aboutsummaryrefslogtreecommitdiffhomepage
path: root/caddyconfig/httpcaddyfile
AgeCommit message (Collapse)Author
23 hourshttpcaddyfile: Implement experimental `force_automate` option (#6712)HEADmasterFrancis Lavoie
6 daysgo.mod: Upgrade ACMEz to v3; and upgrade CertMagicMatthew Holt
2024-12-02caddyhttp: Add `{?query}` placeholder (#6714)Francis Lavoie
* caddyhttp: Add `{prefixed_query}` placeholder * fastcgi: Preserve query during canonical redirect * Use orig_uri instead for the redirect, shorter Caddyfile shortcut
2024-11-11httpcaddyfile: Implement log `sampling` config (#6682)Nikolai K
* Allow log sampling configuration from Caddyfile * Add log sampling adapt tests
2024-11-05caddytls: Allow disabling storage cleaning, avoids writing two files (#6593)Francis Lavoie
2024-11-04caddyhttp: Add `MatchWithError` to replace SetVar hack (#6596)Francis Lavoie
* caddyhttp: Add `MatchWithError` to replace SetVar hack * Error in IP matchers on TLS handshake not complete * Use MatchWithError everywhere possible * Move implementations to MatchWithError versions * Looser interface checking to allow fallback * CEL factories can return RequestMatcherWithError * Clarifying comment since it's subtle that an err is returned * Return 425 Too Early status in IP matchers * Keep AnyMatch signature the same for now * Apparently Deprecated can't be all-uppercase to get IDE linting * Linter
2024-10-30httpcaddyfile: Fixes for `prefer_wildcard` mode (#6636)Francis Lavoie
* httpcaddyfile: Fixes for prefer_wildcard mode The wildcard hosts need to be collected first, then considered after, because there's no guarantee that all non-wildcards will appear after all wildcards when looping. Also we should not add a domain to Skip if it doesn't qualify for TLS anyway. * Alternate solution by avoiding adding APs altogether if covered by wildcard
2024-10-21core: addresses.go funcs renames (#6622)Aaron Paterson
* right side in tls ln * remove ParseNetworkAddressFromHostPort * ignore placeholder port * remove println * update test cases (!!!) * [] * comment * Trim * Update addresses.go
2024-10-21chore: fix some function names in comment (#6650)David Wood
2024-10-18metrics: move `metrics` up, outside `servers` (#6606)Mohammed Al Sahaf
* metrics: move `metrics` up, outside `servers` This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers. Fix #6604 Signed-off-by: Mohammed Al Sahaf <[email protected]> * normalize domain name --------- Signed-off-by: Mohammed Al Sahaf <[email protected]>
2024-10-07caddytls: Drop `rate_limit` and `burst`, has been deprecated (#6611)Francis Lavoie
2024-10-02metrics: scope metrics to active config, add optional per-host metrics (#6531)v2.9.0-beta.1Mohammed Al Sahaf
* Add per host config * Pass host label when option is enabled * Test per host enabled * metrics: scope metrics per loaded config * doc and linter Signed-off-by: Mohammed Al Sahaf <[email protected]> * inject the custom registry into the admin handler Co-Authored-By: Dave Henderson <[email protected]> * remove `TODO` comment * fixes Signed-off-by: Mohammed Al Sahaf <[email protected]> * refactor to delay metrics admin handler provision Signed-off-by: Mohammed Al Sahaf <[email protected]> --------- Signed-off-by: Mohammed Al Sahaf <[email protected]> Co-authored-by: Hussam Almarzooq <[email protected]> Co-authored-by: Dave Henderson <[email protected]>
2024-10-02caddyhttp: Implement `auto_https prefer_wildcard` option (#6146)Francis Lavoie
* Allow specifying multiple `auto_https` options * Implement `auto_https prefer_wildcard` option * Adapt tests, add mock DNS module for config testing * Rebase fix
2024-09-30core: Implement socket activation listeners (#6573)Aaron Paterson
* caddy adapt for listen_protocols * adapt listen_socket * allow multiple listen sockets for port ranges and readd socket fd listen logic * readd logic to start servers according to listener protocols * gofmt * adapt caddytest * gosec * fmt and rename listen to listenWithSocket * fmt and rename listen to listenWithSocket * more consistent error msg * non unix listenReusableWithSocketFile * remove unused func * doc comment typo * nonosec * commit * doc comments * more doc comments * comment was misleading, cardinality did not change * addressesWithProtocols * update test * fd/ and fdgram/ * rm addr * actually write... * i guess we doin' "skip": now * wrong var in placeholder * wrong var in placeholder II * update param name in comment * dont save nil file pointers * windows * key -> parsedKey * osx * multiple default_bind with protocols * check for h1 and h2 listener netw
2024-09-25chore: Use slices package where possible (#6585)Francis Lavoie
* chore: Use slices package where possible * More, mostly using ContainsFunc * Even more slice operations
2024-06-10logging: Customizable zap cores (#6381)Omar Ramadan
2024-05-18caddyhttp: Trace individual middleware handlers (#6313)Matt Holt
* caddyhttp: Trace individual middleware handlers * Fix typo
2024-05-13caddyhttp: New experimental handler for intercepting responses (#6232)Kévin Dunglas
* feat: add generic response interceptors * fix: cs * rename intercept * add some docs * @francislavoie review (first round) * Update modules/caddyhttp/intercept/intercept.go Co-authored-by: Francis Lavoie <[email protected]> * shorthands: ir to resp * mark exported symbols as experimental --------- Co-authored-by: Francis Lavoie <[email protected]>
2024-05-11httpcaddyfile: Set challenge ports when http_port or https_port are usedMatthew Holt
2024-05-11logging: Add support for additional logger filters other than hostname (#6082)Aziz Rmadi
