serv/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-27 14:13:48 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
1933 commits 26 branches 138 tags 30 MiB
Commit graph

1933 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mohammed Al Sahaf
65e33fc1ee
reverseproxy: do not parse upstream address too early if it contains replaceble parts (#5695) 
* reverseproxy: do not parse upstream address too early if it contains replaceble parts

* remove unused method

* cleanup

* accommodate partially replaceable port
 2023-08-05 23:30:02 +02:00
WeidiDeng
9f34383c02
caddyfile: check that matched key is not a substring of the replacement key (#5685) 2023-08-04 10:44:38 -06:00
Mohammed Al Sahaf
b07b198764
chore: use --clean instead of --rm-dist for goreleaser (#5691) 2023-08-04 16:08:54 +00:00
Matthew Holt
51b1bfb125
go.mod: Upgrade quic-go to v0.37.2 (fix #5680) 2023-08-03 18:44:03 -06:00
Matthew Holt
c049bab458
fileserver: browse: Render SVG images in grid 2023-08-03 12:53:47 -06:00
WeidiDeng
e2fc08bd34
reverseproxy: Fix hijack ordering which broke websockets (#5679) 2023-08-03 04:08:12 +00:00
Herman Slatman
4aa4f3ac70
httpcaddyfile: Fix string does not match ~[]E error (#5675) 
Only happens for some people. Unable to confirm.
 2023-08-03 00:41:37 +00:00
Francis Lavoie
1913930783
encode: Fix infinite recursion (#5672) 2023-08-02 18:21:11 -06:00
Francis Lavoie
cd486c25d1
caddyhttp: Make use of http.ResponseController (#5654) 
* caddyhttp: Make use of http.ResponseController

Also syncs the reverseproxy implementation with stdlib's which now uses ResponseController as well 2449bbb5e6

* Enable full-duplex for HTTP/1.1

* Appease linter

* Add warning for builds with Go 1.20, so it's less surprising to users

* Improved godoc for EnableFullDuplex, copied text from stdlib

* Only wrap in encode if not already wrapped
 2023-08-02 20:03:26 +00:00
Matthew Holt
e198c605bd
go.mod: Upgrade dependencies esp. smallstep/certificates 
This prevents initialization of a .step folder when it's not used.
 2023-08-02 11:48:59 -06:00
Matt Holt
f66493efef
core: Allow loopback hosts for admin endpoint (fix #5650) (#5664) 2023-08-02 11:13:52 -06:00
Francis Lavoie
5c51c1db2c
httpcaddyfile: Allow hostnames & logger name overrides for log directive (#5643) 
* httpcaddyfile: Allow `hostnames` override for log directive

* Implement access logger name overrides

* Fix panic & default logger clobbering edgecase
 2023-08-02 03:13:46 -04:00
mmm444
da23501457
reverseproxy: Connection termination cleanup (#5663) 2023-08-01 14:01:12 +00:00
Matthew Holt
94749e119a
go.mod: Use quic-go 0.37.1 
Should fix panic in Go 1.21 where there was no RemoteAddr.
 2023-07-31 16:31:17 -06:00
Omar Ramadan
d7d16360d4
reverseproxy: Export ipVersions type (#5648) 
allows AUpstreams to be instantiated externally
 2023-07-25 12:50:21 -06:00
Matthew Holt
4df27a20c8
go.mod: Use latest CertMagic (v0.19.1) 
Fixes race condition
 2023-07-25 10:31:47 -06:00
Matthew Holt
18c309b5fa
caddyhttp: Preserve original error (fix #5652) 2023-07-25 09:41:56 -06:00
ydylla
e041962b66
fileserver: add lazy image loading (#5646) 2023-07-22 15:50:36 +00:00
Marten Seemann
f45a6de20d
go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644) 
* update quic-go to v0.37.0

* Bump to Go 1.20

* Bump golangci-lint version, yml syntax consistency

* Use skip-pkg-cache workaround

* Workaround needed for both?

* Seeding weakrand is no longer necessary

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2023-07-21 22:00:48 -06:00
Matt Holt
b51dc5d5d0
core: Refine mutex during reloads (fix #5628) (#5645) 
Separate currentCtxMu to protect currentCtx, and a new
rawCfgMu to protect rawCfg and synchronize loads.
 2023-07-21 15:32:20 -06:00
bt90
f857b32d65
go.mod: update quic-go to v0.36.2 (#5636) 2023-07-17 14:16:43 -06:00
Matthew Holt
4e36b4c9d1
fileserver: Tweak grid view of browse template 
All cells on row have same height.
Center-align vertically.
 2023-07-17 11:18:40 -06:00
Mohammed Al Sahaf
27bc16abed
fileserver: add export-template sub-command to file-server (#5630) 2023-07-13 15:54:48 -06:00
WeidiDeng
bbe1952a59
caddyfile: Fix comparing if two tokens are on the same line (#5626) 
* fix comparing if two tokens are on the same line

* compare tokens from copies when importing
 2023-07-12 14:32:22 -06:00
Matt Holt
0e2c7e1d35
caddytls: Reuse certificate cache through reloads (#5623) 
* caddytls: Don't purge cert cache on config reload

* Update CertMagic

This actually avoids reloading managed certs from storage
when already in the cache, d'oh.

