Commit Graph

1837 Commits

Author SHA1 Message Date
Matthew Holt
0db29e2ce9
go.mod: Upgrade acmez and x/net
x/net 0.7.0 contains a security patch apparently.
2023-02-14 12:08:31 -07:00
Matt Holt
4b119a475f
reverseproxy: Don't buffer chunked requests (fix #5366) (#5367)
* reverseproxy: Don't buffer chunked requests (fix #5366)

Mostly reverts 845bc4d50b (#5289)

Adds warning for unsafe config.

Deprecates unsafe properties in favor of simpler, safer designed ones.

* Update modules/caddyhttp/reverseproxy/caddyfile.go

Co-authored-by: Y.Horie <u5.horie@gmail.com>

* Update modules/caddyhttp/reverseproxy/reverseproxy.go

Co-authored-by: Y.Horie <u5.horie@gmail.com>

* Update modules/caddyhttp/reverseproxy/reverseproxy.go

Co-authored-by: Y.Horie <u5.horie@gmail.com>

* Remove unused code

---------

Co-authored-by: Y.Horie <u5.horie@gmail.com>
2023-02-11 17:25:29 -07:00
Francis Lavoie
90798f3eea
go.mod: Upgrade various dependencies (#5362)
* chore: Upgrade various dependencies

* Support CEL file matcher with no args

* Document `http.request.orig_uri.path.*`, reorder placeholders in docs

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-08 17:49:17 +00:00
Steffen Brüheim
536c28d4dc
core: Support Windows absolute paths for UDS proxy upstreams (#5114)
* added some tests for parseUpstreamDialAddress

Test 4 fails because it produces "[[::1]]:80" instead of "[::1]:80"

* support absolute windows path in unix reverse proxy address

* make IsUnixNetwork public, support +h2c and reuse it
* add new tests
2023-02-08 10:05:09 -07:00
WeidiDeng
c77a6bea66
reverseproxy: Log status code and byte count for websockets (#5140)
* log response size for websocket request

* record size when using hijack bufio.Writer
2023-02-06 16:14:59 -07:00
Francis Lavoie
12bcbe2c49
caddyhttp: Pluggable trusted proxy IP range sources (#5328)
* caddyhttp: Pluggable trusted proxy IP range sources

* Add request to the IPRangeSource interface
2023-02-06 12:44:11 -07:00
Matthew Holt
f6f1d8fc89
Run go.mod tidy 2023-02-06 12:24:01 -07:00
Y.Horie
8d3a1b8bcb
caddyauth: Use singleflight for basic auth (#5344)
* caddyauth: Add singleflight for basic auth

* Fixes #5338
* it occurred the thunder herd problem like this https://medium.com/@mhrlife/avoid-duplicate-requests-while-filling-cache-98c687879f59

* Update modules/caddyhttp/caddyauth/basicauth.go

Fix comment

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-02-06 18:29:03 +00:00
Francis Lavoie
ac83b7e218
admin: Add CADDY_ADMIN env var to override the default (#5332) 2023-02-06 17:55:16 +00:00
Francis Lavoie
e62b5fb586
chore: Build with Go 1.20, keep minimum at 1.18 for now (#5353) 2023-02-06 11:29:20 -05:00
Amis Shokoohi
94b8d56096
cmd: Add --envfile flag to validate command (#5350)
Fixes https://github.com/caddyserver/caddy/issues/5346
2023-01-31 16:27:35 -05:00
Amis Shokoohi
8c0b49bf03
cmd: fmt exit successfully after overwriting config file (#5351)
Fixes https://github.com/caddyserver/caddy/issues/5349
2023-01-31 11:24:44 -05:00
Francis Lavoie
201b9b41f9
chore: Fix warning "range variable captured by func literal" (#5348) 2023-01-31 03:07:57 -05:00
Matthew Holt
0a3efd1641
caddytls: Debug log for ask endpoint 2023-01-30 09:30:53 -07:00
Y.Horie
d73660f7c3
httpcaddyfile: Add persist_config global option (#5339)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-01-27 23:31:37 -05:00
Francis Lavoie
7f2a93e6c3
caddyfile: Allow overriding server names (#5323) 2023-01-27 14:56:39 -05:00
Y.Horie
e9d95ab29f
reverseproxy: Add flag to short command to disable redirects (#5330)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Fixes undefined
2023-01-25 09:40:08 -05:00
David Frickert
962310204f
tracing: Support placeholders in span name (#5329)
Fixes https://github.com/caddyserver/caddy/issues/5171
2023-01-25 02:26:44 -05:00
Brad Fitzpatrick
98867ac346
go.mod: bump tscert package to fix Tailscale 1.34+ on Windows (#5331)
As of Tailscale 1.34.0 on Windows, Tailscale now uses a named pipe to
connect to the local tailscale service.

This pulls in tailscale/tscert#5 as reported in tailscale/tscert#4.

(Sorry, we should've noticed this earlier!)

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>

Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
2023-01-24 20:01:54 -05:00
Y.Horie
5805b3ca11
cmd: caddy fmt return code is 1 if not formatted (#5297)
* cmd: Fix caddy fmt if input isn't formatted

* Fixes #5294
* return exit 1 with an error message

* cmd: Use formattingDifference for caddy fmt

* #5294
* expose caddyfile.formattingDifference
2023-01-21 21:28:37 -07:00
Y.Horie
d6d7511699
httpcaddyfile: Warn on importing empty file; skip dotfiles (#5320)
* httpcaddyfile: Change the parse rules when empty file or dotfile with a glob.

* Fixes #5295
* Empty file should just log a warning, and result in no tokens.
* The last segment of the path is '*', it should skip any dotfiles.
* The last segment of the path is '.*', it should read all dotfiles in a dir.

