210 Commits

Author	SHA1	Message	Date
Francis Lavoie	b116dcea3d	caddyhttp: Add {?query} placeholder (#6714) ... * caddyhttp: Add `{prefixed_query}` placeholder * fastcgi: Preserve query during canonical redirect * Use orig_uri instead for the redirect, shorter Caddyfile shortcut	2024-12-02 08:06:38 -05:00
Kévin Dunglas	eddbccd298	fastcgi: remove dir redirection when useless in php_fastcgi (#6698) ... * perf: remove dir redirection when useless in php_fastcgi * fix test * review * fix * fix * simplify * simplify again * restore test * add test	2024-11-21 10:38:31 -07:00
Nikolai K	b183aec83c	httpcaddyfile: Implement log sampling config (#6682) ... * Allow log sampling configuration from Caddyfile * Add log sampling adapt tests	2024-11-11 16:42:50 -07:00
Francis Lavoie	5c8dc34418	caddytls: Allow disabling storage cleaning, avoids writing two files (#6593)	2024-11-05 10:47:41 -07:00
Atakan Yenel	cc23ad6402	fileserver: Add file_limit option for browse (to be experimental) (#6648) ... * Add file_limit option for file_server browse * Move file_limit inside browse. * add file_server_file_limit caddyfile adapt test.	2024-11-05 09:35:32 -07:00
Francis Lavoie	05cfb121ec	forwardauth: Skip copying missing response headers (#6608)	2024-11-04 14:58:53 -07:00
Francis Lavoie	b129ed6be8	httpcaddyfile: Fixes for prefer_wildcard mode (#6636) ... * httpcaddyfile: Fixes for prefer_wildcard mode The wildcard hosts need to be collected first, then considered after, because there's no guarantee that all non-wildcards will appear after all wildcards when looping. Also we should not add a domain to Skip if it doesn't qualify for TLS anyway. * Alternate solution by avoiding adding APs altogether if covered by wildcard	2024-10-30 17:09:12 +00:00
Mohammed Al Sahaf	388c7e898c	metrics: move metrics up, outside servers (#6606) ... * metrics: move `metrics` up, outside `servers` This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers. Fix #6604 Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * normalize domain name --------- Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>	2024-10-18 09:54:21 -06:00
Mohammed Al Sahaf	dd5decabe7	tests: fix caddyfile adapt warnings (#6619) ... Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>	2024-10-10 13:38:49 -06:00
Francis Lavoie	d7564d632f	caddytls: Drop rate_limit and burst, has been deprecated (#6611)	2024-10-07 17:39:47 -04:00
Mohammed Al Sahaf	41f5dd56e1	metrics: scope metrics to active config, add optional per-host metrics (#6531) ... * Add per host config * Pass host label when option is enabled * Test per host enabled * metrics: scope metrics per loaded config * doc and linter Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * inject the custom registry into the admin handler Co-Authored-By: Dave Henderson <dhenderson@gmail.com> * remove `TODO` comment * fixes Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * refactor to delay metrics admin handler provision Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> --------- Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> Co-authored-by: Hussam Almarzooq <me@hussam.io> Co-authored-by: Dave Henderson <dhenderson@gmail.com>	2024-10-02 08:23:26 -06:00
Francis Lavoie	16724842d9	caddyhttp: Implement auto_https prefer_wildcard option (#6146) ... * Allow specifying multiple `auto_https` options * Implement `auto_https prefer_wildcard` option * Adapt tests, add mock DNS module for config testing * Rebase fix	2024-10-02 07:31:58 -06:00
Aaron Paterson	4b1a9b6cc1	core: Implement socket activation listeners (#6573) ... * caddy adapt for listen_protocols * adapt listen_socket * allow multiple listen sockets for port ranges and readd socket fd listen logic * readd logic to start servers according to listener protocols * gofmt * adapt caddytest * gosec * fmt and rename listen to listenWithSocket * fmt and rename listen to listenWithSocket * more consistent error msg * non unix listenReusableWithSocketFile * remove unused func * doc comment typo * nonosec * commit * doc comments * more doc comments * comment was misleading, cardinality did not change * addressesWithProtocols * update test * fd/ and fdgram/ * rm addr * actually write... * i guess we doin' "skip": now * wrong var in placeholder * wrong var in placeholder II * update param name in comment * dont save nil file pointers * windows * key -> parsedKey * osx * multiple default_bind with protocols * check for h1 and h2 listener netw	2024-09-30 10:55:03 -06:00
