| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* feat: add first_exist_or_fallback strategy for try_files
* fix tests
* linter
|
|
* caddyhttp: Add `{prefixed_query}` placeholder
* fastcgi: Preserve query during canonical redirect
* Use orig_uri instead for the redirect, shorter Caddyfile shortcut
|
|
* fix: handle "request body too large" error using type assertion
* fix: address overlooked nil check for MaxBytesError
* fix: replace type assertion with errors.As() for MaxBytesError
|
|
* perf: remove dir redirection when useless in php_fastcgi
* fix test
* review
* fix
* fix
* simplify
* simplify again
* restore test
* add test
|
|
Ref. #6663
|
|
* core: Implement FastAbs to avoid repeated os.Getwd calls
* Lint
* Rename files
|
|
i.e. Revert commit f5dce84a7028d1b116db7fead27ff8b2506baf78
Two years ago, the patch in #4952 was a seemingly necessary way to fix an issue (sort of an edge case), but it broke other more common use cases (see #6666).
Now, as of #6669, it seems like the original issue can no longer be replicated, so we are reverting that patch, because it was incorrect anyway.
If it turns out the original issue returns, a more proper patch may be in #6669 (even if used as a baseline for a future fix). A potential future fix could be an opt-in setting.
|
|
* Allow 0 as weights
Change positive to non-negative
* reverseproxy: allow 0 as weighted round robin value
* test: add more wrr select test
---------
Co-authored-by: peanutduck <[email protected]>
|
|
|
|
* Add file_limit option for file_server browse
* Move file_limit inside browse.
* add file_server_file_limit caddyfile adapt test.
|
|
* caddyhttp: Add `MatchWithError` to replace SetVar hack
* Error in IP matchers on TLS handshake not complete
* Use MatchWithError everywhere possible
* Move implementations to MatchWithError versions
* Looser interface checking to allow fallback
* CEL factories can return RequestMatcherWithError
* Clarifying comment since it's subtle that an err is returned
* Return 425 Too Early status in IP matchers
* Keep AnyMatch signature the same for now
* Apparently Deprecated can't be all-uppercase to get IDE linting
* Linter
|
|
|
|
Reported at https://github.com/mholt/caddy-sqlite-fs/issues/3
|
|
* reverseproxy: Sync changes from stdlib for 1xx handling
Sourced from https://github.com/golang/go/commit/960654be0c4ad7918376e2e1d47491c9bc7520e0
* Use clear()
https://github.com/golang/go/commit/3bc28402fae2a1646e4d2756344b5eb34994d25f
|
|
Fixes regression from #6560
|
|
placeholder (#6646)
* logging: Add spanID field to access logs when tracing is enabled
Signed-off-by: YifanYang6 <[email protected]>
* tracing: add `http.vars.span_id` placeholder when tracing is enabled
Signed-off-by: YifanYang6 <[email protected]>
---------
Signed-off-by: YifanYang6 <[email protected]>
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
* metrics: move `metrics` up, outside `servers`
This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers.
Fix #6604
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* normalize domain name
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
|
|
* close http3 server gracefully
* update server field
* update from upstream
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
Co-authored-by: Francis Lavoie <[email protected]>
|
|
|
|
This fixes a regression in 2.8 where IP addresses
would be considered qualifying for public certs
by auto-HTTPS. The default issuers do not issue
IP certs at this time, so if no APs are explicitly
configured, we assign them to the internal
issuer. We have to add a couple lines of code because
CertMagic can no longer consider IPs as not
qualifying for public certs, since there are public CAs
that issue IP certs. This edge case is specific to Caddy's
auto-HTTPS.
