Commit graph

2172 commits

Author SHA1 Message Date
Mohammed Al Sahaf
e1aa862e6a
acmeserver: support specifying the allowed challenge types (#5794)
* acmeserver: support specifying the allowed challenge types

* add caddyfile adapt tests

* introduce basic acme_server test

* skip acme test on unsuitable environments

* skip integration tests of ACME

* documentation

* add negative-scenario test for mismatched allowed challenges

* a bit more docs

* fix tests for ACME challenges

* appease the linter

* skip ACME tests on s390x

* enable ACME challenge tests on all machines

* Apply suggestions from code review

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-02-08 11:42:03 +03:00
Francis Lavoie
8c2a72ad07
matchers: Drop forwarded option from remote_ip matcher (#6085) 2024-02-07 10:09:29 -05:00
Francis Lavoie
bde46211e3
caddyhttp: Test cases for %2F and %252F (#6084) 2024-02-07 05:13:17 -05:00
WeidiDeng
bc1e63198d
bump to golang 1.22 (#6083) 2024-02-07 02:13:58 -05:00
Aziz Rmadi
feb07a7b59
fileserver: Browse can show symlink target if enabled (#5973)
* Added optional subdirective to browse allowing to reveal symlink paths.

* Update modules/caddyhttp/fileserver/browsetplcontext.go

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-02-06 04:31:26 +00:00
Aziz Rmadi
a7479302fc
core: Support NO_COLOR env var to disable log coloring (#6078) 2024-02-01 19:12:42 -07:00
dependabot[bot]
223f314331
build(deps): bump peter-evans/repository-dispatch from 2 to 3 (#6080)
Bumps [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) from 2 to 3.
- [Release notes](https://github.com/peter-evans/repository-dispatch/releases)
- [Commits](https://github.com/peter-evans/repository-dispatch/compare/v2...v3)

---
updated-dependencies:
- dependency-name: peter-evans/repository-dispatch
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 18:34:40 -05:00
Matthew Holt
1919c08ecc
Update comment in setcap helper script 2024-01-31 12:59:26 -07:00
Matt Holt
57c5b921a4
caddytls: Make on-demand 'ask' permission modular (#6055)
* caddytls: Make on-demand 'ask' permission modular

This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.

Kicking myself that we didn't do it this way at the beginning, but who coulda known...

* Lint

* Error on conflicting config

* Fix bad merge

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-30 16:11:29 -07:00
Francis Lavoie
e1b9a9d7b0
core: Add ctx.Slogger() which returns an slog logger (#5945) 2024-01-25 12:31:15 -07:00
Marten Seemann
697cc593a1
chore: Update quic-go to v0.41.0, bump Go minimum to 1.21 (#6043)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-01-25 13:58:19 -05:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters (#5961)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
bbaa
c369df5c37
caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) 2024-01-25 14:55:00 +00:00
bbaa
7c48b5fdbb
caddyfile: Switch to slices.Equal for better performance (#6061) 2024-01-25 14:46:08 +00:00
Mohammed Al Sahaf
e965b111cd
tls: modularize trusted CA providers (#5784)
* tls: modularize client authentication trusted CA

* add `omitempty` to `CARaw`

* docs

* initial caddyfile support

* revert anything related to leaf cert validation

The certs are used differently than the CA pool flow

* complete caddyfile unmarshalling implementation

* Caddyfile syntax documentation

* enhance caddyfile parsing and documentation

Apply suggestions from code review

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

* add client_auth caddyfile tests

* add caddyfile unmarshalling tests

* fix and add missed adapt tests

* fix rebase issue

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 11:44:41 +03:00
Francis Lavoie
b9c40e7111
logging: Automatic wrap default for filter encoder (#5980)
Co-authored-by: Kévin Dunglas <kevin@dunglas.fr>
2024-01-25 04:00:22 +00:00
Francis Lavoie
f5344f8cad
caddyhttp: Fix panic when request missing ClientIPVarKey (#6040) 2024-01-24 00:45:50 +00:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers (#6037) 2024-01-23 19:36:59 -05:00
Mohammed Al Sahaf
54823f52bc
cmd: reverseproxy: log: use caddy logger (#6042) 2024-01-23 10:52:02 -07:00
Aziz Rmadi
ed7e3c906a
matchers: query now ANDs multiple keys (#6054)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-22 02:36:44 +00:00
bbaa
c0273f1f04
caddyfile: Add heredoc support to fmt command (#6056) 2024-01-22 02:24:49 +00:00
Kévin Dunglas
dba556fe4b refactor: move automaxprocs init in caddycmd.Main() 2024-01-19 11:17:35 +01:00
Aziz Rmadi
d9aded016c
caddyfile: Allow heredoc blank lines (#6051) 2024-01-18 22:57:18 -05:00
Aziz Rmadi
4181c79a81
httpcaddyfile: Add optional status code argument to handle_errors directive (#5965)
Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>
2024-01-16 01:24:17 -05:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root and rewrite parsing to allow omitting matcher (#5844) 2024-01-15 09:57:08 -07:00
Francis Lavoie
f3e849e49f
fileserver: Implement caddyfile.Unmarshaler interface (#5850) 2024-01-13 21:32:44 +00:00
Bas Westerbaan
f658fd05ac
reverseproxy: Add tls_curves option to HTTP transport (#5851) 2024-01-13 20:56:23 +00:00
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing (#5805)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
Aziz Rmadi
80acf1bf23
replacer: Fix escaped closing braces (#5995) 2024-01-13 20:24:03 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs directive (#5833) 2024-01-13 20:12:43 +00:00
Mohammed Al Sahaf
b359ca565c
ci/cd: use the build tag nobadger to exclude badgerdb (#6031)
* ci/cd: use the build tag `nobadger` to exclude badgerdb

