mirror/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-12-23 15:49:44 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,411 Commits 31 Branches 148 Tags
master
Commit Graph

2411 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marten Seemann
5640611dfc chore: update quic-go to v0.58.0 (#7404) 2025-12-21 12:09:55 +03:00
Francis Lavoie
decc8a4d6f logging: log_append Early option, Supports {http.response.body} (#7368) 
* logging: `log_append` early option

* logging: `log_append` supports `{http.response.body}`

* Convenience auto-early for request body
 2025-12-16 23:42:42 -05:00
Will Norris
34fd2dfcff go.mod: update tscert package to latest (aea342f6) (#7397) 2025-12-16 10:38:32 -05:00
Francis Lavoie
4037d05760 caddyhttp: {http.request.body_base64} placeholder (#7367) 2025-12-13 21:01:12 -07:00
EINIER FREYRE CORONA
409a072135 notify: implement windows service status and error notifications (#7389) 
* implement service status and error notifications

* adjust return of Error function

* configure accepts on status

* align windows with linux semantics
 2025-12-12 07:56:30 -05:00
Paul B
6a4296b1a4 caddytls: panic when using tls.ca_pool.source.http -> tls.ca (#7393) 2025-12-11 19:27:15 +00:00
Matt Holt
3c9c67e804 caddytls: ECH key rotation (#7356) 
* caddytls: ECH key rotation

* Stop rotation goroutine on config unload

* Publish ECH keys after rotating
 2025-12-10 11:50:35 -07:00
Kévin Dunglas
598b08f9ae test: mark Assert* functions as test helpers (#7380) 2025-12-08 22:32:00 +00:00
okrc
374b7a637f caddytls: fix preferred chains options by appending values instead of replacing (#7387) 2025-12-07 16:19:01 +00:00
WeidiDeng
6e0cbd0fa0 caddyhttp: create a placeholder for and log ech status (#7328) 
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2025-12-07 16:01:58 +00:00
Steffen Busch
bfdb04912d docs: add maybe template function documentation (#7388) 2025-12-06 06:51:28 -05:00
vnxme
31960dc998 Introduce packet conn wrappers (#7180) 
* packet_conn_wrappers: Initial changes

* packet_conn_wrappers: Unwrap a packet conn only if there are no wrappers

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2025-12-04 14:15:56 -07:00
Francis Lavoie
be5f49fbeb caddyhttp: Fix logging on wildcard sites when SkipUnmappedHosts is true (#7372) 2025-12-03 18:46:11 +00:00
Herman Slatman
7ebe72bbfe caddypki: Add support for multiple intermediates in signing chain (#7057) 
* caddypki: Add support for multiple intermediates in signing chain

* Move intermediate lifetime configuration check

In #7272 a check was changed to ensure that generated intermediate
certificates would always use a lifetime that falls within the
lifetime of the root. However, when a root and intermediate(s)
are supplied, the configuration value was being used instead of
the actual lifetimes of the certificates. The check was moved to
only be performed when an intermediate is generated; not when
loaded from disk.

* Add tests for `pemDecodeCertificateChain` and `pemDecodeCertificate`

* Use `crypto.Signer` instead of `any` in appropriate places

* Use latest Smallstep packages

---------

Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2025-12-03 11:30:00 -07:00
dependabot[bot]
8a87bb3ffb build(deps): bump github.com/smallstep/certificates (#7381) 
Bumps [github.com/smallstep/certificates](https://github.com/smallstep/certificates) from 0.28.4 to 0.29.0.
- [Release notes](https://github.com/smallstep/certificates/releases)
- [Changelog](https://github.com/smallstep/certificates/blob/master/CHANGELOG.md)
- [Commits](https://github.com/smallstep/certificates/compare/v0.28.4...v0.29.0)

---
updated-dependencies:
- dependency-name: github.com/smallstep/certificates
  dependency-version: 0.29.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-03 10:45:18 -07:00
Mohammed Al Sahaf
df9386fa12 ci: escape backticks in changelogs embedded in JS (#7382) 
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
v2.11.0-beta.1 		2025-12-03 16:40:31 +00:00
dependabot[bot]
786d537877 build(deps): bump the all-updates group with 3 updates (#7376) 
Bumps the all-updates group with 3 updates: [github.com/klauspost/compress](https://github.com/klauspost/compress), [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go) and [go.uber.org/zap](https://github.com/uber-go/zap).


