Matt Holt
57c5b921a4
caddytls: Make on-demand 'ask' permission modular ( #6055 )
...
* caddytls: Make on-demand 'ask' permission modular
This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.
Kicking myself that we didn't do it this way at the beginning, but who coulda known...
* Lint
* Error on conflicting config
* Fix bad merge
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-30 16:11:29 -07:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters ( #5961 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
bbaa
c369df5c37
caddyfile: Correctly close the heredoc when the closing marker appears immediately ( #6062 )
2024-01-25 14:55:00 +00:00
bbaa
7c48b5fdbb
caddyfile: Switch to slices.Equal for better performance ( #6061 )
2024-01-25 14:46:08 +00:00
Mohammed Al Sahaf
e965b111cd
tls: modularize trusted CA providers ( #5784 )
...
* tls: modularize client authentication trusted CA
* add `omitempty` to `CARaw`
* docs
* initial caddyfile support
* revert anything related to leaf cert validation
The certs are used differently than the CA pool flow
* complete caddyfile unmarshalling implementation
* Caddyfile syntax documentation
* enhance caddyfile parsing and documentation
Apply suggestions from code review
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
* add client_auth caddyfile tests
* add caddyfile unmarshalling tests
* fix and add missed adapt tests
* fix rebase issue
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 11:44:41 +03:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers ( #6037 )
2024-01-23 19:36:59 -05:00
bbaa
c0273f1f04
caddyfile: Add heredoc support to fmt
command ( #6056 )
2024-01-22 02:24:49 +00:00
Aziz Rmadi
d9aded016c
caddyfile: Allow heredoc blank lines ( #6051 )
2024-01-18 22:57:18 -05:00
Aziz Rmadi
4181c79a81
httpcaddyfile: Add optional status code argument to handle_errors
directive ( #5965 )
...
Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>
2024-01-16 01:24:17 -05:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root
and rewrite
parsing to allow omitting matcher ( #5844 )
2024-01-15 09:57:08 -07:00
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing ( #5805 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs
directive ( #5833 )
2024-01-13 20:12:43 +00:00
Subhaditya Nath
c2d889f85e
httpcaddyfile: Fix redir <to> html ( #6001 )
2024-01-10 12:24:47 +00:00
Zach Galvin
cb86319bd5
httpcaddyfile: Support client auth verifiers ( #6022 )
...
* Added verifier case
Update author
* Update verifier to match struct tag
* gci run
2024-01-09 23:14:51 +00:00
Rithvik Vibhu
ed41c924cf
tls: add reuse_private_keys ( #6025 )
2024-01-09 16:00:31 -07:00
Francis Lavoie
f976c84d9e
httpcaddyfile: Fix cert file decoding to load multiple PEM in one file ( #5997 )
2023-12-20 08:37:21 -07:00
Francis Lavoie
da7d8cb26d
httpcaddyfile: Sort skip_hosts for deterministic JSON ( #5990 )
...
* httpcaddyfile: Sort skip_hosts for deterministic JSON
* Update caddyconfig/httpcaddyfile/httptype.go
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* Fix test
* Bah
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-12-18 12:54:52 -07:00
Francis Lavoie
3d7d60f7cf
caddyhttp: Add uuid
to access logs when used ( #5859 )
2023-12-13 15:40:15 -07:00
Francis Lavoie
ac1f20b9e4
httpcaddyfile: Remove port from logger names ( #5881 )
...
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-10-16 23:57:03 -06:00
Francis Lavoie
7984e6f6fd
httpcaddyfile: Fix TLS automation policy merging with get_certificate ( #5896 )
2023-10-14 14:23:50 -06:00
WeidiDeng
1f60328e17
caddyfile: Fix variadic placeholder false positive when token contains :
( #5883 )
2023-10-13 02:28:20 -04:00
Francis Lavoie
33d8d2c6b5
httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output ( #5860 )
...
* httpcaddyfile: Sort TLS SNI matcher, for deterministic adapt output
* Update caddyconfig/httpcaddyfile/httptype.go
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-10-11 09:47:07 -06:00
Đỗ Trọng Hải
df99502977
httpcaddyfile: Enable TLS for catch-all site if tls
directive is specified ( #5808 )
2023-10-10 21:46:39 +00:00
Đỗ Trọng Hải
2cac3c5491
httpcaddyfile: fix placeholder shorthands in named routes ( #5791 )
...
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-09-08 14:38:44 -04:00
Francis Lavoie
7103ea096f
caddyfile: Fix case where heredoc marker is empty after newline ( #5769 )
...
Fixes `panic: runtime error: slice bounds out of range [:3] with capacity 2`
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-08-24 03:27:57 +00:00
Francis Lavoie
38a7b6b3d0
caddyfile: Adjust error formatting ( #5765 )
2023-08-20 08:51:03 -06:00
Karun Agarwal
288216e1fb
httpcaddyfile: Stricter errors for site and upstream address schemes ( #5757 )
...
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-08-19 07:28:25 -04:00
Francis Lavoie
10053f7570
caddyfile: Loosen heredoc parsing ( #5761 )
2023-08-19 10:32:32 +00:00
Jacob Gadikian
d6f86cccf5
ci: use gci linter ( #5708 )
...
