OrgGo
/
caddy
mirror of https://github.com/caddyserver/caddy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
788 Commits 30 Branches 138 Tags 28 MiB
Commit Graph

788 Commits

Author SHA1 Message Date
Matthew Holt 839507e24e
http: Consider wildcards when evaluating automatic HTTPS 2019-09-13 11:46:58 -06:00
Matthew Holt 833d67446f
admin: Allow listening on unix socket (closes #2749) 2019-09-13 11:24:07 -06:00
Matthew Holt d0c1756fc5
httpcaddyfile: Fix tls certificate loader module names (#2748) 2019-09-13 09:45:10 -06:00
Matthew Holt ed40a5dcab
tls: Do away with SetDefaults which did nothing useful 
CertMagic uses the same defaults for us
 2019-09-12 17:31:54 -06:00
Matthew Holt 7799554baa
go.mod: Use lego v3 and CertMagic 0.7.0 2019-09-12 17:31:10 -06:00
Matthew Holt 2cb01d43cf
tls: Remove support for TLS 1.0 and TLS 1.1 2019-09-11 22:26:06 -06:00
Matthew Holt 758269124e
reverseproxy: Fix host and port on requests; fix Caddyfile parser 2019-09-11 18:53:44 -06:00
Matthew Holt b4dce74e59
tls: Use Let's Encrypt production endpoint 
We're done testing this in staging
 2019-09-11 18:52:07 -06:00
Matthew Holt fe389fcbd7
http: Set Alt-Svc header if experimental HTTP3 server is enabled 2019-09-11 18:49:21 -06:00
Matthew Holt 005a11cf4b
headers: New 'request_header' directive; handle Host header specially 
Before this change, only response headers could be manipulated with the
Caddyfile's 'header' directive.

Also handle the request Host header specially, since the Go standard
library treats it separately from the other header fields...
 2019-09-11 18:48:37 -06:00
Matthew Holt 194df652eb
reverseproxy: Add 'tls' option to enable HTTPS with HTTP transport 2019-09-11 18:46:32 -06:00
Matthew Holt 53bbdf1766
httpcaddyfile: Add 'experimental_http3' option 2019-09-11 17:16:21 -06:00
Matthew Holt e48d83452e
httpcaddyfile: Switch order; reverse_proxy comes before php_fastcgi 2019-09-11 12:02:35 -06:00
Matthew Holt 2459c292a4
caddyfile: Improve Dispenser.NextBlock() to support nesting 2019-09-10 19:21:52 -06:00
Matthew Holt 0cf592fa2e
New 'php_fastcgi' directive for convenient PHP+FastCGI reverse proxy 2019-09-10 14:16:41 -06:00
Matthew Holt d9136fb0a0
rewrite: Caddyfile directive should always invoke a rehandle 
This is unless each route's matcher is dynamically executed after
previous handlers...
 2019-09-10 14:13:52 -06:00
Matthew Holt c32b7e8865
fastcgi: Make EnvVars a map instead of a slice 2019-09-10 14:12:51 -06:00
Matthew Holt 1ce10b453f
Require Go 1.13; use Go 1.13's default support for TLS 1.3 2019-09-10 13:11:27 -06:00
Matt Holt 0c8ad52be1
Experimental IETF-standard HTTP/3 support (known issue exists) (#2727) 
* Begin WIP integration of HTTP/3 support

* http3: Set actual Handler, make fakeClosePacketConn type for UDP sockets

Also use latest quic-go for ALPN fix

* Manually keep track of and close HTTP/3 listeners

* Update quic-go after working through some http3 bugs

* Fix go mod

* Make http3 optional for now
 2019-09-10 08:03:37 -06:00
Matthew Holt d67d8cf5a8
Fix build (sigh) 2019-09-10 07:15:36 -06:00
Matt Holt 44b7ce9850
Merge pull request #2737 from caddyserver/fastcgi (reverse proxy!) 
v2: Refactor reverse proxy and add FastCGI support
 2019-09-09 21:46:21 -06:00
Matthew Holt b4f4fcd437
Migrate some selection policy tests over to v2 2019-09-09 21:44:58 -06:00
Matthew Holt 50e62d06bc
reverse_proxy: Caddyfile integration (and fix blocks in Dispenser) 2019-09-09 12:23:27 -06:00
Matthew Holt 9169cd43d4
Log when auto HTTPS or auto HTTP->HTTPS redirects are disabled 2019-09-09 08:25:48 -06:00
Matthew Holt e12c62e60b
file_server: Enforce URL canonicalization (closes #2741) 2019-09-09 08:21:45 -06:00
Ingo Gottwald 3e9e7555ef Fix build (#2740) 
Build was broken with commit 50961ec.
 2019-09-07 14:25:04 -06:00
Matthew Holt f6126acf37
Header matchers: allow matching presence of header with empty list 2019-09-06 14:25:16 -06:00
Matthew Holt 97ace2a39e
File matcher enforces trailing-slash convention to match dirs/files 2019-09-06 13:32:02 -06:00
Matthew Holt 4bd9496525
Fix Schrodinger's file existence check in file matcher 
See: https://stackoverflow.com/a/12518877/1048862