Without this patch, Caddy will try using Let's Encrypt
or ZeroSSL's ACME endpoint to get IP certs, neither
of which support that.
|
|
* Add per host config
* Pass host label when option is enabled
* Test per host enabled
* metrics: scope metrics per loaded config
* doc and linter
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* inject the custom registry into the admin handler
Co-Authored-By: Dave Henderson <[email protected]>
* remove `TODO` comment
* fixes
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* refactor to delay metrics admin handler provision
Signed-off-by: Mohammed Al Sahaf <[email protected]>
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
Co-authored-by: Hussam Almarzooq <[email protected]>
Co-authored-by: Dave Henderson <[email protected]>
|
|
* Allow specifying multiple `auto_https` options
* Implement `auto_https prefer_wildcard` option
* Adapt tests, add mock DNS module for config testing
* Rebase fix
|
|
* caddyhttp: Escaping placeholders in CEL
* Simplify some of the test cases
* Implement vars and vars_regexp in CEL
* dupl lint is dumb
* Better consts for the placeholder CEL shortcut
* Bump CEL version, register a few extensions
* Refactor s390x test script for readability
* Add retries for s390x to smooth over flakiness
* Switch to `ph` for the CEL shortcut (match it in templates cause why not)
|
|
* caddyhttp: Limit auto-HTTPS error logs to 100 domains
* Improve error message and increase error size limit
|
|
Co-authored-by: Matt Holt <[email protected]>
|
|
|
|
|
|
* caddy adapt for listen_protocols
* adapt listen_socket
* allow multiple listen sockets for port ranges and readd socket fd listen logic
* readd logic to start servers according to listener protocols
* gofmt
* adapt caddytest
* gosec
* fmt and rename listen to listenWithSocket
* fmt and rename listen to listenWithSocket
* more consistent error msg
* non unix listenReusableWithSocketFile
* remove unused func
* doc comment typo
* nonosec
* commit
* doc comments
* more doc comments
* comment was misleading, cardinality did not change
* addressesWithProtocols
* update test
* fd/ and fdgram/
* rm addr
* actually write...
* i guess we doin' "skip": now
* wrong var in placeholder
* wrong var in placeholder II
* update param name in comment
* dont save nil file pointers
* windows
* key -> parsedKey
* osx
* multiple default_bind with protocols
* check for h1 and h2 listener netw
|
|
* uses zap's .WithLazy with a cloned request
* fixes the cloning
* adds comment explaining why cloning is faster
|
|
* chore: Use slices package where possible
* More, mostly using ContainsFunc
* Even more slice operations
|
|
|
|
* ci: update the linter action version
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* exclude rule `G115`; disable deprecated linter
Signed-off-by: Mohammed Al Sahaf <[email protected]>
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
|
|
* perf: use zap's Check() to prevent useless allocs
* fix
* fix
* fix
* fix
* restore previous replacer behavior
* fix linter
|
|
|
|
ref: https://github.com/caddyserver/caddy/issues/6551
|
|
* Add placeholder http.reverse_proxy.lb.retries
* Renamed placeholder to http.reverse_proxy.retries
|
|
* fileserver: add `sort` options
* fix: test
* fileserver: check options in `Provison`
* fileserver: more obvious err alerts in sort options
* fileserver: move `sort` to `browse`
---------
Co-authored-by: Matt Holt <[email protected]>
|
|
* Prevents serializing the caddy request if log level is not debug.
* Extracts message to const.
|
|
* chore: build and test with Go 1.23
* ci: bump golangci-lint to v1.60
* fix: make properly wrap errors
* ci: remove Go 1.21
|
|
* reverseproxy: allow user to define source address
Closes #6503
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* reverse_proxy: caddyfile support for local_address
Signed-off-by: Mohammed Al Sahaf <[email protected]>
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
|
|
* error: run `error` (msg) through replacer
Signed-off-by: Mohammed Al Sahaf <[email protected]>
* fix integration test
Signed-off-by: Mohammed Al Sahaf <[email protected]>
---------
Signed-off-by: Mohammed Al Sahaf <[email protected]>
|
|
Fixes Typo in Docs
|
|
Most of the errors that can be seen here are write errors due to clients
aborting the request from their side. Often seen ones include:
* writing: ... write: broken pipe
* writing: ... connection timed out
* writing: http2: stream closed
* writing: timeout...
* writing: h3 error...
Most of these errors are beyond of the control of caddy on the client side,
probably nothing can be done on the server side. It still warrants
researching when these errors occur very often, so a change in level from
error to warn is better here to not polute the logs with errors in the
normal case.
|
|
* Add an option to specify the body used for active health checks
* Replacer on request body
|
|
|
|
|
