Commit graph

1376 commits

Author SHA1 Message Date
Matthew Holt
994b9033e9
http: Don't use a Host matcher for HTTP->HTTPS redirects
In case on-demand TLS is enabled, in that case we don't know the only
names that have automatic HTTPS.

See https://caddy.community/t/v2-http-to-https-redirects-fail-for-on-demand-ssl-certs/6742?u=matt
2020-01-09 14:39:49 -07:00
Matthew Holt
590480513a
Update docs for couple of Caddyfile directives 2020-01-09 14:38:59 -07:00
Matt Holt
7527c01705
v2: Implement Caddyfile enhancements (breaking changes) (#2960)
* http: path matcher: exact match by default; substring matches (#2959)

This is a breaking change.

* caddyfile: Change "matcher" directive to "@matcher" syntax (#2959)

* cmd: Assume caddyfile adapter for config files named Caddyfile

* Sub-sort handlers by path matcher length (#2959)

Caddyfile-generated subroutes have handlers, which are sorted first by
directive order (this is unchanged), but within directives we now sort
by specificity of path matcher in descending order (longest path first,
assuming that longest path is most specific).

This only applies if there is only one matcher set, and the path
matcher in that set has only one path in it. Path matchers with two or
more paths are not sorted like this; and routes with more than one
matcher set are not sorted like this either, since specificity is
difficult or impossible to infer correctly.

This is a special case, but definitely a very common one, as a lot of
routing decisions are based on paths.

* caddyfile: New 'route' directive for appearance-order handling (#2959)

* caddyfile: Make rewrite directives mutually exclusive (#2959)

This applies only to rewrites in the top-level subroute created by the
HTTP caddyfile.
2020-01-09 14:00:32 -07:00
Matthew Holt
8aef859a55
caddyfile: Less strict URL parsing; allows placeholders
See https://caddy.community/t/caddy-v2-reusable-snippets/6744/11?u=matt
2020-01-09 12:35:53 -07:00
Matt Holt
a5ebec0041
http: Change routes to sequential matcher evaluation (#2967)
Previously, all matchers in a route would be evaluated before any
handlers were executed, and a composite route of the matching routes
would be created. This made rewrites especially tricky, since the only
way to defer later matchers' evaluation was to wrap them in a subroute,
or to invoke a "rehandle" which often caused bugs.

Instead, this new sequential design evaluates each route's matchers then
its handlers in lock-step; matcher-handlers-matcher-handlers...

If the first matching route consists of a rewrite, then the second route
will be evaluated against the rewritten request, rather than the original
one, and so on.

This should do away with any need for rehandling.

I've also taken this opportunity to avoid adding new values to the
request context in the handler chain, as this creates a copy of the
Request struct, which may possibly lead to bugs like it has in the past
(see PR #1542, PR #1481, and maybe issue #2463). We now add all the
expected context values in the top-level handler at the server, then
any new values can be added to the variable table via the VarsCtxKey
context key, or just the GetVar/SetVar functions. In particular, we are
using this facility to convey dial information in the reverse proxy.

Had to be careful in one place as the middleware compilation logic has
changed, and moved a bit. We no longer compile a middleware chain per-
request; instead, we can compile it at provision-time, and defer only the
evaluation of matchers to request-time, which should slightly improve
performance. Doing this, however, we take advantage of multiple function
closures, and we also changed the use of HandlerFunc (function pointer)
to Handler (interface)... this led to a situation where, if we aren't
careful, allows one request routed a certain way to permanently change
the "next" handler for all/most other requests! We avoid this by making
a copy of the interface value (which is a lightweight pointer copy) and
using exclusively that within our wrapped handlers. This way, the
original stack frame is preserved in a "read-only" fashion. The comments
in the code describe this phenomenon.

This may very well be a breaking change for some configurations, however
I do not expect it to impact many people. I will make it clear in the
release notes that this change has occurred.
2020-01-09 10:00:13 -07:00
Mark Sargent
7c419d5349 caddyfile: Preprocess env vars in {$THIS} format (#2963)
* transform a caddyfile with environment variables

* support adapt time and runtime variables in the caddyfile

* caddyfile: Pre-process environment variables before parsing

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-01-09 09:40:16 -07:00
Matthew Holt
3828a3aaac
go.mod: Update lego, tidy up 2020-01-08 18:40:17 -07:00
Matthew Holt
8bae8f5f5a
http: Always set status code via response recorder
Fixes panic if no upstream handler wrote anything to the response
2020-01-08 18:37:41 -07:00
Zaq? Wiedmann
21f1f95e7b reverse_proxy: Add tls_trusted_ca_certs to Caddyfile (#2936)
Allows specifying ca certs with by filename in
`reverse_proxy.transport`.

