Filippo Valsorda
bae4ac9764
proxy: add a insecure_skip_verify option - closes #320
2016-01-23 03:26:31 +00:00
Matt Holt
6e340cb1d6
Merge pull request #514 from upsuper/fix-user-key-perm
...
letsencrypt: Fix perm of user key
2016-01-16 00:46:45 -07:00
Xidorn Quan
0d8d0ba5a0
letsencrypt: Fix perm of user key
2016-01-16 13:12:03 +11:00
Matt Holt
8655ea671b
Merge pull request #510 from alehano/master
...
gzip: Add .svg to default ext list
2016-01-15 15:33:15 -07:00
Matthew Holt
0d8526b7d9
gzip: Allow empty extension ( #509 )
2016-01-15 11:59:05 -07:00
Alexey Khalyapin
c9e0517e5e
Add .svg to default ext list in gzip middleware
2016-01-14 11:52:03 +03:00
Matthew Holt
e74558eaea
browse: Fix for files and dirs with ':' in name
2016-01-13 13:17:58 -07:00
Matthew Holt
3c96718027
Version 0.8.1
2016-01-12 10:01:57 -07:00
Matthew Holt
4b6e0e9369
tls: Fix failing test
2016-01-12 08:55:01 -07:00
Matthew Holt
2bcbdd6a17
Merge branch 'getcertificate'
2016-01-12 08:52:52 -07:00
Matthew Holt
8f2196c047
tls: No arguments to directive and no block is an error
2016-01-12 08:52:43 -07:00
Matthew Holt
c7d4d051cb
letsencrypt: Ensure no prompt if user is not there
...
Also only set custom address if alternate port is specified (rather than using a blank address; just cleaner this way)
2016-01-12 08:52:08 -07:00
Matt Holt
e283af4d9b
Merge pull request #502 from abiosoft/gzip-fix
...
gzip: Fix for wrong content-type when templates is used.
2016-01-12 08:32:09 -07:00
Abiola Ibrahim
12cd2d528c
Gzip: Fix for wrong content-type when templates is used.
2016-01-12 15:06:08 +01:00
Matthew Holt
8a6c778c8d
Log if host is not configured for server
2016-01-11 09:07:14 -07:00
Matthew Holt
77eae62d9f
letsencrypt: Don't prompt if user is not there
...
This change fixes the scenario where you reload the config and it tries to obtain a cert from the ACME server, but no email address is found or terms have not been agreed to in-process. This is unfortunate but it should not stop the server from reloading, so we assume empty email address in this case.
2016-01-10 23:40:55 -07:00
Matthew Holt
97c8c9582a
Updated changelog
2016-01-10 21:52:56 -07:00
Matthew Holt
ed0c0db6a3
If scheme and port defy convention, it is an error
...
This prevents serving HTTPS over port 80 or HTTP over 443. It's confusing and we don't allow it.
2016-01-10 20:51:50 -07:00
Matthew Holt
202849055c
tls: Extra requirements to set port to 443
...
It is unexpected to serve localhost on port 443 or any server on 443 if TLS is disabled, even if the port is blank. Also don't warn about how to force TLS on the HTTP port.
2016-01-10 20:47:43 -07:00
Matthew Holt
060ab92d29
Reorder a few things
...
The docs link to this structure and all its methods related to the browse template; keeping them together makes it possible to link to the whole block of code that is relevant.
2016-01-10 09:47:26 -07:00
Matthew Holt
0830c728fe
Remove pidfile when program exits ( closes #495 )
2016-01-09 21:48:07 -07:00
Matthew Holt
dab679df86
import: Fix multiple imports ( closes #480 )
2016-01-09 10:52:21 -07:00
Matthew Holt
9453224639
Merge branch 'letsencryptfix'
2016-01-08 23:59:15 -07:00
Matthew Holt
fd1765973a
letsencrypt: Tests for handler that proxies challenge requests
...
Doesn't test the SkipInsecureVerify proxy setting, but that can be done at another time.
