github-mirror/caddy
2
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-06-28 13:21:23 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
1,710 Commits 40 Branches 145 Tags
bbe1952a59a196b7598c6488beb770ec38a70dfc
Commit Graph

1710 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
WeidiDeng
bbe1952a59 caddyfile: Fix comparing if two tokens are on the same line (#5626) 
* fix comparing if two tokens are on the same line

* compare tokens from copies when importing
 2023-07-12 14:32:22 -06:00
Matt Holt
0e2c7e1d35 caddytls: Reuse certificate cache through reloads (#5623) 
* caddytls: Don't purge cert cache on config reload

* Update CertMagic

This actually avoids reloading managed certs from storage
when already in the cache, d'oh.

* Fix bug; re-implement HasCertificateForSubject

* Update go.mod: CertMagic tag
 2023-07-11 19:10:58 +00:00
Matt Holt
7ceef91295 Minor tweaks to security.md 2023-07-08 14:02:09 -06:00
Matthew Holt
5dec11f2a0 reverseproxy: Pointer receiver 
This avoids copying the Upstream, which has an atomically-accessed value
in it.
 2023-07-08 13:42:51 -06:00
Matthew Holt
66114cb155 caddyhttp: Trim dot/space only on Windows (fix #5613) 
Follow-up to #2917. Path matcher needs to trim dots and spaces but only
on Windows.
 2023-07-08 13:42:13 -06:00
Marten Seemann
7914ba3573 update quic-go to v0.36.1 (#5611) 2023-07-01 19:34:27 -04:00
Matthew Holt
dfe17c33ef caddyconfig: Specify config adapter for HTTP loader (close #5607) 2023-06-30 20:04:32 -06:00
WeidiDeng
710824c3ce core: Embed net.UDPConn to gain optimizations (#5606) 
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2023-06-30 16:31:26 -06:00
Mohammed Al Sahaf
d8ae801068 chore: remove deprecated property rlcp in goreleaser config (#5608) 2023-06-30 16:53:56 -04:00
Emily
119e8794bc core: Skip chmod for abstract unix sockets (#5596) 
because those aren't real paths on the filesystem and thus can't be `chmod`ed
 2023-06-24 18:25:02 -06:00
Emily
22927e278d core: Add optional unix socket file permissions (#4741) 
* core: Add optional unix socket file permissions

This commit also changes the default unix socket file permissions to `u=w,g=,o=` (octal: `0200`).
It used to default to the shell's umask (usually `u=rwx,g=rx,o=rx`, octal: `0755`).

`/run/caddy.sock` -> `/run/caddy.sock` with `0200` default perms
`/run/caddy.sock|0222` -> `/run/caddy.sock` with `0222` perms

`|` instead of `:` is used as a separator, to account for the `:` in Windows drive letters (e.g. `C:\absolute\path.sock`)

Fun fact:
The old unix(7) man page (pre Jun 2016) stated a socket needs both read and write perms.
Turns out, only write perms are needed.
Corrected in 7578ea2f85
Despite this, most implementations still default to read+write to this date.

* Add cases with Windows paths to test

* Require write perms for the owning user
 2023-06-23 14:49:41 -06:00
Francis Lavoie
7a69ae7571 reverseproxy: Honor tls_except_port for active health checks (#5591) 2023-06-22 16:20:30 -06:00
Matthew Holt
2b2addebb8 Appease linter v2.7.0-beta.2 2023-06-21 17:59:54 -06:00
Matthew Holt
9563666bfb Fix compile on Windows, hopefully 2023-06-21 17:47:23 -06:00
Matthew Holt
806341e089 core: Properly preserve unix sockets (fix #5568) 2023-06-21 17:16:01 -06:00
Matthew Holt
0468508e92 go.mod: Upgrade CertMagic for hotfix 2023-06-21 13:25:38 -06:00
Matthew Holt
415d1e7b6f go.mod: Upgrade some dependencies 2023-06-21 13:25:38 -06:00
Omer Demirok
1a36b06cd4 chore: upgrade otel (#5586) 2023-06-21 11:46:42 -06:00
Marten Seemann
398c12ae9b go.mod: Update quic-go to v0.36.0 (#5584) 2023-06-21 06:56:12 -04:00
Saber Haj Rabiee
361946eb0c reverseproxy: weighted_round_robin load balancing policy (#5579) 
* added weighted round robin algorithm to load balancer

