Rewrote Caddy from the ground up; initial commit of 0.9 branch
These changes span work from the last ~4 months in an effort to make
Caddy more extensible, reduce the coupling between its components, and
lay a more robust foundation of code going forward into 1.0. A bunch of
new features have been added, too, with even higher future potential.
The most significant design change is an overall inversion of
dependencies. Instead of the caddy package knowing about the server
and the notion of middleware and config, the caddy package exposes an
interface that other components plug into. This does introduce more
indirection when reading the code, but every piece is very modular and
pluggable. Even the HTTP server is pluggable.
The caddy package has been moved to the top level, and main has been
pushed into a subfolder called caddy. The actual logic of the main
file has been pushed even further into caddy/caddymain/run.go so that
custom builds of Caddy can be 'go get'able.
The HTTPS logic was surgically separated into two parts to divide the
TLS-specific code and the HTTPS-specific code. The caddytls package can
now be used by any type of server that needs TLS, not just HTTP. I also
added the ability to customize nearly every aspect of TLS at the site
level rather than all sites sharing the same TLS configuration. Not all
of this flexibility is exposed in the Caddyfile yet, but it may be in
the future. Caddy can also generate self-signed certificates in memory
for the convenience of a developer working on localhost who wants HTTPS.
And Caddy now supports the DNS challenge, assuming at least one DNS
provider is plugged in.
Dozens, if not hundreds, of other minor changes swept through the code
base as I literally started from an empty main function, copying over
functions or files as needed, then adjusting them to fit in the new
design. Most tests have been restored and adapted to the new API,
but more work is needed there.
A lot of what was "impossible" before is now possible, or can be made
possible with minimal disruption of the code. For example, it's fairly
easy to make plugins hook into another part of the code via callbacks.
Plugins can do more than just be directives; we now have plugins that
customize how the Caddyfile is loaded (useful when you need to get your
configuration from a remote store).
Site addresses no longer need be just a host and port. They can have a
path, allowing you to scope a configuration to a specific path. There is
no inheretance, however; each site configuration is distinct.
Thanks to amazing work by Lucas Clemente, this commit adds experimental
QUIC support. Turn it on using the -quic flag; your browser may have
to be configured to enable it.
Almost everything is here, but you will notice that most of the middle-
ware are missing. After those are transferred over, we'll be ready for
beta tests.
I'm very excited to get this out. Thanks for everyone's help and
patience these last few months. I hope you like it!!
2016-06-05 07:00:29 +08:00
|
|
|
package caddytls
|
2015-10-18 10:17:24 +08:00
|
|
|
|
2016-09-09 08:48:32 +08:00
|
|
|
import "net/url"
|
2016-07-08 21:32:31 +08:00
|
|
|
|
2016-09-20 07:24:34 +08:00
|
|
|
// StorageConstructor is a function type that is used in the Config to
|
|
|
|
|
// instantiate a new Storage instance. This function can return a nil
|
|
|
|
|
// Storage even without an error.
|
|
|
|
|
type StorageConstructor func(caURL *url.URL) (Storage, error)
|
2016-07-08 21:32:31 +08:00
|
|
|
|
|
|
|
|
// SiteData contains persisted items pertaining to an individual site.
|
|
|
|
|
type SiteData struct {
|
|
|
|
|
// Cert is the public cert byte array.
|
|
|
|
|
Cert []byte
|
|
|
|
|
// Key is the private key byte array.
|
|
|
|
|
Key []byte
|
|
|
|
|
// Meta is metadata about the site used by Caddy.
|
|
|
|
|
Meta []byte
|
2015-10-18 10:17:24 +08:00
|
|
|
}
|
|
|
|
|
|
2016-07-08 21:32:31 +08:00
|
|
|
// UserData contains persisted items pertaining to a user.
|
|
|
|
|
type UserData struct {
|
|
|
|
|
// Reg is the user registration byte array.
|
|
|
|
|
Reg []byte
|
|
|
|
|
// Key is the user key byte array.
|
|
|
|
|
Key []byte
|
2015-10-18 10:17:24 +08:00
|
|
|
}
|
|
|
|
|
|
2016-07-29 01:11:14 +08:00
|
|
|
// Storage is an interface abstracting all storage used by Caddy's TLS
|
|
|
|
|
// subsystem. Implementations of this interface store both site and
|
2016-07-08 21:32:31 +08:00
|
|
|
// user data.
|
|
|
|
|
type Storage interface {
|
2016-07-29 01:11:14 +08:00
|
|
|
// SiteExists returns true if this site exists in storage.
|
2016-07-08 21:32:31 +08:00
|
|
|
// Site data is considered present when StoreSite has been called
|
2016-07-29 01:11:14 +08:00
|
|
|
// successfully (without DeleteSite having been called, of course).