lollipopkit🏳️‍⚧️	5c47c2f147	fileserver: browse: Configurable default sort (#6502) ... * fileserver: add `sort` options * fix: test * fileserver: check options in `Provison` * fileserver: more obvious err alerts in sort options * fileserver: move `sort` to `browse` --------- Co-authored-by: Matt Holt <mholt@users.noreply.github.com>	2024-08-30 09:01:37 -06:00
Mohammed Al Sahaf	4ade967005	reverseproxy: allow user to define source address (#6504) ... * reverseproxy: allow user to define source address Closes #6503 Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> * reverse_proxy: caddyfile support for local_address Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com> --------- Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>	2024-08-22 19:52:05 +00:00
Jesper Brix Rosenkilde	54a0c8f948	reverseproxy: Active health checks request body option (#6520) ... * Add an option to specify the body used for active health checks * Replacer on request body	2024-08-19 10:55:55 -06:00
lollipopkit🏳️‍⚧️	b198678174	browse: Customizable default sort options (#6468) ... * fileserver: add `sort` options * fix: test * fileserver: check options in `Provison` * fileserver: more obvious err alerts in sort options	2024-08-05 08:27:45 -06:00
Jesper Brix Rosenkilde	07c863637d	reverseproxy: Caddyfile support for health_method (#6454) ... * Add Caddyfile support of setting active health check request method * Add integration test for active health check request method	2024-07-12 17:01:58 -04:00
a	aca4002fd8	caddyfile: Pass blocks to import for snippets (#6130) ... * a * a * a * a * a * a	2024-06-14 11:27:51 -06:00
Francis Lavoie	40c582ce82	caddyhttp: Fix merging consecutive client_ip or remote_ip matchers (#6350)	2024-05-30 07:32:17 -06:00
Ranveer Avhad	e6f46c8d78	acmeserver: Add sign_with_root for Caddyfile (#6345) ... * Added sign_with_root option available in the Caddyfile * Added tests for sign_with_root to validate the adapted JSON config	2024-05-27 20:06:54 -04:00
Kévin Dunglas	fb63e2e40c	caddyhttp: New experimental handler for intercepting responses (#6232) ... * feat: add generic response interceptors * fix: cs * rename intercept * add some docs * @francislavoie review (first round) * Update modules/caddyhttp/intercept/intercept.go Co-authored-by: Francis Lavoie <lavofr@gmail.com> * shorthands: ir to resp * mark exported symbols as experimental --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com>	2024-05-13 17:38:18 +00:00
Matthew Holt	583c585c81	httpcaddyfile: Set challenge ports when http_port or https_port are used	2024-05-11 21:39:56 -06:00
Aziz Rmadi	4356635d12	logging: Add support for additional logger filters other than hostname (#6082) ... Co-authored-by: Francis Lavoie <lavofr@gmail.com>	2024-05-11 13:31:44 +00:00
Francis Lavoie	feeb6af403	httpcaddyfile: Fix expression matcher shortcut in snippets (#6288)	2024-05-01 07:43:05 -04:00
Aziz Rmadi	868af6a062	reverse_proxy: Add grace_period for SRV upstreams to Caddyfile (#6264)	2024-04-23 07:12:57 -06:00
Francis Lavoie	9cd472c031	caddyfile: Populate regexp matcher names by default (#6145) ... * caddyfile: Populate regexp matcher names by default * Some lint cleanup that my VSCode complained about * Pass down matcher name through expression matcher * Compat with #6113: fix adapt test, set both styles in replacer	2024-04-17 12:19:14 -06:00
Francis Lavoie	70953e873a	caddyhttp: Support multiple logger names per host (#6088) ... * caddyhttp: Support multiple logger names per host * Lint * Add adapt test * Implement "string or array" parsing, keep original `logger_names` * Rewrite adapter test to be more representative of the usecase	2024-04-16 22:26:18 +00:00
Matt Holt	81413caea2	caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229) ... * WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades * caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME * Fix go.mod * caddytls: Fix automation related to managers (fix #6060) * Fix typo (appease linter) * Fix HTTP validation with ZeroSSL API	2024-04-13 21:31:43 -04:00
Aziz Rmadi	567d96c624	fileserver: read etags from precomputed files (#6222)	2024-04-13 06:49:55 -04:00
Aziz Rmadi	0b381eb766	reverseproxy: Implement modular CA provider for TLS transport (#6065) ... * added new modular ca providers to caddy tls HttpTransport * reverse-proxy, httptransport: added tests and caddyfile support for ca module --------- Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>	2024-04-12 07:19:14 -06:00
Aziz Rmadi	29f57faa86	rewrite: uri query replace operation (#6165) ... * Implemented query replace oeration * Modified replace operation to use regexes in caddyfile * Added more tests to uri query operations	2024-03-22 02:23:42 +00:00