* added an adapt integration test for wrr and fixed a typo

* changed args format to Caddyfile args convention

* added provisioner and validator for wrr

* simplified the code and improved doc
 2023-06-20 11:42:58 -06:00
mmm444
424ae0f420 reverseproxy: Experimental streaming timeouts (#5567) 
* reverseproxy: WIP streaming timeouts

* More verbose logging by using the child logger

* reverseproxy: Implement streaming timeouts

* reverseproxy: Refactor cleanup

* reverseproxy: Avoid **time.Timer

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2023-06-19 15:54:43 -06:00
guangwu
4548b7de8e chore: remove refs of deprecated io/ioutil (#5576) 2023-06-16 21:27:57 -06:00
Francis Lavoie
3b19aa2b5a headers: Allow > to defer shortcut for replacements (#5574) 2023-06-15 17:18:55 -06:00
Dominik Roos
6a41b62e70 caddyhttp: Support custom network for HTTP/3 (#5573) 
Allow registering a custom network mapping for HTTP/3. This is useful
if the original network for HTTP/1.1 and HTTP/2 is not a standard `unix`,
`tcp4`, or `tcp6` network. To keep backwards compatibility, we fall back
to `udp` if the original network is not registered in the mapping.

Fixes #5555
 2023-06-13 19:33:39 -06:00
Corin Langosch
2ddb717144 reverseproxy: Fix parsing of source IP in case it's an ipv6 address (#5569) 2023-06-12 09:35:22 -06:00
365cent
56af1ceb32 fileserver: browse: Better grid layout (#5564) 
* feat: better implementation of grid layout

* fix: vertical alignment
 2023-06-05 07:39:57 +00:00
Matthew Holt
4ba03c9d38 caddytls: Clarify some JSON config docs 2023-06-04 22:15:50 -06:00
Cass C
078f130a51 cmd: Implement storage import/export (#5532) 
* cmd: Implement 'storage import' and 'storage export' CLI commands.

These commands use the certmagic.Storage interface. In particular,
storage implementations should ensure that their List() functions
correctly enumerate all keys when called with an empty prefix and
recursive == true. Also, Stat() calls on keys holding values instead
of nested keys are expected to set KeyInfo.IsTerminal = true.

* remove errors.Join
 2023-06-02 13:04:31 -06:00
Matthew Holt
9c180a5988 go.mod: Upgrade quic-go to 0.35.1 2023-06-01 11:28:33 -06:00
Marten Seemann
467b7e3a9c update quic-go to v0.35.0 (#5560) 2023-05-30 05:41:57 -04:00
kassienull
31d75acc9c templates: Add readFile action that does not evaluate templates (#5553) 
* Create an includeRaw template function to include a file without parsing it as a template.

Some formatting fixes

* Rename to readFile, various docs adjustments

---------

Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2023-05-26 10:16:28 -06:00
WeidiDeng
9cde715525 caddyfile: Track import name instead of modifying filename (#5540) 
* Merge branch 'master' into import_file_stack

* remove space in log key
 2023-05-25 13:05:00 -06:00
Jonathan Davies
942fbb37ec core: Use SO_REUSEPORT_LB on FreeBSD (#5554) 
to balance load between threads.
 2023-05-23 10:56:00 -06:00
WeidiDeng
cee4441cb1 caddyfile: Do not replace import tokens if they are part of a snippet (#5539) 
* fix variadic placeholder in imported file which also imports

* fix tests.

