* use url.PathEscape in file-server browse template
- add `pathEscape` to c.tpl.Funcs, using `url.PathEscape`
- use `pathEscape` in browse.html in place of `replace`
* document `pathEscape`
* Remove unnecessary pipe of img src to `html`
Set the requested server name in a context value for CertGetter
implementations to use. Pass ctx to tscert.GetCertificateWithContext.
Signed-off-by: Will Norris <will@tailscale.com>
* chore: downgrade minimum Go version in go.mod
* Upgrade certmagic and zerossl
---------
Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
* added health_follow_redirect in active health checks
* chore: code format
* chore: refactore reversproxy healthcheck redirect variable name and description of the same
* chore: formatting
* changed reverse proxy health check status code range to be between 200-299
* chore: formatting
---------
Co-authored-by: aliasgar <joancena1268@mail.com>
* Allow usage of root CA without a key. Fixes#6290
* Update modules/caddypki/crypto.go
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* caddytls: Evict internal certs from cache based on issuer
During a config reload, we would keep certs in the cache fi they were used by the next config. If one config uses InternalIssuer and the other uses a public CA, this behavior is problematic / unintuitive, because there is a big difference between private/public CAs.
This change should ensure that internal issuers are considered when deciding whether to keep or evict from the cache during a reload, by making them distinct from each other and certs from public CAs.
* Make sure new TLS app manages configured certs
* Actually make it work
* Add option to configure certificate lifetime
* Bump CertMagic dep to latest master commit
* Apply suggestions and ran go mod tidy
* Update modules/caddytls/acmeissuer.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
Before this change, a read of size (let's say) < 10, into a buffer of size 10, will return EOF because we're using CopyN to limit to the size of the buffer. That resulted in the body being read from later, which should only happen if it couldn't fit in the buffer.
With this change, the body is properly NOT set when it can all fit in the buffer.
* caddyfile: Populate regexp matcher names by default
* Some lint cleanup that my VSCode complained about
* Pass down matcher name through expression matcher
* Compat with #6113: fix adapt test, set both styles in replacer