Francis Lavoie	0d44e3ecba	logging: Implement log_append handler (#6066) ... * logging: Implement `extra_log` handler * Rename to `log_append` * Rename `skip_log` to `log_skip` --------- Co-authored-by: Matt Holt <mholt@users.noreply.github.com>	2024-03-05 17:03:59 -07:00
Francis Lavoie	2a78c9c5e4	httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113) ... Co-authored-by: Matt Holt <mholt@users.noreply.github.com>	2024-03-05 23:37:14 +00:00
Francis Lavoie	01d5568b20	logging: Implement append encoder, allow flatter filters config (#6069) ... * logging: Implement `add` encoder * Allow flatter config structure for `filter` & `add` * Rename to append * govulncheck was unhappy	2024-03-05 16:24:32 -07:00
Mohammed Al Sahaf	03f703a00e	caddytls: verifier: caddyfile: re-add Caddyfile support (#6127) ... * caddytls: verifier: caddyfile: re-add Caddyfile support * appease the linter * caddytls: client_auth: verifier: change namespace to `tls.client_auth.verifier`	2024-02-26 00:13:48 +03:00
Francis Lavoie	4512be49a9	caddytest: Rename adapt tests to *.caddyfiletest extension (#6119)	2024-02-21 00:37:40 +00:00
Aziz Rmadi	b893c8c5f8	caddyfile: Reject directives in the place of site addresses (#6104) ... Co-authored-by: Francis Lavoie <lavofr@gmail.com>	2024-02-19 00:22:48 +00:00
Francis Lavoie	91ec75441a	logging: Inline Caddyfile syntax for ip_mask filter (#6094)	2024-02-12 17:15:35 +00:00
Mohammed Al Sahaf	e1aa862e6a	acmeserver: support specifying the allowed challenge types (#5794) ... * acmeserver: support specifying the allowed challenge types * add caddyfile adapt tests * introduce basic acme_server test * skip acme test on unsuitable environments * skip integration tests of ACME * documentation * add negative-scenario test for mismatched allowed challenges * a bit more docs * fix tests for ACME challenges * appease the linter * skip ACME tests on s390x * enable ACME challenge tests on all machines * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> --------- Co-authored-by: Matt Holt <mholt@users.noreply.github.com>	2024-02-08 11:42:03 +03:00
Matt Holt	57c5b921a4	caddytls: Make on-demand 'ask' permission modular (#6055) ... * caddytls: Make on-demand 'ask' permission modular This makes the 'ask' endpoint a module, which means that developers can write custom plugins for granting permission for on-demand certificates. Kicking myself that we didn't do it this way at the beginning, but who coulda known... * Lint * Error on conflicting config * Fix bad merge --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com>	2024-01-30 16:11:29 -07:00
Mohammed Al Sahaf	e965b111cd	tls: modularize trusted CA providers (#5784) ... * tls: modularize client authentication trusted CA * add `omitempty` to `CARaw` * docs * initial caddyfile support * revert anything related to leaf cert validation The certs are used differently than the CA pool flow * complete caddyfile unmarshalling implementation * Caddyfile syntax documentation * enhance caddyfile parsing and documentation Apply suggestions from code review Co-authored-by: Francis Lavoie <lavofr@gmail.com> * add client_auth caddyfile tests * add caddyfile unmarshalling tests * fix and add missed adapt tests * fix rebase issue --------- Co-authored-by: Francis Lavoie <lavofr@gmail.com>	2024-01-25 11:44:41 +03:00
Francis Lavoie	b9c40e7111	logging: Automatic wrap default for filter encoder (#5980) ... Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>	2024-01-25 04:00:22 +00:00
Francis Lavoie	750d0b8331	caddyfile: Normalize & flatten all unmarshalers (#6037)	2024-01-23 19:36:59 -05:00
Aziz Rmadi	4181c79a81	httpcaddyfile: Add optional status code argument to handle_errors directive (#5965) ... Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>	2024-01-16 01:24:17 -05:00
Francis Lavoie	5e2f1b5ced	httpcaddyfile: Rewrite root and rewrite parsing to allow omitting matcher (#5844)	2024-01-15 09:57:08 -07:00
Aziz Rmadi	80acf1bf23	replacer: Fix escaped closing braces (#5995)	2024-01-13 20:24:03 +00:00
Francis Lavoie	da7d8cb26d	httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990) ... * httpcaddyfile: Sort skip_hosts for deterministic JSON * Update caddyconfig/httpcaddyfile/httptype.go Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com> * Fix test * Bah --------- Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>	2023-12-18 12:54:52 -07:00
Francis Lavoie	ac1f20b9e4	httpcaddyfile: Remove port from logger names (#5881) ... Co-authored-by: Matt Holt <mholt@users.noreply.github.com>	2023-10-16 23:57:03 -06:00
Francis Lavoie	7984e6f6fd	httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896)	2023-10-14 14:23:50 -06:00