* upgrade github.com/google/certificate-transparency-go@master
2024-01-10 21:04:11 +03:00
Subhaditya Nath
c2d889f85e
httpcaddyfile: Fix redir <to> html (#6001) 2024-01-10 12:24:47 +00:00
Zach Galvin
cb86319bd5
httpcaddyfile: Support client auth verifiers (#6022)
* Added verifier case

Update author

* Update verifier to match struct tag

* gci run
2024-01-09 23:14:51 +00:00
Rithvik Vibhu
ed41c924cf
tls: add reuse_private_keys (#6025) 2024-01-09 16:00:31 -07:00
Fred Cox
d9ff7b1872
reverseproxy: Only change Content-Length when full request is buffered (#5830)
fixes: https://github.com/caddyserver/caddy/issues/5829

Signed-off-by: Fred Cox <mcfedr@gmail.com>
2024-01-09 12:59:30 -07:00
Aaron Brady
76611fa150
Switch Solaris-derivatives away from listen_unix (#6021)
Solaris 10 and Illumos are missing SO_REUSEPORT. Treat them more like
Windows (i.e. use the listener pool).
2024-01-06 05:09:20 -05:00
dependabot[bot]
8a50f191bf
build(deps): bump actions/upload-artifact from 3 to 4 (#6013)
* build(deps): bump actions/upload-artifact from 3 to 4

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Disable compression

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-02 08:23:25 +00:00
dependabot[bot]
4f3f6e35e8
build(deps): bump actions/setup-go from 4 to 5 (#6012)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-02 07:13:31 +00:00
Mohammed Al Sahaf
787f6b257f
chore: check against errors of io/fs instead of os (#6011)
* chore: replace `os.ErrNotExist` with `fs.ErrNotExist`

* check against permission error from `io/fs` package
2024-01-02 08:48:55 +03:00
networkException
b568a10dd4
caddyhttp: support unix sockets in caddy respond command (#6010)
previously the `caddy respond` command would treat the argument
passed to --listen as a TCP socket address, iterating over a possible
port range.

this patch factors the server creation out into a separate function,
allowing this to be reused in case the listen address is a unix network
address.
2023-12-31 22:34:00 -05:00
Steffen Busch
8f9ffc587e
fileserver: Add total file size to directory listing (#6003)
* browse: Add total file size to directory listing

* Apply suggestion to remove "in "

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-30 18:47:13 +00:00
Francis Lavoie
f976c84d9e
httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997) 2023-12-20 08:37:21 -07:00
dependabot[bot]
1bf72db6ff
build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#5994)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 16:11:51 -07:00
Kévin Dunglas
d54dcf1598
cmd: use automaxprocs for better perf in containers (#5711)
* feat: use automaxprocs for better perf in containers

* better logs

* cs
2023-12-18 15:50:26 -07:00
Francis Lavoie
3248e4c89f
logging: Add zap.Option support (#5944) 2023-12-18 20:48:34 +00:00
Francis Lavoie
da7d8cb26d
httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990)
* httpcaddyfile: Sort skip_hosts for deterministic JSON

* Update caddyconfig/httpcaddyfile/httptype.go

Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* Fix test

* Bah

---------

Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-12-18 12:54:52 -07:00
Tim Geoghegan
387545a895
metrics: Record request metrics on HTTP errors (#5979) 2023-12-15 20:14:00 +00:00
Aziz Rmadi
b49ec05161
go.mod: Updated quic-go to v0.40.1 (#5983) 2023-12-14 22:42:01 -07:00
Kévin Dunglas
b16aba5c27
fileserver: Enable compression for command by default (#5855)
* feat: enable compression for file-server

* refactor

* const

* Update help text

* Update modules/caddyhttp/fileserver/command.go

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-13 20:44:22 -07:00
David DeMoss
362f33daae
fileserver: New --precompressed flag (#5880)
exposes the file_server precompressed functionality to be used with the
file-server command

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-12-13 20:26:20 -07:00