Commit graph

429 commits

Author SHA1 Message Date
Francis Lavoie
afa778ae05
httpcaddyfile: Implement experimental force_automate option (#6712)
Some checks are pending
Tests / test (./cmd/caddy/caddy, ~1.22.3, macos-14, 0, 1.22, mac) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.22.3, ubuntu-latest, 0, 1.22, linux) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.23.0, macos-14, 0, 1.23, mac) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.23.0, ubuntu-latest, 0, 1.23, linux) (push) Waiting to run
Tests / test (./cmd/caddy/caddy.exe, ~1.22.3, windows-latest, True, 1.22, windows) (push) Waiting to run
Tests / test (./cmd/caddy/caddy.exe, ~1.23.0, windows-latest, True, 1.23, windows) (push) Waiting to run
Tests / test (s390x on IBM Z) (push) Waiting to run
Tests / goreleaser-check (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, aix) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, darwin) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, dragonfly) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, freebsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, illumos) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, linux) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, netbsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, openbsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, solaris) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, windows) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, aix) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, darwin) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, dragonfly) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, freebsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, illumos) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, linux) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, netbsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, openbsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, solaris) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, windows) (push) Waiting to run
Lint / lint (push) Waiting to run
Lint / govulncheck (push) Waiting to run
2024-12-24 08:58:40 -07:00
Matthew Holt
ed1c594cdb go.mod: Upgrade ACMEz to v3; and upgrade CertMagic
Some checks are pending
Tests / test (./cmd/caddy/caddy, ~1.22.3, macos-14, 0, 1.22, mac) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.22.3, ubuntu-latest, 0, 1.22, linux) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.23.0, macos-14, 0, 1.23, mac) (push) Waiting to run
Tests / test (./cmd/caddy/caddy, ~1.23.0, ubuntu-latest, 0, 1.23, linux) (push) Waiting to run
Tests / test (./cmd/caddy/caddy.exe, ~1.22.3, windows-latest, True, 1.22, windows) (push) Waiting to run
Tests / test (./cmd/caddy/caddy.exe, ~1.23.0, windows-latest, True, 1.23, windows) (push) Waiting to run
Tests / test (s390x on IBM Z) (push) Waiting to run
Tests / goreleaser-check (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, aix) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, darwin) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, dragonfly) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, freebsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, illumos) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, linux) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, netbsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, openbsd) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, solaris) (push) Waiting to run
Cross-Build / build (~1.22.3, 1.22, windows) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, aix) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, darwin) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, dragonfly) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, freebsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, illumos) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, linux) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, netbsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, openbsd) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, solaris) (push) Waiting to run
Cross-Build / build (~1.23.0, 1.23, windows) (push) Waiting to run
Lint / lint (push) Waiting to run
Lint / govulncheck (push) Waiting to run
2024-12-19 12:17:07 -07:00
José Padilla
57ae9c3107
chore: fix some typo in HTTPLoader comment (#6735) 2024-12-07 11:30:20 +00:00
Francis Lavoie
b116dcea3d
caddyhttp: Add {?query} placeholder (#6714)
* caddyhttp: Add `{prefixed_query}` placeholder

* fastcgi: Preserve query during canonical redirect

* Use orig_uri instead for the redirect, shorter Caddyfile shortcut
2024-12-02 08:06:38 -05:00
Francis Lavoie
315715e90f
core: Implement FastAbs to avoid repeated os.Getwd calls (#6687)
* core: Implement FastAbs to avoid repeated os.Getwd calls

* Lint

* Rename files
2024-11-13 03:55:51 -05:00
Nikolai K
b183aec83c
httpcaddyfile: Implement log sampling config (#6682)
* Allow log sampling configuration from Caddyfile

* Add log sampling adapt tests
2024-11-11 16:42:50 -07:00
Francis Lavoie
5c8dc34418
caddytls: Allow disabling storage cleaning, avoids writing two files (#6593) 2024-11-05 10:47:41 -07:00
Francis Lavoie
09b2cbcf4d
caddyhttp: Add MatchWithError to replace SetVar hack (#6596)
* caddyhttp: Add `MatchWithError` to replace SetVar hack

* Error in IP matchers on TLS handshake not complete

* Use MatchWithError everywhere possible

* Move implementations to MatchWithError versions

* Looser interface checking to allow fallback

* CEL factories can return RequestMatcherWithError

* Clarifying comment since it's subtle that an err is returned

* Return 425 Too Early status in IP matchers

* Keep AnyMatch signature the same for now

* Apparently Deprecated can't be all-uppercase to get IDE linting

* Linter
2024-11-04 23:18:50 +00:00
Francis Lavoie
b129ed6be8
httpcaddyfile: Fixes for prefer_wildcard mode (#6636)
* httpcaddyfile: Fixes for prefer_wildcard mode

The wildcard hosts need to be collected first, then considered after, because there's no guarantee that all non-wildcards will appear after all wildcards when looping. Also we should not add a domain to Skip if it doesn't qualify for TLS anyway.

