Commit graph

401 commits

Author SHA1 Message Date
Mohammed Al Sahaf
c6eb186064
run golangci-lint run --fix --fast (#6270) 2024-04-24 15:17:23 -06:00
clauverjat
76c4cf5a56
caddytls: Option to configure certificate lifetime (#6253)
* Add option to configure certificate lifetime

* Bump CertMagic dep to latest master commit

* Apply suggestions and ran go mod tidy

* Update modules/caddytls/acmeissuer.go

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-04-24 14:35:14 -06:00
Matthew Holt
d404005339
Quell linter (false positive) 2024-04-23 11:55:37 -06:00
Matthew Holt
6a02999054
caddytls: Add Caddyfile support for on-demand permission module (close #6260) 2024-04-22 15:47:09 -06:00
Matthew Holt
3efda6fb3a httpcaddyfile: Skip automate loader if disable_certs is specified (fix #6148) 2024-04-17 12:26:03 -06:00
Francis Lavoie
9cd472c031
caddyfile: Populate regexp matcher names by default (#6145)
* caddyfile: Populate regexp matcher names by default

* Some lint cleanup that my VSCode complained about

* Pass down matcher name through expression matcher

* Compat with #6113: fix adapt test, set both styles in replacer
2024-04-17 12:19:14 -06:00
Francis Lavoie
70953e873a
caddyhttp: Support multiple logger names per host (#6088)
* caddyhttp: Support multiple logger names per host

* Lint

* Add adapt test

* Implement "string or array" parsing, keep original `logger_names`

* Rewrite adapter test to be more representative of the usecase
2024-04-16 22:26:18 +00:00
Matt Holt
81413caea2
caddytls: Upgrade ACMEz to v2; support ZeroSSL API; various fixes (#6229)
* WIP: acmez v2, CertMagic, and ZeroSSL issuer upgrades

* caddytls: ZeroSSLIssuer now uses ZeroSSL API instead of ACME

* Fix go.mod

* caddytls: Fix automation related to managers (fix #6060)

* Fix typo (appease linter)

* Fix HTTP validation with ZeroSSL API
2024-04-13 21:31:43 -04:00
danish-mehmood
f4840cfeb8
caddyconfig: Use empty struct instead of bool in map (close #6224) (#6227) 2024-04-08 17:12:35 -06:00
Francis Lavoie
1c4a807667
chore: Upgrade some dependencies (#6221) 2024-04-04 18:27:52 -04:00
Steffen Busch
c27425ef5d
httpcaddyfile: Keep deprecated skip_log in directive order (#6153) 2024-03-07 14:34:01 -05:00
Francis Lavoie
258d906140
httpcaddyfile: Add RegisterDirectiveOrder function for plugin authors (#5865)
* httpcaddyfile: Add `RegisterDirectiveOrder` function for plugin authors

* Set up Positional enum

* Linter doesn't like a switch on an enum with default

* Update caddyconfig/httpcaddyfile/directives.go

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-06 19:41:45 +00:00
Francis Lavoie
0d44e3ecba
logging: Implement log_append handler (#6066)
* logging: Implement `extra_log` handler

* Rename to `log_append`

* Rename `skip_log` to `log_skip`

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-05 17:03:59 -07:00
Francis Lavoie
2a78c9c5e4
httpcaddyfile: Allow nameless regexp placeholder shorthand (#6113)
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2024-03-05 23:37:14 +00:00
bbaa
8bbf8ec629
caddyfile: Assert having a space after heredoc marker to simply check (#6117) 2024-02-20 12:29:20 +00:00
Aziz Rmadi
b893c8c5f8
caddyfile: Reject directives in the place of site addresses (#6104)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-02-19 00:22:48 +00:00
Mohammed Al Sahaf
21744b6c4c
Revert "caddyfile: Reject long heredoc markers (#6098)" (#6100)
This reverts commit e7a534d0a3.
2024-02-12 18:06:22 +00:00
Francis Lavoie
f9e11158bc
caddyauth: Rename basicauth to basic_auth (#6092) 2024-02-12 17:34:23 +00:00
Francis Lavoie
e7a534d0a3
caddyfile: Reject long heredoc markers (#6098)
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2024-02-11 13:30:14 -05:00
Matt Holt
57c5b921a4
caddytls: Make on-demand 'ask' permission modular (#6055)
* caddytls: Make on-demand 'ask' permission modular

This makes the 'ask' endpoint a module, which means that developers can
write custom plugins for granting permission for on-demand certificates.

Kicking myself that we didn't do it this way at the beginning, but who coulda known...