2016-01-08 16:44:54 -07:00
Matthew Holt
0efe39a705
Switch back to LE production endpoint
2016-01-08 14:13:21 -07:00
Matthew Holt
a3f3bc67e1
Merge branch 'browse-tpl'
2016-01-08 14:02:55 -07:00
Matthew Holt
8b93bfe751
letsencrypt: More tests! \o/
2016-01-08 13:49:06 -07:00
Matthew Holt
897b6c5b0e
letsencrypt: More tests, other minor improvements
2016-01-08 12:32:47 -07:00
Matthew Holt
fc928e0b3b
letsencrypt: Couple minor refactors/fixes
2016-01-08 11:55:31 -07:00
Matthew Holt
93b301372b
rewrite: Fix a lint suggestion
2016-01-06 22:23:18 -07:00
Matthew Holt
ce4981d046
Merge branch 'master' into letsencryptfix
...
# Conflicts:
# caddy/letsencrypt/letsencrypt.go
# caddy/letsencrypt/letsencrypt_test.go
2016-01-06 22:21:15 -07:00
Matthew Holt
62b210b544
browse: Minor changes to improve icon positioning in template
...
Also make sure column header cells don't wrap
2016-01-06 22:18:17 -07:00
Matt Holt
5f6a0a4c0b
Merge pull request #479 from abiosoft/rewrite-patch
...
rewrite: not_has, not_match, multiple to, and status codes
2016-01-06 22:08:16 -07:00
Matt Holt
cae9880800
Merge pull request #483 from benschumacher/master
...
letsencrypt: Make plaintext redirect hosts honor the Bind settings
2016-01-06 22:06:53 -07:00
Matthew Holt
6d49392602
Improve tests, fix a few lint warnings
2016-01-06 16:04:33 -07:00
Matthew Holt
4593982065
letsencrypt: Major refactor of Activate(), fixes #474 and closes #397
...
Makes restarts cleaner and improves configuration usability related to the tls directive
2016-01-06 16:04:08 -07:00
Matthew Holt
94100a7ba6
Fix failing tests
2016-01-04 17:34:10 -07:00
Matthew Holt
e9c2e50684
Merge branch 'master' into letsencryptfix
...
# Conflicts:
# caddy/letsencrypt/letsencrypt.go
2016-01-03 23:56:22 -07:00
Ben Schumacher
82b0c0b9eb
Make Let's Encrypt module honor the Bind settings
2016-01-03 23:56:14 -07:00
Matthew Holt
55601d3ec2
letsencrypt: Fix OCSP stapling and restarts with new LE-capable hosts
...
Before, Caddy couldn't support graceful (zero-downtime) restarts when the reloaded Caddyfile had a host in it that was elligible for a LE certificate because the port was already in use. This commit makes it possible to do zero-downtime reloads and issue certificates for new hosts that need it. Supports only http-01 challenge at this time.
OCSP stapling is improved in that it updates before the expiration time when the validity window has shifted forward. See 30c949085c
. Before it only used to update when the status changed.
This commit also sets the user agent for Let's Encrypt requests with a string containing "Caddy".
2016-01-03 17:05:10 -07:00
Matthew Holt
829a0f34d0
Preserve and clean up original host input in Caddyfile-JSON conversions
2016-01-03 16:46:26 -07:00
Matthew Holt
bb80f99190
tls: Allow opening block without specifying cert+key args
2016-01-03 16:44:30 -07:00
Matthew Holt
946ff5e87b
Parser separate scheme/port, refactor config loading
...
By separating scheme and port at the parser, we are able to set the port appropriately and also keep the semantics of the scheme being specified by the user later on. The parser also stores an address' original input. Also, the config refactor makes it possible to partially load a config - valuable for determining which ones will need Let's Encrypt integration turned on during a restart.
2016-01-03 16:41:29 -07:00
Abiola Ibrahim
0a04fa40f4
Oops. status code check should be after all validations.
2016-01-02 08:08:55 +01:00
Abiola Ibrahim
48d7f1ead2
Refactor. Stop useless rewrite if status code is set.
2016-01-01 07:05:30 +01:00
Abiola Ibrahim
be2f5c4b38
Support for 4xx status codes.
2015-12-31 23:19:11 +01:00
Abiola Ibrahim
281007c482
Merge remote-tracking branch 'upstream/master' into rewrite-patch
2015-12-31 20:34:25 +01:00
Matthew Holt
b6326d402d
Fix for case-insensitive header replacements ( #476 )
2015-12-31 12:31:30 -07:00
Matthew Holt
e2a3ec4c3d
Replacer supports case-insensitive header placeholders ( fixes #476 )
2015-12-31 12:12:16 -07:00
Abiola Ibrahim
3468986260
Support multiple values for to
in simple rule.
2015-12-31 20:11:31 +01:00