* Alternate solution by avoiding adding APs altogether if covered by wildcard
2024-10-30 17:09:12 +00:00
Aaron Paterson
0182fb87fa
core: addresses.go funcs renames (#6622)
* right side in tls ln

* remove ParseNetworkAddressFromHostPort

* ignore placeholder port

* remove println

* update test cases (!!!)

* []

* comment

* Trim

* Update addresses.go
2024-10-21 08:02:29 -06:00
David Wood
1391e8ed9a
chore: fix some function names in comment (#6650) 2024-10-21 07:39:58 +00:00
Mohammed Al Sahaf
388c7e898c
metrics: move metrics up, outside servers (#6606)
* metrics: move `metrics`  up, outside `servers`

This change moves the metrics configuration from per-server level to a single config knob within the `http` app. Enabling `metrics` in any of the configured servers inside `http` enables metrics for all servers.

Fix #6604

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* normalize domain name

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-10-18 09:54:21 -06:00
Francis Lavoie
ef4e0224a8
caddyfile: Fix comma edgecase in address parsing (#6616) 2024-10-10 20:26:59 +00:00
Francis Lavoie
d7564d632f
caddytls: Drop rate_limit and burst, has been deprecated (#6611) 2024-10-07 17:39:47 -04:00
Mohammed Al Sahaf
41f5dd56e1
metrics: scope metrics to active config, add optional per-host metrics (#6531)
* Add per host config

* Pass host label when option is enabled

* Test per host enabled

* metrics: scope metrics per loaded config

* doc and linter

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* inject the custom registry into the admin handler

Co-Authored-By: Dave Henderson <dhenderson@gmail.com>

* remove `TODO` comment

* fixes

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* refactor to delay metrics admin handler provision

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Hussam Almarzooq <me@hussam.io>
Co-authored-by: Dave Henderson <dhenderson@gmail.com>
2024-10-02 08:23:26 -06:00
Francis Lavoie
16724842d9
caddyhttp: Implement auto_https prefer_wildcard option (#6146)
* Allow specifying multiple `auto_https` options

* Implement `auto_https prefer_wildcard` option

* Adapt tests, add mock DNS module for config testing

* Rebase fix
2024-10-02 07:31:58 -06:00
Aaron Paterson
4b1a9b6cc1
core: Implement socket activation listeners (#6573)
* caddy adapt for listen_protocols

* adapt listen_socket

* allow multiple listen sockets for port ranges and readd socket fd listen logic

* readd logic to start servers according to listener protocols

* gofmt

* adapt caddytest

* gosec

* fmt and rename listen to listenWithSocket

* fmt and rename listen to listenWithSocket

* more consistent error msg

* non unix listenReusableWithSocketFile

* remove unused func

* doc comment typo

* nonosec

* commit

* doc comments

* more doc comments

* comment was misleading, cardinality did not change

* addressesWithProtocols

* update test

* fd/ and fdgram/

* rm addr

* actually write...

* i guess we doin' "skip": now

* wrong var in placeholder

* wrong var in placeholder II

* update param name in comment

* dont save nil file pointers

* windows

* key -> parsedKey

* osx

* multiple default_bind with protocols

* check for h1 and h2 listener netw
2024-09-30 10:55:03 -06:00
Francis Lavoie
2faeac0a10
chore: Use slices package where possible (#6585)
* chore: Use slices package where possible

* More, mostly using ContainsFunc

* Even more slice operations
2024-09-25 14:30:56 -06:00
Kévin Dunglas
2028da4e74
ci: build and test with Go 1.23 (#6526)
* chore: build and test with Go 1.23

* ci: bump golangci-lint to v1.60

* fix: make properly wrap errors

* ci: remove Go 1.21
2024-08-23 11:01:28 -06:00
a
aca4002fd8
caddyfile: Pass blocks to import for snippets (#6130)
* a

* a

* a

* a

* a

* a
2024-06-14 11:27:51 -06:00
Omar Ramadan
d85cc2ec10
logging: Customizable zap cores (#6381) 2024-06-10 09:03:24 -06:00
Francis Lavoie
f6d2c293e7
caddyfile: Reject global request matchers earlier (#6339) 2024-05-23 20:06:16 -06:00
Matt Holt
9ba999141b
caddyhttp: Trace individual middleware handlers (#6313)
* caddyhttp: Trace individual middleware handlers

* Fix typo
2024-05-18 14:48:42 -06:00
Kévin Dunglas
fb63e2e40c
caddyhttp: New experimental handler for intercepting responses (#6232)
* feat: add generic response interceptors

* fix: cs

* rename intercept

* add some docs

* @francislavoie review (first round)