* Lint

* Error on conflicting config

* Fix bad merge

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-30 16:11:29 -07:00
Yolan Romailler
2fe69a828f
chore: enabling a few more linters (#5961)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 15:24:58 +00:00
bbaa
c369df5c37
caddyfile: Correctly close the heredoc when the closing marker appears immediately (#6062) 2024-01-25 14:55:00 +00:00
bbaa
7c48b5fdbb
caddyfile: Switch to slices.Equal for better performance (#6061) 2024-01-25 14:46:08 +00:00
Mohammed Al Sahaf
e965b111cd
tls: modularize trusted CA providers (#5784)
* tls: modularize client authentication trusted CA

* add `omitempty` to `CARaw`

* docs

* initial caddyfile support

* revert anything related to leaf cert validation

The certs are used differently than the CA pool flow

* complete caddyfile unmarshalling implementation

* Caddyfile syntax documentation

* enhance caddyfile parsing and documentation

Apply suggestions from code review

Co-authored-by: Francis Lavoie <lavofr@gmail.com>

* add client_auth caddyfile tests

* add caddyfile unmarshalling tests

* fix and add missed adapt tests

* fix rebase issue

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-25 11:44:41 +03:00
Francis Lavoie
750d0b8331
caddyfile: Normalize & flatten all unmarshalers (#6037) 2024-01-23 19:36:59 -05:00
bbaa
c0273f1f04
caddyfile: Add heredoc support to fmt command (#6056) 2024-01-22 02:24:49 +00:00
Aziz Rmadi
d9aded016c
caddyfile: Allow heredoc blank lines (#6051) 2024-01-18 22:57:18 -05:00
Aziz Rmadi
4181c79a81
httpcaddyfile: Add optional status code argument to handle_errors directive (#5965)
Co-authored-by: Aziz Rmadi <azizrmadi@Azizs-MacBook-Air.local>
2024-01-16 01:24:17 -05:00
Francis Lavoie
5e2f1b5ced
httpcaddyfile: Rewrite root and rewrite parsing to allow omitting matcher (#5844) 2024-01-15 09:57:08 -07:00
Nebez Briefkani
cc0c0cf03e
caddyhttp: Security enhancements for client IP parsing (#5805)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2024-01-13 20:46:37 +00:00
a
c839a98ff5
filesystem: Globally declared filesystems, fs directive (#5833) 2024-01-13 20:12:43 +00:00
Subhaditya Nath
c2d889f85e
httpcaddyfile: Fix redir <to> html (#6001) 2024-01-10 12:24:47 +00:00
Zach Galvin
cb86319bd5
httpcaddyfile: Support client auth verifiers (#6022)
* Added verifier case

Update author

* Update verifier to match struct tag

* gci run
2024-01-09 23:14:51 +00:00
Rithvik Vibhu
ed41c924cf
tls: add reuse_private_keys (#6025) 2024-01-09 16:00:31 -07:00
Francis Lavoie
f976c84d9e
httpcaddyfile: Fix cert file decoding to load multiple PEM in one file (#5997) 2023-12-20 08:37:21 -07:00
Francis Lavoie
da7d8cb26d
httpcaddyfile: Sort skip_hosts for deterministic JSON (#5990)
* httpcaddyfile: Sort skip_hosts for deterministic JSON

* Update caddyconfig/httpcaddyfile/httptype.go

Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* Fix test

* Bah

---------

Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
2023-12-18 12:54:52 -07:00
Francis Lavoie
3d7d60f7cf
caddyhttp: Add uuid to access logs when used (#5859) 2023-12-13 15:40:15 -07:00
Francis Lavoie
ac1f20b9e4
httpcaddyfile: Remove port from logger names (#5881)
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-10-16 23:57:03 -06:00
Francis Lavoie
7984e6f6fd
httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896) 2023-10-14 14:23:50 -06:00
WeidiDeng
1f60328e17
caddyfile: Fix variadic placeholder false positive when token contains : (#5883) 2023-10-13 02:28:20 -04:00
Francis Lavoie
33d8d2c6b5
httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#5860)
* httpcaddyfile: Sort TLS SNI matcher, for deterministic adapt output

* Update caddyconfig/httpcaddyfile/httptype.go

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-10-11 09:47:07 -06:00
Đỗ Trọng Hải
df99502977
httpcaddyfile: Enable TLS for catch-all site if tls directive is specified (#5808) 2023-10-10 21:46:39 +00:00
Đỗ Trọng Hải
2cac3c5491
httpcaddyfile: fix placeholder shorthands in named routes (#5791)
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-09-08 14:38:44 -04:00
Francis Lavoie
7103ea096f
caddyfile: Fix case where heredoc marker is empty after newline (#5769)
Fixes `panic: runtime error: slice bounds out of range [:3] with capacity 2`

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2023-08-24 03:27:57 +00:00
Francis Lavoie
38a7b6b3d0
caddyfile: Adjust error formatting (#5765) 2023-08-20 08:51:03 -06:00
Karun Agarwal
288216e1fb
httpcaddyfile: Stricter errors for site and upstream address schemes (#5757)
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
2023-08-19 07:28:25 -04:00
Francis Lavoie
10053f7570
caddyfile: Loosen heredoc parsing (#5761) 2023-08-19 10:32:32 +00:00
Jacob Gadikian
d6f86cccf5
ci: use gci linter (#5708)
* use gofmput to format code

* use gci to format imports

* reconfigure gci

* linter autofixes

* rearrange imports a little

* export GOOS=windows golangci-lint run ./... --fix
2023-08-14 09:41:15 -06:00
Jacob Gadikian
b32f265eca
ci: Use gofumpt to format code (#5707) 2023-08-07 19:40:31 +00:00
WeidiDeng
9f34383c02
caddyfile: check that matched key is not a substring of the replacement key (#5685) 2023-08-04 10:44:38 -06:00