* skip replacing args when imported token may be part of a snippet
 2023-05-22 15:36:55 -06:00
Matt Holt
5bd9c49042 fileserver: Don't set Etag if mtime is 0 or 1 (close #5548) (#5550) 2023-05-22 14:17:15 -06:00
pistasjis
cdd3884b32 fileserver: browse: minor tweaks for grid view, dark mode (#5545) 
* Make grid entries take up full width on mobile and fix breadcrumb color issue in dark mode

Signed-off-by: Pistasj <odyssey346@disroot.org>

* Do mholt's suggestions

Signed-off-by: Pistasj <odyssey346@disroot.org>

---------

Signed-off-by: Pistasj <odyssey346@disroot.org>
 2023-05-20 17:23:17 -06:00
Charles Duffy
2615c9c524 fileserver: Only set Etag if not already set (fix #5546) (#5547) 2023-05-20 17:21:43 -06:00
pistasjis
5336bc0fb6 fileserver: Fix file browser breadcrumb font (#5543) 
Signed-off-by: Pistasj <odyssey346@disroot.org>
 2023-05-19 11:08:47 -06:00
WeidiDeng
29452647d8 caddyhttp: Fix h3 shutdown (#5541) 
* swap h3server close and listener close, avoid quic-listener not closing

* fix typo
 2023-05-19 10:00:00 -06:00
Matthew Holt
bd34cb6b4e fileserver: More filetypes for browse icons 2023-05-19 09:59:44 -06:00
pistasjis
2d236ead3e fileserver: Fix file browser footer in grid mode (#5536) 
* Fix file browser footer in grid

Signed-off-by: Odyssey <odyssey346@disroot.org>

* Fix file browser footer while in grid mode

Signed-off-by: Pistasj <odyssey346@disroot.org>

* Do mholt's suggestions

Signed-off-by: Odyssey <odyssey346@disroot.org>

---------

Signed-off-by: Odyssey <odyssey346@disroot.org>
Signed-off-by: Pistasj <odyssey346@disroot.org>
 2023-05-19 09:51:21 -06:00
Matthew Holt
38cb587e0f cmd: Avoid spammy log messages (fix #5538) 
I forgot there are two calls to LoadConfig() here that needed replacing.
 2023-05-17 16:13:15 -06:00
Matthew Holt
ca14b6edd9 httpcaddyfile: Sort Caddyfile slice 
Makes list deterministic. See #5538
 2023-05-17 13:50:32 -06:00
Francis Lavoie
cbf16f6d9e caddyhttp: Implement named routes, invoke directive (#5107) 
* caddyhttp: Implement named routes, `invoke` directive

* gofmt

* Add experimental marker

* Adjust route compile comments
v2.7.0-beta.1 		2023-05-16 15:27:52 +00:00
Tran Phong
13a37688dc rewrite: use escaped path, fix #5278 (#5504) 
* use escaped path while rewriting

Signed-off-by: TP-O <letranphong2k1@gmail.com>

* restore line break

---------

Signed-off-by: TP-O <letranphong2k1@gmail.com>
 2023-05-16 09:16:07 -06:00
Francis Lavoie
e8352aef38 headers: Add > Caddyfile shortcut for enabling defer (#5535) 2023-05-16 01:18:13 -04:00
Matthew Holt
36546cd8b9 go.mod: Upgrade several dependencies 2023-05-15 16:56:27 -06:00
Francis Lavoie
75b690d248 reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile (#5494) 
* reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile

* Add clarifying comment
 2023-05-15 12:14:50 -06:00
Matt Holt
52d7335c2b fileserver: Use EscapedPath for browse (#5534) 
* fileserver: Use EscapedPath for browse

Fix #5143

* Fixes if filter element is not present

* Remove extraneous line
 2023-05-15 10:48:05 -06:00
Matt Holt
96919acc9d caddyhttp: Refactor cert Managers (fix #5415) (#5533) 2023-05-15 10:47:30 -06:00