Co-authored-by: Francis Lavoie <[email protected]>
2024-05-01httpcaddyfile: Fix expression matcher shortcut in snippets (#6288)Francis Lavoie
2024-04-27chore: add warn logs when using deprecated fields (#6276)Mohammed Al Sahaf
2024-04-24caddytls: Option to configure certificate lifetime (#6253)clauverjat
* Add option to configure certificate lifetime * Bump CertMagic dep to latest master commit * Apply suggestions and ran go mod tidy * Update modules/caddytls/acmeissuer.go Co-authored-by: Matt Holt <[email protected]> --------- Co-authored-by: Matt Holt <[email protected]>
2024-04-22caddytls: Add Caddyfile support for on-demand permission module (close #6260)Matthew Holt
2024-04-17httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148)Matthew Holt
2024-04-17caddyfile: Populate regexp matcher names by default (#6145)Francis Lavoie
* caddyfile: Populate regexp matcher names by default * Some lint cleanup that my VSCode complained about * Pass down matcher name through expression matcher * Compat with #6113: fix adapt test, set both styles in replacer
2024-04-16caddyhttp: Support multiple logger names per host (#6088)Francis Lavoie
* caddyhttp: Support multiple logger names per host * Lint * Add adapt test * Implement "string or array" parsing, keep original `logger_names` * Rewrite adapter test to be more representative of the usecase
2024-04-13caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229)Matt Holt
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades * caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME * Fix go.mod * caddytls: Fix automation related to managers (fix #6060) * Fix typo (appease linter) * Fix HTTP validation with ZeroSSL API
2024-04-04chore: Upgrade some dependencies (#6221)Francis Lavoie
2024-03-07httpcaddyfile: Keep deprecated `skip_log` in directive order (#6153)Steffen Busch
2024-03-06httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors (#5865)Francis Lavoie
* httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors * Set up Positional enum * Linter doesn't like a switch on an enum with default * Update caddyconfig/httpcaddyfile/directives.go Co-authored-by: Matt Holt <[email protected]> --------- Co-authored-by: Matt Holt <[email protected]>
2024-03-05logging: Implement `log_append` handler (#6066)Francis Lavoie
* logging: Implement `extra_log` handler * Rename to `log_append` * Rename `skip_log` to `log_skip` --------- Co-authored-by: Matt Holt <[email protected]>
2024-03-05httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113)Francis Lavoie
Co-authored-by: Matt Holt <[email protected]>
2024-02-19caddyfile: Reject directives in the place of site addresses (#6104)Aziz Rmadi
Co-authored-by: Francis Lavoie <[email protected]>
2024-02-12caddyauth: Rename `basicauth` to `basic_auth` (#6092)Francis Lavoie
2024-01-30caddytls: Make on-demand 'ask' permission modular (#6055)Matt Holt
* caddytls: Make on-demand 'ask' permission modular This makes the 'ask' endpoint a module, which means that developers can write custom plugins for granting permission for on-demand certificates. Kicking myself that we didn't do it this way at the beginning, but who coulda known... * Lint * Error on conflicting config * Fix bad merge --------- Co-authored-by: Francis Lavoie <[email protected]>
2024-01-25tls: modularize trusted CA providers (#5784)Mohammed Al Sahaf
* tls: modularize client authentication trusted CA * add `omitempty` to `CARaw` * docs * initial caddyfile support * revert anything related to leaf cert validation The certs are used differently than the CA pool flow * complete caddyfile unmarshalling implementation * Caddyfile syntax documentation * enhance caddyfile parsing and documentation Apply suggestions from code review Co-authored-by: Francis Lavoie <[email protected]> * add client_auth caddyfile tests * add caddyfile unmarshalling tests * fix and add missed adapt tests * fix rebase issue --------- Co-authored-by: Francis Lavoie <[email protected]>
2024-01-23caddyfile: Normalize & flatten all unmarshalers (#6037)Francis Lavoie
2024-01-16httpcaddyfile: Add optional status code argument to `handle_errors` ↵Aziz Rmadi
directive (#5965) Co-authored-by: Aziz Rmadi <[email protected]>
2024-01-15httpcaddyfile: Rewrite `root` and `rewrite` parsing to allow omitting ↵Francis Lavoie
matcher (#5844)
2024-01-13caddyhttp: Security enhancements for client IP parsing (#5805)Nebez Briefkani
Co-authored-by: Francis Lavoie <[email protected]>
2024-01-13filesystem: Globally declared filesystems, `fs` directive (#5833)a
2024-01-10httpcaddyfile: Fix redir <to> html (#6001)Subhaditya Nath
2024-01-09httpcaddyfile: Support client auth verifiers (#6022)Zach Galvin
* Added verifier case Update author * Update verifier to match struct tag * gci run
2024-01-09tls: add reuse_private_keys (#6025)Rithvik Vibhu
2023-12-20httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997)Francis Lavoie
2023-12-18httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990)Francis Lavoie
* httpcaddyfile: Sort skip_hosts for deterministic JSON * Update caddyconfig/httpcaddyfile/httptype.go Co-authored-by: Mohammed Al Sahaf <[email protected]> * Fix test * Bah --------- Co-authored-by: Mohammed Al Sahaf <[email protected]>
2023-12-13caddyhttp: Add `uuid` to access logs when used (#5859)Francis Lavoie
2023-10-16httpcaddyfile: Remove port from logger names (#5881)Francis Lavoie
Co-authored-by: Matt Holt <[email protected]>
2023-10-14httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896)Francis Lavoie