Commit Graph

23 Commits

Author SHA256 Message Date
af464b31f6 Accepting request 1132018 from home:jfkw:branches:server:http
- Update to version 2.7.6:
  * caddytls: Sync distributed storage cleaning (#5940)
  * caddytls: Context to DecisionFunc (#5923)
  * tls: accept placeholders in string values of certificate loaders (#5963)
  * templates: Offically make templates extensible (#5939)
  * http2 uses new round-robin scheduler (#5946)
  * panic when reading from backend failed to propagate stream error (#5952)
  * chore: Bump otel to v1.21.0. (#5949)
  * httpredirectlistener: Only set read limit for when request is HTTP (#5917)
  * fileserver: Add .m4v for browse template icon
  * Revert "caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)" (#5924)
  * go.mod: update quic-go version to v0.40.0 (#5922)
  * update quic-go to v0.39.3 (#5918)
  * chore: Fix usage pool comment (#5916)
  * test: acmeserver: add smoke test for the ACME server directory (#5914)
  * Upgrade acmeserver to github.com/go-chi/chi/v5 (#5913)
  * caddyhttp: Adjust `scheme` placeholder docs (#5910)
  * go.mod: Upgrade quic-go to v0.39.1
  * go.mod: CVE-2023-45142 Update opentelemetry (#5908)
  * templates: Delete headers on `httpError` to reset to clean slate (#5905)
  * httpcaddyfile: Remove port from logger names (#5881)
  * core: Apply SO_REUSEPORT to UDP sockets (#5725)
  * caddyhttp: Use sync.Pool to reduce lengthReader allocations (#5848)
  * cmd: Add newline character to version string in CLI output (#5895)
  * core: quic listener will manage the underlying socket by itself (#5749)
  * templates: Clarify `include` args docs, add `.ClientIP` (#5898)
  * httpcaddyfile: Fix TLS automation policy merging with get_certificate (#5896)
  * cmd: upgrade: resolve symlink of the executable (#5891)
  * caddyfile: Fix variadic placeholder false positive when token contains `:` (#5883)

OBS-URL: https://build.opensuse.org/request/show/1132018
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=39
2023-12-08 12:47:48 +00:00
Jeff Kowalczyk
efd9e4a0e2 Accepting request 1117725 from home:jfkw:branches:server:http
- Update to version 2.7.5:
  * admin: Respond with 4xx on non-existing config path (#5870)
  * ci: Force the Go version for govulncheck (#5879)
  * fileserver: Set canonical URL on browse template (#5867)
  * tls: Add X25519Kyber768Draft00 PQ "curve" behind build tag (#5852)
  * reverseproxy: Add more debug logs (#5793)
  * reverseproxy: Fix `least_conn` policy regression (#5862)
  * reverseproxy: Add logging for dynamic A upstreams (#5857)
  * reverseproxy: Replace health header placeholders (#5861)
  * httpcaddyfile: Sort TLS SNI matcher for deterministic JSON output (#5860)
  * cmd: Fix exiting with custom status code, add `caddy -v` (#5874)
  * reverseproxy: fix parsing Caddyfile fails for unlimited request/response buffers (#5828)
  * reverseproxy: Fix retries on "upstreams unavailable" error (#5841)
  * httpcaddyfile: Enable TLS for catch-all site if `tls` directive is specified (#5808)
  * encode: Add `application/wasm*` to the default content types (#5869)
  * fileserver: Add command shortcuts `-l` and `-a` (#5854)
  * go.mod: Upgrade dependencies incl. x/net/http
  * templates: Add dummy `RemoteAddr` to `httpInclude` request, proxy compatibility (#5845)
  * reverseproxy: Allow fallthrough for response handlers without routes (#5780)
  * fix: caddytest.AssertResponseCode error message (#5853)
  * build(deps): bump goreleaser/goreleaser-action from 4 to 5 (#5847)
  * build(deps): bump actions/checkout from 3 to 4 (#5846)
  * caddyhttp: Use LimitedReader for HTTPRedirectListener
  * fileserver: browse template SVG icons and UI tweaks (#5812)
  * reverseproxy: fix nil pointer dereference in AUpstreams.GetUpstreams (#5811)
  * httpcaddyfile: fix placeholder shorthands in named routes (#5791)
  * cmd: Prevent overwriting existing env vars with `--envfile` (#5803)
  * ci: Run govulncheck (#5790)
  * logging: query filter for array of strings (#5779)
  * logging: Clone array on log filters, prevent side-effects (#5786)

