certs from cache based on issuer
During a config reload, we would keep certs in the cache fi they were used by the next config. If one config uses InternalIssuer and the other uses a public CA, this behavior is problematic / unintuitive, because there is a big difference between private/public CAs.
This change should ensure that internal issuers are considered when deciding whether to keep or evict from the cache during a reload, by making them distinct from each other and certs from public CAs.
* Make sure new TLS app manages configured certs
* Actually make it work
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Add option to configure certificate lifetime
* Bump CertMagic dep to latest master commit
* Apply suggestions and ran go mod tidy
* Update modules/caddytls/acmeissuer.go
Co-authored-by: Matt Holt <[email protected]>
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
Co-authored-by: Matt Holt <[email protected]>
Co-authored-by: Mohammed Al Sahaf <[email protected]>
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
|
|
|
|
|
|
They've been deprecated for over a year and we printed warnings during that time.
|
|
Previous commit only works when the backends don't read any of the body first.
|
|
Before this change, a read of size (let's say) < 10, into a buffer of size 10, will return EOF because we're using CopyN to limit to the size of the buffer. That resulted in the body being read from later, which should only happen if it couldn't fit in the buffer.
With this change, the body is properly NOT set when it can all fit in the buffer.
|
|
* logging: Fix default access logger
* Simplify logic, remove retry without port, reject config with port, docs
* Nil check
|
|
|
|
* cmd: fix error when running without config
* ci: add smoke test
|
|
(#6249)
|
|
|
|
We also improve Last-Modified handling in the file server.
Both changes should be more compliant with RFC 9110.
|
|
|
|
* caddyfile: Populate regexp matcher names by default
* Some lint cleanup that my VSCode complained about
* Pass down matcher name through expression matcher
* Compat with #6113: fix adapt test, set both styles in replacer
|
|
* record the number of bytes read when response writer is hijacked
* record body size when not nil
|
|
* caddyhttp: Support multiple logger names per host
* Lint
* Add adapt test
* Implement "string or array" parsing, keep original `logger_names`
* Rewrite adapter test to be more representative of the usecase
|
|
|
|
* Add zstd compression level support
* Refactored zstd levels to string arguments
fastest, default, better, best
* Add comment with list of all available levels
* Corrected data types for config
---------
Co-authored-by: Evgeny Blinov <[email protected]>
Co-authored-by: Matt Holt <[email protected]>
|
|
Co-authored-by: Matt Holt <[email protected]>
|
|
* connection policy: add `local_ip`
Co-authored-by: Matt Holt <[email protected]>
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades
* caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME
* Fix go.mod
* caddytls: Fix automation related to managers (fix #6060)
* Fix typo (appease linter)
* Fix HTTP validation with ZeroSSL API
|
|
Only needed for JSON configs, and only temporarily as the ask property is deprecated and will be removed.
|
|
|
|
|
|
* added new modular ca providers to caddy tls HttpTransport
* reverse-proxy, httptransport: added tests and caddyfile support for ca module
---------
Co-authored-by: Mohammed Al Sahaf <[email protected]>
|
|
|
|
|
|
This can be helpful if editors only consider file extensions for certain features.
* added special case support for caddyfile suffix, case insensitive
* Update cmd/main.go
Co-authored-by: Matt Holt <[email protected]>
* skip caddyfile adapter for registered file extensions
---------
Co-authored-by: Matt Holt <[email protected]>
|