* Update modules/caddyhttp/intercept/intercept.go

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

* shorthands: ir to resp

* mark exported symbols as experimental

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-05-13 17:38:18 +00:00
Matthew Holt
583c585c81 httpcaddyfile: Set challenge ports when http_port or https_port are used 2024-05-11 21:39:56 -06:00
Aziz Rmadi
4356635d12
logging: Add support for additional logger filters other than hostname (#6082)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-05-11 13:31:44 +00:00
Francis Lavoie
feeb6af403
httpcaddyfile: Fix expression matcher shortcut in snippets (#6288) 2024-05-01 07:43:05 -04:00
Mohammed Al Sahaf
87c7127c28
chore: add warn logs when using deprecated fields (#6276) 2024-04-27 15:51:00 -04:00
Mohammed Al Sahaf
c6eb186064
run golangci-lint run --fix --fast (#6270) 2024-04-24 15:17:23 -06:00
clauverjat
76c4cf5a56
caddytls: Option to configure certificate lifetime (#6253)
* Add option to configure certificate lifetime

* Bump CertMagic dep to latest master commit

* Apply suggestions and ran go mod tidy

* Update modules/caddytls/acmeissuer.go

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-04-24 14:35:14 -06:00
Matthew Holt
d404005339
Quell linter (false positive) 2024-04-23 11:55:37 -06:00
Matthew Holt
6a02999054
caddytls: Add Caddyfile support for on-demand permission module (close #6260) 2024-04-22 15:47:09 -06:00
Matthew Holt
3efda6fb3a httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148) 2024-04-17 12:26:03 -06:00
Francis Lavoie
9cd472c031
caddyfile: Populate regexp matcher names by default (#6145)
* caddyfile: Populate regexp matcher names by default

* Some lint cleanup that my VSCode complained about

* Pass down matcher name through expression matcher

* Compat with #6113: fix adapt test, set both styles in replacer
2024-04-17 12:19:14 -06:00
Francis Lavoie
70953e873a
caddyhttp: Support multiple logger names per host (#6088)
* caddyhttp: Support multiple logger names per host

* Lint

* Add adapt test

* Implement "string or array" parsing, keep original `logger_names`

* Rewrite adapter test to be more representative of the usecase
2024-04-16 22:26:18 +00:00
Matt Holt
81413caea2
caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229)
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades

* caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME

* Fix go.mod

* caddytls: Fix automation related to managers (fix #6060)

* Fix typo (appease linter)

* Fix HTTP validation with ZeroSSL API
2024-04-13 21:31:43 -04:00
danish-mehmood
f4840cfeb8
caddyconfig: Use empty struct instead of bool in map (close #6224) (#6227) 2024-04-08 17:12:35 -06:00
Francis Lavoie
1c4a807667
chore: Upgrade some dependencies (#6221) 2024-04-04 18:27:52 -04:00
Steffen Busch
c27425ef5d
httpcaddyfile: Keep deprecated skip_log in directive order (#6153) 2024-03-07 14:34:01 -05:00
Francis Lavoie
258d906140
httpcaddyfile: Add RegisterDirectiveOrder function for plugin authors (#5865)
* httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors

* Set up Positional enum

* Linter doesn't like a switch on an enum with default

* Update caddyconfig/httpcaddyfile/directives.go

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-06 19:41:45 +00:00
Francis Lavoie
0d44e3ecba
logging: Implement log_append handler (#6066)
* logging: Implement `extra_log` handler

* Rename to `log_append`

* Rename `skip_log` to `log_skip`

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-05 17:03:59 -07:00
Francis Lavoie
2a78c9c5e4
httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113)
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-05 23:37:14 +00:00
bbaa
8bbf8ec629
caddyfile: Assert having a space after heredoc marker to simply check (#6117) 2024-02-20 12:29:20 +00:00
Aziz Rmadi
b893c8c5f8
caddyfile: Reject directives in the place of site addresses (#6104)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-02-19 00:22:48 +00:00
Mohammed Al Sahaf
21744b6c4c
Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100)
This reverts commit e7a534d0a3.
2024-02-12 18:06:22 +00:00
Francis Lavoie
f9e11158bc
caddyauth: Rename basicauth to basic_auth (#6092) 2024-02-12 17:34:23 +00:00
Francis Lavoie
e7a534d0a3
caddyfile: Reject long heredoc markers (#6098)
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-02-11 13:30:14 -05:00
Matt Holt
57c5b921a4
caddytls: Make on-demand 'ask' permission modular (#6055)
* caddytls: Make on-demand 'ask' permission modular

This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.

Kicking myself that we didn't do it this way at the beginning, but who coulda known...

* Lint

* Error on conflicting config

* Fix bad merge

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-30 16:11:29 -07:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters (#5961)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
bbaa
c369df5c37
caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) 2024-01-25 14:55:00 +00:00