Updates `github.com/klauspost/compress` from 1.18.1 to 1.18.2
- [Release notes](https://github.com/klauspost/compress/releases)
- [Commits](https://github.com/klauspost/compress/compare/v1.18.1...v1.18.2)

Updates `github.com/quic-go/quic-go` from 0.57.0 to 0.57.1
- [Release notes](https://github.com/quic-go/quic-go/releases)
- [Commits](https://github.com/quic-go/quic-go/compare/v0.57.0...v0.57.1)

Updates `go.uber.org/zap` from 1.27.0 to 1.27.1
- [Release notes](https://github.com/uber-go/zap/releases)
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber-go/zap/compare/v1.27.0...v1.27.1)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: github.com/quic-go/quic-go
  dependency-version: 0.57.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: go.uber.org/zap
  dependency-version: 1.27.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-02 10:32:58 +03:00
Petr
67a9e0657e reverseproxy: Fix retries for requests with bodies (#7360) 
* capture the buffered body once, then reset clonedReq.Body before each retry

* no copy

* keep receiver name

* set the buf to nil after extraction and only return it to pool if not nil

---------

Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
 2025-11-24 12:03:18 -07:00
ledigang
2cb426776c encode: modernize, replace HasSuffix+TrimSuffix with CutSuffix (#7357) 
Signed-off-by: ledigang <shuangcui@msn.com>
 2025-11-21 15:30:26 -07:00
Marten Seemann
b9e6f3b227 update quic-go to v0.57.0 (#7359) 2025-11-21 14:46:47 +03:00
dependabot[bot]
eead249382 build(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 (#7355) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.43.0 to 0.45.0.
- [Commits](https://github.com/golang/crypto/compare/v0.43.0...v0.45.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-19 20:55:13 -07:00
WeidiDeng
a6da1acdc8 reverse_proxy: use interfaces to modify the behaviors of the transports (#7353) 2025-11-17 09:51:37 -07:00
Mohammed Al Sahaf
56282c5737 ci: implement new release flow (#7341) 
* ci: implement new release flow

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* remove redundant validation

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* extract key sha

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* pin github-scripts

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* switch to PR-based flow

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* don't use top-level permissions

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* restricted global perms + specific local perms

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* make PR draft

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
 2025-11-14 14:55:30 -07:00
Kévin Dunglas
b3f2db233b core: custom slog handlers for modules (log contextual data) (#7346) 2025-11-12 13:29:47 -07:00
dependabot[bot]
07d2aaf22e build(deps): bump the all-updates group with 4 updates (#7333) 
Bumps the all-updates group with 4 updates: [github.com/DeRuina/timberjack](https://github.com/DeRuina/timberjack), [github.com/KimMachineGun/automemlimit](https://github.com/KimMachineGun/automemlimit), [github.com/klauspost/compress](https://github.com/klauspost/compress) and [go.step.sm/crypto](https://github.com/smallstep/crypto).