For example, trying to check the existence of "/www/index.php/index.php"
fails but not with an os.IsNotExist()-type error. So we have to assume
that a file that cannot be successfully stat'ed at all does not exist.
 2019-09-06 12:57:12 -06:00
Matthew Holt 14f9662f9c
Various fixes/tweaks to HTTP placeholder variables and file matching 
- Rename http.var.* -> http.vars.* to be more consistent
- Prefixing a path matcher with * now invokes simple suffix matching
- Handlers and matchers that need a root path default to {http.vars.root}
- Clean replacer output on the file matcher's file selection suffix
 2019-09-06 12:36:45 -06:00
Matthew Holt 21d7b662e7
fastcgi: Use request context as base, not a new one 2019-09-06 12:02:11 -06:00
Matthew Holt 3ba9e143a2 cli: Fix run and start when no config file is available 2019-09-05 14:59:19 -06:00
Matthew Holt d2e46c2be0
fastcgi: Set default root path; add interface guards 2019-09-05 13:42:20 -06:00
Matthew Holt 80b54f3b9d
Add original URI to request context; implement into fastcgi env 2019-09-05 13:36:42 -06:00
Matthew Holt 0830fbad03
Reconcile upstream dial addresses and request host/URL information 
My goodness that was complicated

Blessed be request.Context

Sort of
 2019-09-05 13:14:39 -06:00
Matthew Holt a60d54dbfd
reverse_proxy: Ignore context.Canceled errors 
These happen when downstream clients cancel the request, but that's not
our problem nor a failure in our end
 2019-09-03 19:10:09 -06:00
Matthew Holt acb8f0e0c2
Integrate circuit breaker modules with reverse proxy 2019-09-03 19:06:54 -06:00
Matthew Holt 652460e03e
Some cleanup and godoc 2019-09-03 16:56:09 -06:00
Matthew Holt 4a1e1649bc
reverse_proxy: Implement remaining TLS config for proxy to backend 2019-09-03 15:26:09 -06:00
Matthew Holt ccfb12347b
reverse_proxy: Implement active health checks 2019-09-03 12:10:11 -06:00
Alexandre Stein 50961ecc77 Initial implementation of TLS client authentication (#2731) 
* Add support for client TLS authentication

Signed-off-by: Alexandre Stein <alexandre_stein@interlab-net.com>

* make and use client authentication struct

* force StrictSNIHost if TLSConnPolicies is not empty

* Implement leafs verification

* Fixes issue when using multiple verification

* applies the comments from maintainers

* Apply comment

* Refactor/cleanup initial TLS client auth implementation
 2019-09-03 09:35:36 -06:00
Matthew Holt 026df7c5cb
reverse_proxy: WIP refactor and support for FastCGI 2019-09-02 22:01:02 -06:00
Matthew Holt 8e821b5039
caddyconfig: Add JSON5 and JSON-C adapters (closes #2735) 2019-09-02 12:21:41 -06:00
Matthew Holt 9d8bff28c2
oops, also update the Caddyfile's {query} var to use query_string 2019-08-27 14:41:57 -06:00
Matthew Holt d242f10eda
Add query_string to HTTP replacer and use it for try_files 2019-08-27 14:38:24 -06:00
Ariel Núñez 2dc4fcc62b Fix caddyconfig import in admin.go (#2725) 2019-08-23 10:57:51 -06:00
Matthew Holt afd154119a
admin: Support config adapters at /load endpoint 
Based on Content-Type
 2019-08-22 14:52:39 -06:00
Matthew Holt e34ff21a71
caddyfile: Allow handler order to be customized 2019-08-22 14:26:33 -06:00
Matthew Holt af25f0254e
caddyfile: Support global config block; allow non-empty blocks w/ 0 keys 2019-08-22 13:38:37 -06:00
Mohammed Al Sahaf a0fd2b6c0a Fix SIV where /v2 was missing from caddyfile adapter work (#2721) 2019-08-22 12:26:48 -06:00