summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)Author
2024-05-07go.mod: CertMagic v0.21.0v2.8.0-beta.2Matthew Holt
2024-05-07reverseproxy: Implement health_follow_redirects (#6302)Ali Asgar
* added health_follow_redirect in active health checks * chore: code format * chore: refactore reversproxy healthcheck redirect variable name and description of the same * chore: formatting * changed reverse proxy health check status code range to be between 200-299 * chore: formatting --------- Co-authored-by: aliasgar <[email protected]>
2024-05-07caddypki: Allow use of root CA without a key. Fixes #6290 (#6298)Florian Apolloner
* Allow usage of root CA without a key. Fixes #6290 * Update modules/caddypki/crypto.go --------- Co-authored-by: Matt Holt <[email protected]>
2024-05-06go.mod: Upgrade to quic-go v0.43.1Matthew Holt
2024-05-06reverseproxy: HTTP transport: fix PROXY protocol initialization (#6301)Mohammed Al Sahaf
2024-05-06caddytls: Ability to drop connections (close #6294)Matthew Holt
2024-05-02build(deps): bump golangci/golangci-lint-action from 4 to 5 (#6289)dependabot[bot]
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 4 to 5. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/v4...v5) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-01httpcaddyfile: Fix expression matcher shortcut in snippets (#6288)Francis Lavoie
2024-04-30caddytls: Evict internal certs from cache based on issuer (#6266)v2.8.0-beta.1Matt Holt
* caddytls: Evict internal certs from cache based on issuer During a config reload, we would keep certs in the cache fi they were used by the next config. If one config uses InternalIssuer and the other uses a public CA, this behavior is problematic / unintuitive, because there is a big difference between private/public CAs. This change should ensure that internal issuers are considered when deciding whether to keep or evict from the cache during a reload, by making them distinct from each other and certs from public CAs. * Make sure new TLS app manages configured certs * Actually make it work
2024-04-27chore: add warn logs when using deprecated fields (#6276)Mohammed Al Sahaf
2024-04-27caddyhttp: Fix linter warning about deprecationMatthew Holt
2024-04-27go.mod: Upgrade to quic-go v0.43.0Matthew Holt
2024-04-26fileserver: Set "Vary: Accept-Encoding" header (see #5849)Matthew Holt
2024-04-26events: Add debug logMatthew Holt
2024-04-26reverseproxy: handle buffered data during hijack (#6274)WeidiDeng
2024-04-24ci: remove `android` and `plan9` from cross-build workflow (#6268)Mohammed Al Sahaf
2024-04-24run `golangci-lint run --fix --fast` (#6270)Mohammed Al Sahaf
2024-04-24caddytls: Option to configure certificate lifetime (#6253)clauverjat
* Add option to configure certificate lifetime * Bump CertMagic dep to latest master commit * Apply suggestions and ran go mod tidy * Update modules/caddytls/acmeissuer.go Co-authored-by: Matt Holt <[email protected]> --------- Co-authored-by: Matt Holt <[email protected]>
2024-04-24replacer: Implement `file.*` global replacements (#5463)Francis Lavoie
Co-authored-by: Matt Holt <[email protected]> Co-authored-by: Mohammed Al Sahaf <[email protected]>
2024-04-24caddyhttp: Address some Go 1.20 features (#6252)Matt Holt
Co-authored-by: Francis Lavoie <[email protected]>
2024-04-23Quell linter (false positive)Matthew Holt
2024-04-23reverse_proxy: Add grace_period for SRV upstreams to Caddyfile (#6264)Aziz Rmadi
2024-04-23doc: add `verifier` in `ClientAuthentication` caddyfile marshaler doc (#6263)Mohammed Al Sahaf
2024-04-22caddytls: Add Caddyfile support for on-demand permission module (close #6260)Matthew Holt
2024-04-22reverseproxy: Remove long-deprecated buffering propertiesMatthew Holt
They've been deprecated for over a year and we printed warnings during that time.
2024-04-22reverseproxy: Reuse buffered request body even if partially drainedMatthew Holt
Previous commit only works when the backends don't read any of the body first.