* httpcaddyfile: Regard empty files as import files which include only white space.
2023-01-21 10:22:36 -07:00
Y.Horie
8d6870fd06
chore: Fix typo, coral -> cobra (#5325) 2023-01-21 10:27:58 -05:00
WeidiDeng
c38a040e85
httpcaddyfile: Fix handle grouping inside route (#5315)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-01-18 16:04:41 -05:00
Alexandre Vicenzi
e8ad9b32c9
go.mod: Update golang.org/x/net to v0.5.0 (#5314) 2023-01-17 07:07:07 -05:00
Y.Horie
62e8b21724
chore: Fix caddyfile.replaceEnvVars return (#5311) 2023-01-17 06:57:42 -05:00
Francis Lavoie
223cbe3d0b
caddyhttp: Add server-level trusted_proxies config (#5103) 2023-01-10 00:08:23 -05:00
Yannick Ihmels
66ce0c5c63
caddytls: Add test cases for Caddyfile tls options (#5293) 2023-01-09 15:18:12 -05:00
Y.Horie
845bc4d50b
reverseproxy: Fix hanging for Transfer-Encoding: chunked (#5289)
* Fixes #5236
* enable request body buffering in reverse proxy
  when the request header has Transfer-Encoding: chunked
2023-01-09 00:13:34 -07:00
Emily Lange
e450a7377b
reverseproxy: Don't enable auto-https when --from flag is http (#5269) 2023-01-06 15:42:07 -05:00
Matt Holt
d74f6fd967
reverseproxy: Set origreq in active health check (#5284)
* reverseproxy: Set origreq in active health check

Fix #5281

* Oops; dereference Request
2023-01-06 15:06:38 -05:00
Yannick Ihmels
55035d327a
caddytls: Add dns_ttl config, improve Caddyfile tls options (#5287) 2023-01-06 14:44:00 -05:00
Matthew Holt
4e9ad50f65
fileserver: Add a couple test cases
With placeholders
2023-01-04 11:07:27 -07:00
Matt Holt
05a4637489
Update README.md
Attempt to fix logo that was appearing black in some browsers (perhaps due to CSP?).

Thanks to @IndeedNotJames for investigating! Hopefully this works.
2023-01-01 16:27:06 -07:00
Matt Holt
bd74f94496
Update README.md
Update logo and fix test result badge
2022-12-31 10:10:32 -07:00
Francis Lavoie
b40548ff61
ci: Fix goreleaser deprecation (#5270) 2022-12-28 13:11:39 -05:00
TAKAHASHI Shuuji
4e54e48409
ci: Update GitHub Actions to avoid set-output deprecation (#5271) 2022-12-28 12:05:42 -05:00
Mohammed Al Sahaf
b166b90083
ci: exclude dependbot from running tests on s390x machine (#5266) 2022-12-22 14:13:47 -05:00
darkweak
dac7cacd4d
encode: Respect Cache-Control no-transform (#5257)
* encode: respect Cache-Control HTTP header no-transform

* encode: switch to strings.Contains
2022-12-20 13:26:53 -07:00
dependabot[bot]
af93517c2d
build(deps): bump goreleaser/goreleaser-action from 2 to 4 (#5264)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 19:47:33 -05:00
dependabot[bot]
3b724a2082
build(deps): bump actions/upload-artifact from 1 to 3 (#5262)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 19:14:43 -05:00
dependabot[bot]
329af5ced9
build(deps): bump actions/cache from 2 to 3 (#5263)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 18:56:52 -05:00
dependabot[bot]
cd49847edb
build(deps): bump peter-evans/repository-dispatch from 1 to 2 (#5261)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-19 18:44:54 -05:00
John Losito
d3d76d6ac2
ci: Check for github action updates monthly (#5258) 2022-12-19 14:57:56 -07:00
Lukas Vogel
c3b5b1811c
cmd: Avoid panic when printing version without build info (#5210)
* version: don't panic if read build info doesn't work

If `debug.ReadBuildInfo()` doesn't return the build information we
should not try to access it. Especially if users only want to build with
the `CustomVersion` we should not assume access to
`debug.ReadBuildInfo()`.

The build environment where this isn't available for me is when building
with bazel.

* exit early
2022-12-19 14:23:45 -07:00
Emily Lange
4fe5e64e46
readme: white ZeroSSL text color in dark mode (#5259)
* readme: white ZeroSSL text color in dark mode

* fix: keep `valign` for GitHub mobile app
2022-12-19 13:01:30 -07:00
IndeedNotJames
e10ed7b00d
readme: darker variants of logos in dark mode (#5248) 2022-12-12 10:18:30 -07:00
Matthew Holt
fac35db9dc
go.mod: Update quic-go to v0.31.0
And fix a comment typo
2022-12-08 08:55:04 -07:00
Kyle McCullough
bfaf2a8201
acme_server: Configurable default lifetime for issued certificates (#5232)
* acme_server: add certificate lifetime configuration option

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>

* pki: allow intermediate cert lifetime to be configured

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
2022-12-06 00:12:26 -07:00
Mohammed Al Sahaf
fef9cb3e05
caddytest: internalize init config into '.go' file (#5230) 2022-12-05 18:49:41 +00:00
Alban Lecocq
d4a7d89f56
reverseproxy: Improve hostByHashing distribution (#5229)
* If upstreams are all using same host but with different ports
ie:
foobar:4001
foobar:4002
foobar:4003
...
Because fnv-1a has not a good enough avalanche effect
Then the hostByHashing result is not well balanced over
all upstreams

As last byte FNV input tend to affect few bits, the idea is to change
the concatenation order between the key and the upstream strings
So the upstream last byte have more impact on hash diffusion
2022-12-05 11:28:12 -07:00