Updates `github.com/DeRuina/timberjack` from 1.3.8 to 1.3.9
- [Release notes](https://github.com/DeRuina/timberjack/releases)
- [Changelog](https://github.com/DeRuina/timberjack/blob/main/CHANGELOG.md)
- [Commits](https://github.com/DeRuina/timberjack/compare/v1.3.8...v1.3.9)

Updates `github.com/KimMachineGun/automemlimit` from 0.7.4 to 0.7.5
- [Release notes](https://github.com/KimMachineGun/automemlimit/releases)
- [Commits](https://github.com/KimMachineGun/automemlimit/compare/v0.7.4...v0.7.5)

Updates `github.com/klauspost/compress` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.18.0...v1.18.1)

Updates `go.step.sm/crypto` from 0.72.0 to 0.73.0
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.72.0...v0.73.0)

---
updated-dependencies:
- dependency-name: github.com/DeRuina/timberjack
  dependency-version: 1.3.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: github.com/KimMachineGun/automemlimit
  dependency-version: 0.7.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: github.com/klauspost/compress
  dependency-version: 1.18.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: go.step.sm/crypto
  dependency-version: 0.73.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-08 11:13:16 +03:00
Marten Seemann
f2199d48b2 chore: update quic-go to v0.56.0, enable qlog for HTTP/3 (#7345) 2025-11-08 00:41:15 -05:00
Kévin Dunglas
8285eba842 caddyhttp: allow customizing the Server header (#7338) 2025-11-03 21:00:27 -07:00
Cooper de Nicola
895b56063a chore: fix golangci-lint error G602 in caddyhttp (#7334) 2025-11-03 03:04:55 +00:00
Mohammed Al Sahaf
ddec1838b3 caddytls: correct documentation of LeafFolderLoader (#7327) 
* caddytls: correct documentation of `LeafFolderLoader`

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

* fmt...

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>

---------

Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
 2025-11-01 18:29:55 +03:00
Ted
92c8bc7322 caddyfile: fix nested quotes formatted incorrectly by fmt (#7045) 
* Fix incorrectly formatted quote within quotes with fmt

* Fix incorrectly formatted quote within quotes with fmt
 2025-10-27 16:13:47 -06:00
WeidiDeng
abe0acabb6 reverseproxy: set default values for keepalive if only some of them are set (#7318) 2025-10-25 05:15:55 -04:00
Philipp Keidel
b54e870b26 tracing: switch to autoexport for OpenTelemetry span exporter (#7317) 2025-10-23 17:54:50 -06:00
dependabot[bot]
6d90c7707d build(deps): bump github.com/slackhq/nebula from 1.9.5 to 1.9.7 (#7315) 
Bumps [github.com/slackhq/nebula](https://github.com/slackhq/nebula) from 1.9.5 to 1.9.7.
- [Release notes](https://github.com/slackhq/nebula/releases)
- [Changelog](https://github.com/slackhq/nebula/blob/v1.9.7/CHANGELOG.md)
- [Commits](https://github.com/slackhq/nebula/compare/v1.9.5...v1.9.7)

---
updated-dependencies:
- dependency-name: github.com/slackhq/nebula
  dependency-version: 1.9.7
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-23 11:37:02 -06:00
dependabot[bot]
cd1c203777 build(deps): bump the all-updates group across 1 directory with 2 updates (#7307) 
Bumps the all-updates group with 2 updates in the / directory: [github.com/spf13/pflag](https://github.com/spf13/pflag) and [go.step.sm/crypto](https://github.com/smallstep/crypto).


Updates `github.com/spf13/pflag` from 1.0.9 to 1.0.10
- [Release notes](https://github.com/spf13/pflag/releases)
- [Commits](https://github.com/spf13/pflag/compare/v1.0.9...v1.0.10)