2024-04-22reverseproxy: Accept EOF when bufferingMatthew Holt
Before this change, a read of size (let's say) < 10, into a buffer of size 10, will return EOF because we're using CopyN to limit to the size of the buffer. That resulted in the body being read from later, which should only happen if it couldn't fit in the buffer. With this change, the body is properly NOT set when it can all fit in the buffer.
2024-04-22logging: Fix default access logger (#6251)Francis Lavoie
* logging: Fix default access logger * Simplify logic, remove retry without port, reject config with port, docs * Nil check
2024-04-19fileserver: Improve Vary handling (#5849)Matthew Holt
2024-04-18cmd: Only validate config is proper JSON if config slice has data (#6250)Mohammed Al Sahaf
* cmd: fix error when running without config * ci: add smoke test
2024-04-18staticresp: Use the evaluated response body for sniffing JSON content-type ↵Mohammed Al Sahaf
(#6249)
2024-04-17encode: Slight fix for the previous commitMatthew Holt
2024-04-17encode: Improve Etag handling (fix #5849)Matthew Holt
We also improve Last-Modified handling in the file server. Both changes should be more compliant with RFC 9110.
2024-04-17httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148)Matthew Holt
2024-04-17caddyfile: Populate regexp matcher names by default (#6145)Francis Lavoie
* caddyfile: Populate regexp matcher names by default * Some lint cleanup that my VSCode complained about * Pass down matcher name through expression matcher * Compat with #6113: fix adapt test, set both styles in replacer
2024-04-17caddyhttp: record num. bytes read when response writer is hijacked (#6173)WeidiDeng
* record the number of bytes read when response writer is hijacked * record body size when not nil
2024-04-16caddyhttp: Support multiple logger names per host (#6088)Francis Lavoie
* caddyhttp: Support multiple logger names per host * Lint * Add adapt test * Implement "string or array" parsing, keep original `logger_names` * Rewrite adapter test to be more representative of the usecase
2024-04-16chore: fix some typos in comments (#6243)coderwander
2024-04-16encode: Configurable compression level for zstd (#6140)dev-polymer
* Add zstd compression level support * Refactored zstd levels to string arguments fastest, default, better, best * Add comment with list of all available levels * Corrected data types for config --------- Co-authored-by: Evgeny Blinov <[email protected]> Co-authored-by: Matt Holt <[email protected]>
2024-04-15caddytls: Remove shim code supporting deprecated lego-dns (#6231)Aziz Rmadi
Co-authored-by: Matt Holt <[email protected]>
2024-04-15connection policy: add `local_ip` matcher (#6074)Mohammed Al Sahaf
* connection policy: add `local_ip` Co-authored-by: Matt Holt <[email protected]> --------- Co-authored-by: Matt Holt <[email protected]>
2024-04-15reverseproxy: Wait for both ends of websocket to close (#6175)WeidiDeng
2024-04-13caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229)Matt Holt
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades * caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME * Fix go.mod * caddytls: Fix automation related to managers (fix #6060) * Fix typo (appease linter) * Fix HTTP validation with ZeroSSL API
2024-04-13caddytls: Still provision permission module if ask is specifiedMatthew Holt
Only needed for JSON configs, and only temporarily as the ask property is deprecated and will be removed.
2024-04-13fileserver: read etags from precomputed files (#6222)Aziz Rmadi
2024-04-12fileserver: Escape # and ? in img src (fix #6237)Matthew Holt
2024-04-12reverseproxy: Implement modular CA provider for TLS transport (#6065)Aziz Rmadi
* added new modular ca providers to caddy tls HttpTransport * reverse-proxy, httptransport: added tests and caddyfile support for ca module --------- Co-authored-by: Mohammed Al Sahaf <[email protected]>
2024-04-12caddyhttp: Apply auto HTTPS redir to all interfaces (fix #6226)Matthew Holt
2024-04-11cmd: Fix panic related to config filename (fix #5919)Matthew Holt
2024-04-11cmd: Assume Caddyfile based on filename prefix and suffix (#5919)Omar Hussein
This can be helpful if editors only consider file extensions for certain features. * added special case support for caddyfile suffix, case insensitive * Update cmd/main.go Co-authored-by: Matt Holt <[email protected]> * skip caddyfile adapter for registered file extensions --------- Co-authored-by: Matt Holt <[email protected]>