Age | Commit message (Collapse) | Author |
|
|
|
|
|
* caddyhttp: Add `{prefixed_query}` placeholder
* fastcgi: Preserve query during canonical redirect
* Use orig_uri instead for the redirect, shorter Caddyfile shortcut
|
|
* Allow log sampling configuration from Caddyfile
* Add log sampling adapt tests
|
|
|
|
* caddyhttp: Add `MatchWithError` to replace SetVar hack
* Error in IP matchers on TLS handshake not complete
* Use MatchWithError everywhere possible
* Move implementations to MatchWithError versions
* Looser interface checking to allow fallback
* CEL factories can return RequestMatcherWithError
* Clarifying comment since it's subtle that an err is returned
* Return 425 Too Early status in IP matchers
* Keep AnyMatch signature the same for now
* Apparently Deprecated can't be all-uppercase to get IDE linting
* Linter
|
|
* httpcaddyfile: Fixes for prefer_wildcard mode
The wildcard hosts need to be collected first, then considered after, because there's no guarantee that all non-wildcards will appear after all wildcards when looping. Also we should not add a domain to Skip if it doesn't qualify for TLS anyway.
* Alternate solution by avoiding adding APs altogether if covered by wildcard
|
|
* right side in tls ln
* remove ParseNetworkAddressFromHostPort
* ignore placeholder port
* remove println
* update test cases (!!!)
* []
* comment
* Trim
* Update addresses.go
|
|
|
|
* metrics: move `metrics` up, outside `servers`
This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers.
Fix #6604
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* normalize domain name
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
|
|
|
|
* Add per host config
* Pass host label when option is enabled
* Test per host enabled
* metrics: scope metrics per loaded config
* doc and linter
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* inject the custom registry into the admin handler
Co-Authored-By: Dave Henderson <[email protected]>
* remove `TODO` comment
* fixes
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* refactor to delay metrics admin handler provision
Signed-off-by: Mohammed Al Sahaf <[email protected]>
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
Co-authored-by: Hussam Almarzooq <[email protected]>
Co-authored-by: Dave Henderson <[email protected]>
|
|
* Allow specifying multiple `auto_https` options
* Implement `auto_https prefer_wildcard` option
* Adapt tests, add mock DNS module for config testing
* Rebase fix
|
|
* caddy adapt for listen_protocols
* adapt listen_socket
* allow multiple listen sockets for port ranges and readd socket fd listen logic
* readd logic to start servers according to listener protocols
* gofmt
* adapt caddytest
* gosec
* fmt and rename listen to listenWithSocket
* fmt and rename listen to listenWithSocket
* more consistent error msg
* non unix listenReusableWithSocketFile
* remove unused func
* doc comment typo
* nonosec
* commit
* doc comments
* more doc comments
* comment was misleading, cardinality did not change
* addressesWithProtocols
* update test
* fd/ and fdgram/
* rm addr
* actually write...
* i guess we doin' "skip": now
* wrong var in placeholder
* wrong var in placeholder II
* update param name in comment
* dont save nil file pointers
* windows
* key -> parsedKey
* osx
* multiple default_bind with protocols
* check for h1 and h2 listener netw
|
|
* chore: Use slices package where possible
* More, mostly using ContainsFunc
* Even more slice operations
|
|
|
|
* caddyhttp: Trace individual middleware handlers
* Fix typo
|
|
* feat: add generic response interceptors
* fix: cs
* rename intercept
* add some docs
* @francislavoie review (first round)
* Update modules/caddyhttp/intercept/intercept.go
Co-authored-by: Francis Lavoie <[email protected]>
* shorthands: ir to resp
* mark exported symbols as experimental
---------
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
|
|
* Add option to configure certificate lifetime
* Bump CertMagic dep to latest master commit
* Apply suggestions and ran go mod tidy
* Update modules/caddytls/acmeissuer.go
Co-authored-by: Matt Holt <[email protected]>
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
|
|
* caddyfile: Populate regexp matcher names by default
* Some lint cleanup that my VSCode complained about
* Pass down matcher name through expression matcher
* Compat with #6113: fix adapt test, set both styles in replacer
|
|
* caddyhttp: Support multiple logger names per host
* Lint
* Add adapt test
* Implement "string or array" parsing, keep original `logger_names`
* Rewrite adapter test to be more representative of the usecase
|
|
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades
* caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME
* Fix go.mod
* caddytls: Fix automation related to managers (fix #6060)
* Fix typo (appease linter)
* Fix HTTP validation with ZeroSSL API
|
|
|
|
|
|
* httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors
* Set up Positional enum
* Linter doesn't like a switch on an enum with default
* Update caddyconfig/httpcaddyfile/directives.go
Co-authored-by: Matt Holt <[email protected]>
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
* logging: Implement `extra_log` handler
* Rename to `log_append`
* Rename `skip_log` to `log_skip`
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
Co-authored-by: Matt Holt <[email protected]>
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
* caddytls: Make on-demand 'ask' permission modular
This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.
Kicking myself that we didn't do it this way at the beginning, but who coulda known...
* Lint
* Error on conflicting config
* Fix bad merge
---------
Co-authored-by: Francis Lavoie <[email protected]>
|
|
* tls: modularize client authentication trusted CA
* add `omitempty` to `CARaw`
* docs
* initial caddyfile support
* revert anything related to leaf cert validation
The certs are used differently than the CA pool flow
* complete caddyfile unmarshalling implementation
* Caddyfile syntax documentation
* enhance caddyfile parsing and documentation
Apply suggestions from code review
Co-authored-by: Francis Lavoie <[email protected]>
* add client_auth caddyfile tests
* add caddyfile unmarshalling tests
* fix and add missed adapt tests
* fix rebase issue
---------
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
directive (#5965)
Co-authored-by: Aziz Rmadi <[email protected]>
|
|
matcher (#5844)
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
|
|
* Added verifier case
Update author
* Update verifier to match struct tag
* gci run
|
|
|
|
|
|
* httpcaddyfile: Sort skip_hosts for deterministic JSON
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Mohammed Al Sahaf <[email protected]>
* Fix test
* Bah
---------
Co-authored-by: Mohammed Al Sahaf <[email protected]>
|
|
|
|
Co-authored-by: Matt Holt <[email protected]>
|
|
|