Updates `go.step.sm/crypto` from 0.70.0 to 0.72.0
- [Release notes](https://github.com/smallstep/crypto/releases)
- [Commits](https://github.com/smallstep/crypto/compare/v0.70.0...v0.72.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/pflag
  dependency-version: 1.0.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-updates
- dependency-name: go.step.sm/crypto
  dependency-version: 0.72.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-21 22:32:36 -06:00
wyrapeseed
57587ed18e refactor: use reflect.TypeFor (#7313) 
Signed-off-by: wyrapeseed <wyrapeseed@outlook.com>
 2025-10-21 13:26:30 -06:00
WeidiDeng
1e21b660c4 reverseproxy: use http.Protocols to handle h2c requests (#6990) 2025-10-21 16:05:43 +00:00
Mohammed Al Sahaf
595aab8bc0 metrics: resolve per-host inifinite cardinality (#7306) 2025-10-21 06:06:56 +00:00
WeidiDeng
8aca108d2c reverseproxy: do not disable keepalive if proxy protocol is used (#7300) 2025-10-21 05:09:37 +00:00
Pavel
156ce99d3a listeners: Add support for named socket activation (#7243) 2025-10-21 04:55:42 +00:00
WeidiDeng
a7885aabec intercept: use already buffered response if possible when intercepting (#7028) 2025-10-21 04:48:07 +00:00
Bashayer Alrumahi
f5f25d845a logging: fix multiple regexp filters on same field (fixes #7049) (#7061) 
* logging: fix multiple regexp filters on same field (fixes #7049)

* fix: add proper error handling in MultiRegexpFilter tests

* fix: resolve linter and test issues - Fix GCI import formatting issues - Fix MultiRegexpFilter input size limit test by ensuring output doesn't exceed max length after each operation - All tests now pass and linter issues resolved

* fix: update integration test for proper JSON encoding - Fix expected JSON output to use Unicode escape sequence for ampersand character - Integration tests now pass
 2025-10-16 05:08:53 +00:00
WeidiDeng
1ce2a13ad1 caddyhttp: wrap accepted connection to suppress tls.ConnectionState (#7247) 2025-10-16 03:13:40 +00:00
Chris Seufert
d7185fd002 caddyhttp: Add trusted_proxies_unix for trusting unix socket X-Forwarded-* headers (#7265) 2025-10-16 02:47:32 +00:00
Anthony Biondo
7fb39ec1e5 reverseproxy: Use http1.1 upgrade for websocket for extended connect of http2 and http3 (#7305) 
Co-authored-by: WeidiDeng <weidi_deng@icloud.com>
 2025-10-16 02:20:20 +00:00
aeris
10ac7da037 logging: Switch from lumberjack to timberjack, add time-rolling options (#7244) 
Co-authored-by: Francis Lavoie <lavofr@gmail.com>
 2025-10-15 17:11:10 -04:00
wyrapeseed
d115cd1042 chore: fix some comments (#7303) 2025-10-15 03:58:53 +00:00
joshuamcbeth
de6b78009b caddyhttp: Add server options keepalive_idle and keepalive_count (#7298) 
* Add Server options KeepAliveIdle (keepalive_idle) and KeepAliveCount (keepalive_count)

Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>

* Add Server option KeepAliveDisable (keepalive_disable)

Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>

* Remove Server option KeepAliveDisable (keepalive_disable), disable when interval is negative

Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>

* Add keepalive parameters to caddyfiletest

Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>

---------

Signed-off-by: Joshua McBeth <joshua.mcbeth@gmail.com>
 2025-10-14 12:03:23 -06:00
WeidiDeng
2ec28bca43 reverse_proxy: use http1 for outbound tls requests with placeholder that are likely websockets (#7296) 2025-10-09 10:36:49 -06:00
Marten Seemann
178294e9d7 chore: Update quic-go to v0.55.0 (#7288) 
Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
 2025-10-06 19:43:28 -04:00
GreyXor
13a4ec7597 basicauth: Implement argon2id (#7186) 
* feat: add argon2id hash-password command

* feat: ardon2id owasp safe value

* feat: add argon2id compare method

* chore: fmt argon2id

* docs: more argon2id docs

* chore: upgrade x/crypto dep

* revert: remove golangci

* refactor: argon2id decode

* chore: update deps

* refactor: simplify argon2id compare return

* chore: upgrade dependencies

* chore: upgrade dependencies
 2025-10-06 17:27:06 -06:00