OrgGo
/
caddy
mirror of https://github.com/caddyserver/caddy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,116 Commits 30 Branches 138 Tags 28 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Ranveer Avhad e6f46c8d78
acmeserver: Add `sign_with_root` for Caddyfile (#6345) 
* Added sign_with_root option available in the Caddyfile

* Added tests for sign_with_root to validate the adapted JSON config
 2024-05-27 20:06:54 -04:00
Mohammed Al Sahaf 931656bd68
acmeserver: add policy field to define allow/deny rules (#5796) 
* acmeserver: support specifying the allowed challenge types

* add caddyfile adapt tests

* acmeserver: add `policy` field to define allow/deny rules

* allow `omitempty` to work

* add caddyfile support for `policy`

* remove "uri domain" policy

* fmt the files

* add docs

* do not support `CommonName`; the field is deprecated

* r/DNSDomains/Domains/g

* Caddyfile docs

* add tests

* move `Policy` to top of file
 2024-02-24 02:26:00 +03:00
Mohammed Al Sahaf e1aa862e6a
acmeserver: support specifying the allowed challenge types (#5794) 
* acmeserver: support specifying the allowed challenge types

* add caddyfile adapt tests

* introduce basic acme_server test

* skip acme test on unsuitable environments

* skip integration tests of ACME

* documentation

* add negative-scenario test for mismatched allowed challenges

* a bit more docs

* fix tests for ACME challenges

* appease the linter

* skip ACME tests on s390x

* enable ACME challenge tests on all machines

* Apply suggestions from code review

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2024-02-08 11:42:03 +03:00
Francis Lavoie 750d0b8331
caddyfile: Normalize & flatten all unmarshalers (#6037) 2024-01-23 19:36:59 -05:00
Francis Lavoie 3f20a7c9f3
acmeserver: Configurable `resolvers`, fix smallstep deprecations (#5500) 
* acmeserver: Configurable `resolvers`, fix smallstep deprecations

* Improve default net/port

* Update proxy resolvers parsing to use the new function

* Update listeners.go

Co-authored-by: itsxaos <33079230+itsxaos@users.noreply.github.com>

---------

Co-authored-by: itsxaos <33079230+itsxaos@users.noreply.github.com>
 2023-05-03 17:07:22 +00:00
Kyle McCullough bfaf2a8201
acme_server: Configurable default lifetime for issued certificates (#5232) 
* acme_server: add certificate lifetime configuration option

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>

* pki: allow intermediate cert lifetime to be configured

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>

Signed-off-by: Kyle McCullough <kylemcc@gmail.com>
 2022-12-06 00:12:26 -07:00
Francis Lavoie ee7c92ec9b
reverseproxy: Mask the WS close message when we're the client (#5199) 
* reverseproxy: Mask the WS close message when we're the client

* weakrand

* Bump golangci-lint version so path ignores work on Windows

* gofmt

* ugh, gofmt everything, I guess
 2022-11-14 09:38:02 -07:00
Matthew Holt bf50d7010a
acmeserver: Support custom CAs from Caddyfile 
The HTTP Caddyfile adapter can now configure the PKI app, and the acme_server directive can now be used to specify a custom CA used for issuing certificates. More customization options can follow later as needed.
 2021-02-02 17:23:52 -07:00
Matthew Holt a285fe4129
caddypki: Add 'acme_server' Caddyfile directive 2020-06-03 09:59:36 -06:00