Commit Graph

2414 Commits

Author SHA1 Message Date
Daniel Santos
fa7322365a
Only enforces SNI matching if ClientAuth is enabled (#3096) 2020-02-27 19:37:19 -07:00
Daniel Santos
4fbdd23283
tls: Add insecure_disable_sni_matching subdirective (#3075)
* Disable StrictHostMatching for single server configs

* Add the insecure_disable_sni_matching directive

* Do not override insecure_disable_sni_matching

* Remove comment
2020-02-25 16:04:59 -07:00
Hu Chen
c953d17bcc
dist: Update mac README.md (#3074) 2020-02-25 15:36:12 -07:00
Levi.Lu
904d41e51a update lego to v3.3.0 to fix dnspod json error (#3030) 2020-02-09 08:55:53 -07:00
Jeremy Lin
a2d71bdd94 browse: allow filter init via filter query param (#3026)
This allows creating links that display only a subset of files in a directory.
2020-02-08 12:41:16 -07:00
Matthew Holt
11ae1aa6b8
Prepare v1.0.5 release 2020-01-15 09:57:41 -07:00
Matthew Holt
3c8837163d
errors: Fix test 2020-01-15 09:57:23 -07:00
Matt Holt
b6ca782c99
Don't use default log settings on custom logs (#2973) (#2976)
Attempt partial fix/rollback of #2781.
2020-01-15 09:40:32 -07:00
Dmitri Goutnik
a976629174 go.mod: Add support for freebsd/arm64 (#2956) 2020-01-12 14:01:25 -07:00
Dozer
cd66b62083 gzip: Avoid duplicated Vary header (#2939) 2020-01-12 14:00:18 -07:00
Maxime Soulé
4b68de8418 FreeBSD init: PID file should not be executable (#2945) 2019-12-28 11:54:28 -07:00
MisterDuval
008415f206 fastcgi: Trim dot and space suffix for Windows sake (#2917) 2019-12-14 11:21:27 -07:00
Vanessa Nicole Naff
f0eae39cb2 readme: Update sponsor link 2019-12-13 09:42:46 -07:00
Gábor Lipták
7fa90f08ae Correct golint warning (#2915) 2019-12-04 16:35:56 -07:00
evtr
5ec503386c proxy: ability to use client certs in reverse proxy (#2914)
* ability to use client certs in reverse proxy

* changed to http3.RoundTripper after review
2019-12-04 15:35:36 -07:00
Matthew Holt
6f9a39525a
github: Remove issue and PR templates; update contributing guidelines 2019-12-04 15:13:29 -07:00
Rustin
cf611796c6 update readme to remove GO111MODULE env (#2886) 2019-11-18 12:02:08 -07:00
Matthew Holt
aadda6e34e
Prepare v1.0.4 tag 2019-11-15 13:11:32 -07:00
Matthew Holt
6c4cb5006a
go.mod: lego v3.2.0, certmagic v0.8.3, and quic-go v0.13.1 2019-11-15 13:08:28 -07:00
Yuqian Ma
12107f035c dist: update caddy.service on Ubuntu 18 (#2866)
move `StartLimitIntervalSec` and `StartLimitBurst` from [Service] to [Unit]
ref: https://lists.freedesktop.org/archives/systemd-devel/2017-July/039255.html
2019-11-15 12:59:03 -07:00
MisterDuval
832df649c1 fastcgi: Case-insensitive extension comparison 2019-11-15 12:54:39 -07:00
Julian Kornberger
cc63eca0c8 Add flag to disable timestamps for process log (#2781)
* Add flag to enable/disable timstamps for process log.

solves #2615

* Remove timestamp argument from log.Printf()

* Add log-timestamps=false to systemd unit

* Copy log flags

* Fix argument list
2019-11-06 13:06:34 -07:00
Marten Seemann
aa94f2b802 update quic-go to v0.13.0 (#2862)
This version supports IETF QUIC draft-23.
2019-11-06 00:30:29 -07:00
Matt Holt
3f9a431100
Create FUNDING.yml 2019-10-30 09:56:43 -06:00
Adam Daniels
8c860641b9 dist: Update FreeBSD Init script to support custom flags (#2796)
Clear rc_flags in start precmd. If these flags are still present during
start command, they are passed to daemon(8) instead of caddy(8).

Extract all options into $caddy_options environment variable.
2019-10-15 15:38:20 -06:00
Jonathan Rudenberg
99914d2204 Move certmagic import out of caddy package (#2807) 2019-10-14 10:07:36 -06:00
Jacob Hoffman-Andrews
24b2e02ee5 init/systemd: Re-add ReadWriteDirectories. (#2798)
In systemd 231
(4f10b80786/NEWS (L3558-L3565)),
ReadWriteDirectories was renamed ReadWritePaths.

In https://github.com/caddyserver/caddy/pull/2620/files, @aspeteRakete
renamed the directive in Caddy's example systemd unit.

However, this means that if anyone runs this sytemd unit on a version of
systemd older than 231, Caddy will go into a crash loop that hammers
Let's Encrypt's servers. That's because the ProtectSystem=full directive
prevents writes to all paths that aren't explicitly permitted, and older
systemd doesn't see any paths being permitted.

To maximize compatibility, I re-add the original ReadWriteDirectories
directive. Older systemd will read that; newer systemd will read the
newer directive. Both should ignore the directive they do not recognize.