Example
```
reverse_proxy /api api:443 {
    transport http {
        tls
        tls_trusted_ca_certs certs/rootCA.pem
    }
}
```
2020-01-07 12:07:42 -07:00
Matthew Holt
78e98c40d3
basicauth: Accept placeholders; move base64 decoding to provision
See https://caddy.community/t/v2-basicauth-bug/6738?u=matt
2020-01-07 08:50:18 -07:00
Matthew Holt
5c99267dd8
A few miscellaneous, minor fixes 2020-01-06 08:10:20 -07:00
Matthew Holt
a6df4cdbbc logging: Add doc about which fields can't be filtered 2020-01-03 15:28:05 -07:00
Mohammed Al Sahaf
dff78d82ce v2: housekeeping: address minor lint complaints (#2957)
* v2: housekeeping: update tools

* v2: housekeeping: adhere to US locale in spelling

* v2: housekeeping: simplify code
2020-01-03 11:33:22 -07:00
Matthew Holt
8c7c2e4af2
logging: Little fix for filtering object fields 2020-01-01 10:26:37 -07:00
Matthew Holt
3d9f8eac08
Couple of minor fixes, update readme 2019-12-31 22:51:55 -07:00
Matthew Holt
06ea0a5295
Tune AppConfigDir and docs for Storage module 2019-12-31 18:31:43 -07:00
Matthew Holt
788462bd4c
file-server command: Use safer defaults; http: improve host matcher docs 2019-12-31 16:57:54 -07:00
Matthew Holt
5a0603ed72
Config auto-save; run --resume flag; update environ output (close #2903)
Config auto-saving is on by default and can be disabled. The --environ
flag (or environ subcommand) now print more useful information from
Caddy and the runtime, including some nifty paths.
2019-12-31 16:56:19 -07:00
Matthew Holt
984d384d14
Change storage paths to follow OS conventions; migrate folder (#2955) 2019-12-31 16:47:35 -07:00
Matthew Holt
fdabac51a8
Improve docs, especially w.r.t. placeholders and template actions 2019-12-29 13:16:34 -07:00
Matthew Holt
95d944613b
Export Replacer and use concrete type instead of interface
The interface was only making things difficult; a concrete pointer is
probably best.
2019-12-29 13:12:52 -07:00
Matthew Holt
2b33d9a5e5
http: Enable TLS for servers listening only on HTTPS port
It seems silly to have to add a single, empty TLS connection policy to
a server to enable TLS when it's only listening on the HTTPS port. We
now do this for the user as part of automatic HTTPS (thus, it can be
disabled / overridden).

See https://caddy.community/t/v2-catch-all-server-with-automatic-tls/6692/2?u=matt
2019-12-28 23:56:08 -07:00
Matthew Holt
5c8b502964
fastcgi: Set SERVER_SOFTWARE, _NAME, and _PORT properly (fixes #2952) 2019-12-28 16:35:29 -07:00
Matthew Holt
82bebfab8a
templates: Change functions, add front matter support, better markdown 2019-12-23 12:56:41 -07:00
Matthew Holt
be3849c267
Remove markdown module 2019-12-23 12:55:52 -07:00
Matthew Holt
16ee985c22
admin: Only write most CORS headers in OPTIONS requests 2019-12-23 12:46:01 -07:00
Matthew Holt
95ed603de7
Improve godocs all around
These will be used in the new automated documentation system
2019-12-23 12:45:35 -07:00
Matthew Holt
cbb405f6aa
cmd: Eliminate unintended use of cgo
This means the stop command can only use the API to stop the instance;
no more signaling, unless we find a cgo-free way of doing it.
2019-12-23 12:41:05 -07:00
Matthew Holt
724c728678
rewrite: Attempt query string fix (#2891) 2019-12-17 16:30:26 -07:00
Matthew Holt
21408212da
http: query and query_string placeholders should use RawQuery, probably 2019-12-17 16:29:37 -07:00
Matthew Holt
fe516575db
core: Add ReplaceFunc method to Replacer to allow dynamic replacements 2019-12-17 16:29:09 -07:00
Matthew Holt
080a62d5c5
Update go.mod; use CertMagic v0.9.0 2019-12-17 10:59:35 -07:00
Matthew Holt
dae4913fe3
http: Patch path matcher to ignore dots and spaces (#2917)
(Try saying "patch path match" ten times fast)
2019-12-17 10:14:04 -07:00
Matthew Holt
6455efa5d3
admin: POST /... expands and appends all array elements
Makes it easy to append many items to an array in one command
2019-12-17 10:11:45 -07:00
Matthew Holt
5ab17a3a37 admin: /stop endpoint gracefully shuts down; fixes caddy stop command 2019-12-16 13:46:39 -07:00
Abdelmalek Ihdene
c3bcd967bd logging: Implement net writer (#2884)
* Implement UDP writer