|
2016-08-19 00:28:43 +08:00
|
|
|
SiteExists(domain string) (bool, error)
|
2016-07-08 21:32:31 +08:00
|
|
|
|
2016-09-20 07:24:34 +08:00
|
|
|
// TryLock is called before Caddy attempts to obtain or renew a
|
|
|
|
|
// certificate for a certain name and store it. From the perspective
|
|
|
|
|
// of this method and its companion Unlock, the actions of
|
|
|
|
|
// obtaining/renewing and then storing the certificate are atomic,
|
|
|
|
|
// and both should occur within a lock. This prevents multiple
|
|
|
|
|
// processes -- maybe distributed ones -- from stepping on each
|
|
|
|
|
// other's space in the same shared storage, and from spamming
|
|
|
|
|
// certificate providers with multiple, redundant requests.
|
|
|
|
|
//
|
|
|
|
|
// If a lock could be obtained, (nil, nil) is returned and you may
|
|
|
|
|
// continue normally. If not (meaning another process is already
|
|
|
|
|
// working on that name), a Waiter value will be returned upon
|
|
|
|
|
// which you can Wait() until it is finished, and then return
|
|
|
|
|
// when it unblocks. If waiting, do not unlock!
|
|
|
|
|
//
|
|
|
|
|
// To prevent deadlocks, all implementations (where this concern
|
|
|
|
|
// is relevant) should put a reasonable expiration on the lock in
|
|
|
|
|
// case Unlock is unable to be called due to some sort of storage
|
|
|
|
|
// system failure or crash.
|
|
|
|
|
TryLock(name string) (Waiter, error)
|
|
|
|
|
|
|
|
|
|
// Unlock unlocks the mutex for name. Only callers of TryLock who
|
|
|
|
|
// successfully obtained the lock (no Waiter value was returned)
|
|
|
|
|
// should call this method, and it should be called only after
|
|
|
|
|
// the obtain/renew and store are finished, even if there was
|
|
|
|
|
// an error (or a timeout).
|
|
|
|
|
Unlock(name string) error
|
|
|
|
|
|
2016-07-08 21:32:31 +08:00
|
|
|
// LoadSite obtains the site data from storage for the given domain and
|
2016-09-09 08:48:32 +08:00
|
|
|
// returns it. If data for the domain does not exist, an error value
|
|
|
|
|
// of type ErrNotExist is returned. For multi-server storage, care
|
|
|
|
|
// should be taken to make this load atomic to prevent race conditions
|
|
|
|
|
// that happen with multiple data loads.
|
2016-07-08 21:32:31 +08:00
|
|
|
LoadSite(domain string) (*SiteData, error)
|
|
|
|
|
|
|
|
|
|
// StoreSite persists the given site data for the given domain in
|
|
|
|
|
// storage. For multi-server storage, care should be taken to make this
|
|
|
|
|
// call atomic to prevent half-written data on failure of an internal
|
|
|
|
|
// intermediate storage step. Implementers can trust that at runtime
|
|
|
|
|
// this function will only be invoked after LockRegister and before
|
|
|
|
|
// UnlockRegister of the same domain.
|
|
|
|
|
StoreSite(domain string, data *SiteData) error
|
|
|
|
|
|
|
|
|
|
// DeleteSite deletes the site for the given domain from storage.
|
|
|
|
|
// Multi-server implementations should attempt to make this atomic. If
|
2016-09-09 08:48:32 +08:00
|
|
|
// the site does not exist, an error value of type ErrNotExist is returned.
|
2016-07-08 21:32:31 +08:00
|
|
|
DeleteSite(domain string) error
|
|
|
|
|
|
|
|
|
|
// LoadUser obtains user data from storage for the given email and
|
2016-09-09 08:48:32 +08:00
|
|
|
// returns it. If data for the email does not exist, an error value
|
|
|
|
|
// of type ErrNotExist is returned. Multi-server implementations
|
|
|
|
|
// should take care to make this operation atomic for all loaded
|
|
|
|
|
// data items.
|
2016-07-08 21:32:31 +08:00
|
|
|
LoadUser(email string) (*UserData, error)
|
|
|
|
|
|
|
|
|
|
// StoreUser persists the given user data for the given email in
|
|
|
|
|
// storage. Multi-server implementations should take care to make this
|
|
|
|
|
// operation atomic for all stored data items.
|
|
|
|
|
StoreUser(email string, data *UserData) error
|
|
|
|
|
|
|
|
|
|
// MostRecentUserEmail provides the most recently used email parameter
|
|
|
|
|
// in StoreUser. The result is an empty string if there are no
|
|
|
|
|
// persisted users in storage.
|
|
|
|
|
MostRecentUserEmail() string
|
2016-09-09 08:54:36 +08:00
|
|
|
}
|
|
|
|
|
|
2016-09-09 08:48:32 +08:00
|
|
|
// ErrNotExist is returned by Storage implementations when
|
|
|
|
|
// a resource is not found. It is similar to os.ErrNotExist
|
|
|
|
|
// except this is a type, not a variable.
|
|
|
|
|
type ErrNotExist interface {
|
|
|
|
|
error
|
2015-10-18 10:17:24 +08:00
|
|
|
}
|
2016-09-20 07:24:34 +08:00
|
|
|
|
|
|
|
|
// Waiter is a type that can block until a storage lock is released.
|
|
|
|
|
type Waiter interface {
|
|
|
|
|
Wait()
|
|
|
|
|
}
|