Another approach to solve this problem would be to remove
ProtectSystem=true, originally introduced in da8ae9e5. That would reduce
the risk of similar breakages in the future. It would make for a slightly
less "exemplary" systemd unit, but I think it would still be adequate,
given that this unit runs caddy as "www-data", a user the presumably has
low privileges.
2019-10-09 19:04:28 -06:00
Adil H
be2fdb6af6 httpserver: no SetKeepAlivePeriod in openbsd (#2787)
* no SetKeepAlivePeriod on openbsd

* fix tcpKeepAliveListener.Accept signature
2019-10-08 09:49:40 -06:00
Matt Holt
16b296c97e
systemd: Prevent excessive restarts in tight loop 2019-10-07 11:28:21 -06:00
Jannis Andrija Schnitzer
11eee95222 staticfiles: Signal that redirection headers have been written (#2792)
The Handler interface expects a first return value of 0 if headers have
already been written.
(cf. https://godoc.org/github.com/caddyserver/caddy/caddyhttp/httpserver#Handler)

When using http.Redirect, this is the case as http.Redirect does write
headers. When using Caddy with nested handlers, returning
http.StatusMovedPermanently could cause a wrong (200) response on a
non-slashy request on a directory name. Returning 0 ensures the
redirection will always take place.
2019-10-07 10:22:53 -06:00
Tobias Mühl
1de4a99ec3 Fix typo (#2763) 2019-09-23 22:01:44 -06:00
linquize
96579b97f6 gitattributes: go.mod, go.sum always eol=lf (#2753) 2019-09-22 14:17:16 -06:00
Ashish Acharya
8cc2f770fa Change mholt references to caddyserver (#2751)
mholt/caddy.git references are changed to caddyserver/caddy.git in the link titles
2019-09-15 11:41:20 -06:00
Jack Brown
a23f707268 Update build docs to clarify usage of .go extension (#2726)
Issue #2716 was caused by a misunderstanding regarding the filename to use when creating a custom build from source. These changes aim to make the instructions more explicit.
2019-08-26 19:07:07 +01:00
Alexander Danilov
ed4c2775e4 main: log caddy version on start (#2717) 2019-08-21 11:13:34 -06:00
Matthew Holt
bff2469d9d
Version 1.0.3 notes 2019-08-14 13:45:42 -06:00
Matthew Holt
a08ab0c007
Fix slice bounds when getting key of address (fixes #2706) 2019-08-14 10:41:25 -06:00
Matthew Holt
28e1f7c562
Version 1.0.2 2019-08-13 14:37:58 -06:00
Matthew Holt
914f39d784
Adjust address parsing for Go 1.12.8's breaking changes
See 3226f2d492
and https://github.com/golang/go/issues/29098
2019-08-13 14:37:45 -06:00
linquize
0ba427a6f4 websocket: Enhancements, message types, and tests (#2359)
* websocket: Should reset respawn parameter when processing next config entry

* websocket: add message types: lines, text, binary

* websocket: Add unit test

* Add websocket sample files
2019-07-19 13:29:49 -06:00
Matthew Holt
7fab1b15c8
readme: Fix tests badge 2019-07-19 11:28:59 -06:00
Christian Muehlhaeuser
3856ad03b0 Used goimports to fix import order (#2682)
Keeps the list sorted and prevents future merge conflicts.
2019-07-18 22:05:49 -06:00
George Hartzell
d411b7d087 Add doc re running as non-root user on FreeBSD (#2655)
Add a README.md in `dist/init/freebsd` that describes how to configure
the system so that `caddy` can be run without root privileges.
2019-07-18 15:19:21 -06:00
George Hartzell
580f7677ad Use syslog to manage caddy std{out,err} on FreeBSD (#2652)
* Use syslog to manage caddy std{out,err} on FreeBSD

There is no good way to rotate the logfile created by the previous
FreeBSD rc.d script (it's the result of redirecting std{out,err} and
is held open by the shell).

This solves the problem by sending caddy's std{out,err} stream to
syslog, using the daemon command's builtin functionality.

It replaces the old `caddy_logfile` rc.conf variable with
`caddy_syslog_facility` (which defaults to 'local7') and
`caddy_syslog_level` (which defaults to 'notice').

By default, these messages will end up in /var/log/messages but can
be redirected as documented in the script's comments.

* Add info about rotating log with newsyslog

If you create a caddy specific logfile in `/var/log`, you should
rotate it.

This adds a bit of info to the dist/init/freebsd/README.md about
rotating that log file with newsyslog.
2019-07-18 13:58:40 -06:00
rouzier
120811e7f7 staticfiles: Support pre-compressed zstd, make etag content-encoding-aware (#2626)
* Add support for precompressed zstd files (rfc8478)

* Avoid the hash lookup for the file extension.

* Only calculate Etag once
2019-07-18 13:50:01 -06:00
aspeteRakete
43458bda46 Updated systemd caddy.service (#2620)
According to https://github.com/systemd/systemd/blob/v241/NEWS#L2799
The Directive ReadWriteDirectories= has been renamed to ReadWritePaths=
in 241.
2019-07-18 13:46:00 -06:00
William Wang
a9ccaa1ae5 add recaptcha plugin (#2664) 2019-07-11 13:37:27 -06:00
Matthew Holt
f6ee100bae
Update notes for v1.0.1 2019-07-02 13:08:31 -06:00
Matthew Holt
f5720fecd6
Change all import paths: mholt/caddy -> caddyserver/caddy
Includes updating go.mod to use new module path
2019-07-02 12:49:20 -06:00
Matthew Holt
0b2e054839 tls: Deprecate 'max_certs' in favor of 'ask'; use latest CertMagic 2019-07-01 11:43:27 -06:00