* Implement Net Writer

* Utilize Caddy's address parsing functions

* A couple little fixes (see #2884)
2019-12-15 12:58:01 -07:00
Matthew Holt
6ea121ddf8
tls: Ensure conn policy is created when providing certs in Caddyfile
Fixes #2929
2019-12-13 16:32:27 -07:00
Matthew Holt
8005b7ab73
Couple of quick fixes 2019-12-13 15:36:00 -07:00
Matthew Holt
b1a456cfe3
rewrite: strip_prefix, strip_suffix, and uri_replace dirs (closes #2906) 2019-12-12 15:46:13 -07:00
Matthew Holt
5e9d81b507
try_files, rewrite: allow query string in try_files (fix #2891)
Also some minor cleanup/improvements discovered along the way
2019-12-12 15:27:09 -07:00
Matthew Holt
09a8517065
rewrite: query string enh.; substring replace; add tests (see #2891) 2019-12-12 14:32:35 -07:00
Matthew Holt
87b6cf470b
Minor improvements; comments and shorter placeholders & module IDs 2019-12-12 14:31:20 -07:00
Matthew Holt
f935458e3e
cmd: Fix validate command when JSON contains "@id" fields
Also, don't run admin server when validating...
2019-12-12 14:30:22 -07:00
Matt Holt
2e0615270d
fuzz: Remove Caddyfile adapter from fuzz corpus (#2925)
The Caddyfile adapter does not need to be fuzzed, as all it really does
is invoke the Caddyfile parser, which is already fuzzed
2019-12-10 15:00:31 -07:00
Matthew Holt
fab5e4372a
core: Add godoc examples for LoadModule 2019-12-10 14:06:35 -07:00
Matt Holt
3c90e370a4
v2: Module documentation; refactor LoadModule(); new caddy struct tags (#2924)
This commit goes a long way toward making automated documentation of
Caddy config and Caddy modules possible. It's a broad, sweeping change,
but mostly internal. It allows us to automatically generate docs for all
Caddy modules (including future third-party ones) and make them viewable
on a web page; it also doubles as godoc comments.

As such, this commit makes significant progress in migrating the docs
from our temporary wiki page toward our new website which is still under
construction.

With this change, all host modules will use ctx.LoadModule() and pass in
both the struct pointer and the field name as a string. This allows the
reflect package to read the struct tag from that field so that it can
get the necessary information like the module namespace and the inline
key.

This has the nice side-effect of unifying the code and documentation. It
also simplifies module loading, and handles several variations on field
types for raw module fields (i.e. variations on json.RawMessage, such as
arrays and maps).

I also renamed ModuleInfo.Name -> ModuleInfo.ID, to make it clear that
the ID is the "full name" which includes both the module namespace and
the name. This clarity is helpful when describing module hierarchy.

As of this change, Caddy modules are no longer an experimental design.
I think the architecture is good enough to go forward.
2019-12-10 13:36:46 -07:00
Marten Seemann
a8533e5630 update quic-go to v0.14.1 (#2918) 2019-12-07 10:29:03 -07:00
Matthew Holt
b07f6958ac
Use "IsUnixNetwork" function instead of repeating the logic 2019-12-06 12:00:04 -07:00
Matthew Holt
33a318d173
Don't append port to unix sockets
See https://caddy.community/t/caddy-v2-php-fpm-502-error/6571?u=matt
2019-12-06 11:45:50 -07:00
lu4p
68adfdc559 Fix misspellings (#2908) 2019-12-04 16:28:13 -07:00