* use gofmput to format code
* use gci to format imports
* reconfigure gci
* linter autofixes
* rearrange imports a little
* export GOOS=windows golangci-lint run ./... --fix
2023-08-14 09:41:15 -06:00
Jacob Gadikian
b32f265eca
ci: Use gofumpt to format code ( #5707 )
2023-08-07 19:40:31 +00:00
WeidiDeng
9f34383c02
caddyfile: check that matched key is not a substring of the replacement key ( #5685 )
2023-08-04 10:44:38 -06:00
Herman Slatman
4aa4f3ac70
httpcaddyfile: Fix string does not match ~[]E
error ( #5675 )
...
Only happens for some people. Unable to confirm.
2023-08-03 00:41:37 +00:00
Francis Lavoie
cd486c25d1
caddyhttp: Make use of http.ResponseController
( #5654 )
...
* caddyhttp: Make use of http.ResponseController
Also syncs the reverseproxy implementation with stdlib's which now uses ResponseController as well 2449bbb5e6
* Enable full-duplex for HTTP/1.1
* Appease linter
* Add warning for builds with Go 1.20, so it's less surprising to users
* Improved godoc for EnableFullDuplex, copied text from stdlib
* Only wrap in encode if not already wrapped
2023-08-02 20:03:26 +00:00
Francis Lavoie
5c51c1db2c
httpcaddyfile: Allow hostnames
& logger name overrides for log directive ( #5643 )
...
* httpcaddyfile: Allow `hostnames` override for log directive
* Implement access logger name overrides
* Fix panic & default logger clobbering edgecase
2023-08-02 03:13:46 -04:00
WeidiDeng
bbe1952a59
caddyfile: Fix comparing if two tokens are on the same line ( #5626 )
...
* fix comparing if two tokens are on the same line
* compare tokens from copies when importing
2023-07-12 14:32:22 -06:00
Matthew Holt
dfe17c33ef
caddyconfig: Specify config adapter for HTTP loader ( close #5607 )
2023-06-30 20:04:32 -06:00
WeidiDeng
9cde715525
caddyfile: Track import name instead of modifying filename ( #5540 )
...
* Merge branch 'master' into import_file_stack
* remove space in log key
2023-05-25 13:05:00 -06:00
WeidiDeng
cee4441cb1
caddyfile: Do not replace import tokens if they are part of a snippet ( #5539 )
...
* fix variadic placeholder in imported file which also imports
* fix tests.
* skip replacing args when imported token may be part of a snippet
2023-05-22 15:36:55 -06:00
Matthew Holt
ca14b6edd9
httpcaddyfile: Sort Caddyfile slice
...
Makes list deterministic. See #5538
2023-05-17 13:50:32 -06:00
Francis Lavoie
cbf16f6d9e
caddyhttp: Implement named routes, invoke
directive ( #5107 )
...
* caddyhttp: Implement named routes, `invoke` directive
* gofmt
* Add experimental marker
* Adjust route compile comments
2023-05-16 15:27:52 +00:00
Matt Holt
96919acc9d
caddyhttp: Refactor cert Managers ( fix #5415 ) ( #5533 )
2023-05-15 10:47:30 -06:00
Matthew Holt
e96aafe1ca
Slightly more helpful error message
2023-05-13 08:04:42 -06:00
Matt Holt
faf0399e80
caddytls: Configurable fallback SNI ( #5527 )
...
* Initial implementation of fallback_sni
* Apply upstream patch
2023-05-10 14:29:29 -06:00
Francis Lavoie
53b6fab125
caddyfile: Stricter parsing, error for brace on new line ( #5505 )
2023-04-20 18:43:51 +00:00
Mohammed Al Sahaf
1aef807c71
log: Make sink logs encodable ( #5441 )
...
* log: make `sink` encodable
* deduplicate logger fields
* extract common fields into `BaseLog` and embed it into `SinkLog`
* amend godoc on `BaseLog` and `SinkLog`
* minor style change
---------
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-03-27 21:41:24 +00:00
Francis Lavoie
e16a886814
caddytls: Eval replacer on automation policy subjects ( #5459 )
...
Also renamed the field to SubjectsRaw, which can be considered a breaking change but I don't expect this to affect much.
2023-03-27 21:16:22 +00:00
Francis Lavoie
05e9974570
caddyhttp: Determine real client IP if trusted proxies configured ( #5104 )
...
* caddyhttp: Determine real client IP if trusted proxies configured
* Support customizing client IP header
* Implement client_ip matcher, deprecate remote_ip's forwarded option
2023-03-27 20:22:59 +00:00
Francis Lavoie
330be2d8c7
httpcaddyfile: Adjust path matcher sorting to solve for specificity ( #5462 )
2023-03-27 15:43:44 -04:00
Francis Lavoie
f3379f650a
caddyfile: Fix heredoc fuzz crasher, drop trailing newline ( #5404 )
...
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-02-26 16:56:48 -05:00
Francis Lavoie
960150bb03
caddyfile: Implement heredoc support ( #5385 )
2023-02-26 00:34:27 +00:00