* Fix bug; re-implement HasCertificateForSubject

* Update go.mod: CertMagic tag
 2023-07-11 19:10:58 +00:00
Matt Holt
7ceef91295
Minor tweaks to security.md 2023-07-08 14:02:09 -06:00
Matthew Holt
5dec11f2a0
reverseproxy: Pointer receiver 
This avoids copying the Upstream, which has an atomically-accessed value
in it.
 2023-07-08 13:42:51 -06:00
Matthew Holt
66114cb155
caddyhttp: Trim dot/space only on Windows (fix #5613) 
Follow-up to #2917. Path matcher needs to trim dots and spaces but only
on Windows.
 2023-07-08 13:42:13 -06:00
Marten Seemann
7914ba3573
update quic-go to v0.36.1 (#5611) 2023-07-01 19:34:27 -04:00
Matthew Holt
dfe17c33ef
caddyconfig: Specify config adapter for HTTP loader (close #5607) 2023-06-30 20:04:32 -06:00
WeidiDeng
710824c3ce
core: Embed net.UDPConn to gain optimizations (#5606) 
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2023-06-30 16:31:26 -06:00
Mohammed Al Sahaf
d8ae801068
chore: remove deprecated property rlcp in goreleaser config (#5608) 2023-06-30 16:53:56 -04:00
Emily
119e8794bc
core: Skip chmod for abstract unix sockets (#5596) 
because those aren't real paths on the filesystem and thus can't be `chmod`ed
 2023-06-24 18:25:02 -06:00
Emily
22927e278d
core: Add optional unix socket file permissions (#4741) 
* core: Add optional unix socket file permissions

This commit also changes the default unix socket file permissions to `u=w,g=,o=` (octal: `0200`).
It used to default to the shell's umask (usually `u=rwx,g=rx,o=rx`, octal: `0755`).

`/run/caddy.sock` -> `/run/caddy.sock` with `0200` default perms
`/run/caddy.sock|0222` -> `/run/caddy.sock` with `0222` perms

`|` instead of `:` is used as a separator, to account for the `:` in Windows drive letters (e.g. `C:\absolute\path.sock`)

Fun fact:
The old unix(7) man page (pre Jun 2016) stated a socket needs both read and write perms.
Turns out, only write perms are needed.
Corrected in 7578ea2f85
Despite this, most implementations still default to read+write to this date.

* Add cases with Windows paths to test

* Require write perms for the owning user
 2023-06-23 14:49:41 -06:00
Francis Lavoie
7a69ae7571
reverseproxy: Honor tls_except_port for active health checks (#5591) 2023-06-22 16:20:30 -06:00
Matthew Holt
2b2addebb8
Appease linter 2023-06-21 17:59:54 -06:00
Matthew Holt
9563666bfb
Fix compile on Windows, hopefully 2023-06-21 17:47:23 -06:00
Matthew Holt
806341e089
core: Properly preserve unix sockets (fix #5568) 2023-06-21 17:16:01 -06:00
Matthew Holt
0468508e92 go.mod: Upgrade CertMagic for hotfix 2023-06-21 13:25:38 -06:00
Matthew Holt
415d1e7b6f go.mod: Upgrade some dependencies 2023-06-21 13:25:38 -06:00
Omer Demirok
1a36b06cd4
chore: upgrade otel (#5586) 2023-06-21 11:46:42 -06:00
Marten Seemann
398c12ae9b
go.mod: Update quic-go to v0.36.0 (#5584) 2023-06-21 06:56:12 -04:00
Saber Haj Rabiee
361946eb0c
reverseproxy: weighted_round_robin load balancing policy (#5579) 
* added weighted round robin algorithm to load balancer

* added an adapt integration test for wrr and fixed a typo

* changed args format to Caddyfile args convention

* added provisioner and validator for wrr

* simplified the code and improved doc
 2023-06-20 11:42:58 -06:00
mmm444
424ae0f420
reverseproxy: Experimental streaming timeouts (#5567) 
* reverseproxy: WIP streaming timeouts

* More verbose logging by using the child logger

* reverseproxy: Implement streaming timeouts

* reverseproxy: Refactor cleanup

* reverseproxy: Avoid **time.Timer

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2023-06-19 15:54:43 -06:00
guangwu
4548b7de8e
chore: remove refs of deprecated io/ioutil (#5576) 2023-06-16 21:27:57 -06:00
Francis Lavoie
3b19aa2b5a
headers: Allow > to defer shortcut for replacements (#5574) 2023-06-15 17:18:55 -06:00
Dominik Roos
6a41b62e70
caddyhttp: Support custom network for HTTP/3 (#5573) 
Allow registering a custom network mapping for HTTP/3. This is useful
if the original network for HTTP/1.1 and HTTP/2 is not a standard `unix`,
`tcp4`, or `tcp6` network. To keep backwards compatibility, we fall back
to `udp` if the original network is not registered in the mapping.

Fixes #5555
 2023-06-13 19:33:39 -06:00
Corin Langosch
2ddb717144
reverseproxy: Fix parsing of source IP in case it's an ipv6 address (#5569) 2023-06-12 09:35:22 -06:00
365cent
56af1ceb32
fileserver: browse: Better grid layout (#5564) 
* feat: better implementation of grid layout

* fix: vertical alignment
 2023-06-05 07:39:57 +00:00
Matthew Holt
4ba03c9d38
caddytls: Clarify some JSON config docs 2023-06-04 22:15:50 -06:00