* caddy adapt for listen_protocols
* adapt listen_socket
* allow multiple listen sockets for port ranges and readd socket fd listen logic
* readd logic to start servers according to listener protocols
* gofmt
* adapt caddytest
* gosec
* fmt and rename listen to listenWithSocket
* fmt and rename listen to listenWithSocket
* more consistent error msg
* non unix listenReusableWithSocketFile
* remove unused func
* doc comment typo
* nonosec
* commit
* doc comments
* more doc comments
* comment was misleading, cardinality did not change
* addressesWithProtocols
* update test
* fd/ and fdgram/
* rm addr
* actually write...
* i guess we doin' "skip": now
* wrong var in placeholder
* wrong var in placeholder II
* update param name in comment
* dont save nil file pointers
* windows
* key -> parsedKey
* osx
* multiple default_bind with protocols
* check for h1 and h2 listener netw
By default Go 1.23 enables X25519Kyber768, a post-quantum key agreement
method that is enabled by default on Chrome. Go 1.23 does not expose
the CurveID, so we cannot add it by specifying it in CurvePreferences.
The reason is that X25519Kyber768 is a preliminary key agreement that
will be supplanted by X25519MLKEM768. For the moment there is value
in enabling it.
A consequence of this is that by default Caddy will enable support
for P-384 and P-521.
This PR also removes the special code to add support for X25519Kyber768
via the Cloudflare Go branch.
Cf #6540
* cmd: fix auto-detetction of .caddyfile extension
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* move conditions around and add clarifying comment
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* reject ambiguous config file name
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
---------
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
This can be helpful if editors only consider file extensions for certain features.
* added special case support for caddyfile suffix, case insensitive
* Update cmd/main.go
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* skip caddyfile adapter for registered file extensions
---------
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* Simplify variables for commands
* Add --envfile support for adapt command
* Carry custom status code for commands to os.Exit()
* cmd: add `-v` and `--version` to root caddy command
* Add `--envfile` to `caddy environ`, extract flag parsing to func
---------
Co-authored-by: Mohammed Al Sahaf <msaa1990@gmail.com>
* use gofmput to format code
* use gci to format imports
* reconfigure gci
* linter autofixes
* rearrange imports a little
* export GOOS=windows golangci-lint run ./... --fix
* cmd: fix cli when admin endpoint uses new unix socket permission format
Fixes a bug where the following Caddyfile
```Caddyfile
{
admin unix/admin.sock|0660
}
```
and `caddy reload --config Caddyfile`
would throw the following error instead of reloading it:
```
INFO using provided configuration {"config_file": "Caddyfile", "config_adapter": ""}
Error: sending configuration to instance: performing request: Post "http://127.0.0.1/load": dial unix admin.sock|0660: connect: no such file or directory
[ERROR] exit status 1
```
---
This bug also affected `caddy start` and `caddy stop`.
* Move splitter function to internal
---------
Co-authored-by: Matthew Holt <mholt@users.noreply.github.com>
* cmd: Implement 'storage import' and 'storage export' CLI commands.
These commands use the certmagic.Storage interface. In particular,
storage implementations should ensure that their List() functions
correctly enumerate all keys when called with an empty prefix and
recursive == true. Also, Stat() calls on keys holding values instead
of nested keys are expected to set KeyInfo.IsTerminal = true.
* remove errors.Join
* cmd: Expand cobra support
* Convert commands to cobra, add short flags
* Fix version command typo
Co-authored-by: Emily Lange <git@indeednotjames.com>
* Apply suggestions from code review
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
---------
Co-authored-by: Emily Lange <git@indeednotjames.com>
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
* reverseproxy: Mask the WS close message when we're the client
* weakrand
* Bump golangci-lint version so path ignores work on Windows
* gofmt
* ugh, gofmt everything, I guess
Mohammed Al Sahaf