OBS-URL: https://build.opensuse.org/request/show/1117725
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=37
2023-10-13 22:25:44 +00:00
b5bdf64e5e Accepting request 1113034 from home:avicenzi:branches:server:http
Switch to sysusers

OBS-URL: https://build.opensuse.org/request/show/1113034
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=35
2023-09-22 14:48:31 +00:00
cd383d9776 Accepting request 1112835 from home:avicenzi:branches:server:http
Fix build

OBS-URL: https://build.opensuse.org/request/show/1112835
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=34
2023-09-21 15:04:52 +00:00
Jeff Kowalczyk
e72a770b11 Accepting request 1104490 from home:jfkw:branches:server:http
- Update to version 2.7.4:
  * go.mod: Upgrade CertMagic and quic-go
  * reverseproxy: Always return new upstreams (fix #5736) (#5752)
  * ci: use gci linter (#5708)
  * fileserver: Slightly more fitting icons
  * cmd: Require config for caddy validate (fix #5612) (#5614)
  * Fix tests
  * caddytls: Update docs for on-demand config
  * fileserver: Don't repeat error for invalid method inside error context (#5705)
  * ci: Update to Go 1.21 (#5719)
  * ci: Add riscv64 (64-bit RISC-V) to goreleaser (#5720)
  * go.mod: Upgrade golang.org/x/net to 0.14.0 (#5718)
  * ci: Use gofumpt to format code (#5707)
  * templates: Fix httpInclude (fix #5698)

- Use _service mode manual as better alias name than disabled
  * osc reports service mode disabled as obsolete

OBS-URL: https://build.opensuse.org/request/show/1104490
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=32
2023-08-17 23:03:49 +00:00
Jeff Kowalczyk
fe3ef016c5 Accepting request 1102520 from home:jfkw:branches:server:http
- Update to version 2.7.3:
  * go.mod: Upgrade to quic-go v0.37.3
  * cmd: Split unix sockets for admin endpoint addresses (#5696)
  * reverseproxy: do not parse upstream address too early if it contains replaceble parts (#5695)
  * caddyfile: check that matched key is not a substring of the replacement key (#5685)
  * chore: use `--clean` instead of `--rm-dist` for goreleaser (#5691)
  * go.mod: Upgrade quic-go to v0.37.2 (fix  #5680)
  * fileserver: browse: Render SVG images in grid

OBS-URL: https://build.opensuse.org/request/show/1102520
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=30
2023-08-06 01:51:12 +00:00
Jeff Kowalczyk
5b2bfe8910 Accepting request 1102430 from home:elimat:branches:server:http
- Update to version 2.7.2:
  * reverseproxy: Fix hijack ordering which broke websockets (#5679)
  * httpcaddyfile: Fix `string does not match ~[]E` error (#5675)
  * encode: Fix infinite recursion (#5672)
  * caddyhttp: Make use of `http.ResponseController` (#5654)
  * go.mod: Upgrade dependencies esp. smallstep/certificates
  * core: Allow loopback hosts for admin endpoint (fix #5650) (#5664)
  * httpcaddyfile: Allow `hostnames` & logger name overrides for log directive (#5643)
  * reverseproxy: Connection termination cleanup (#5663)
  * go.mod: Use quic-go 0.37.1
  * reverseproxy: Export ipVersions type (#5648)
  * go.mod: Use latest CertMagic (v0.19.1)
  * caddyhttp: Preserve original error (fix #5652)
  * fileserver: add lazy image loading (#5646)
  * go.mod: Update quic-go to v0.37.0, bump to Go 1.20 minimum (#5644)
  * core: Refine mutex during reloads (fix #5628) (#5645)
  * go.mod: update quic-go to v0.36.2 (#5636)
  * fileserver: Tweak grid view of browse template
  * fileserver: add `export-template` sub-command to `file-server` (#5630)
  * caddyfile: Fix comparing if two tokens are on the same line (#5626)
  * caddytls: Reuse certificate cache through reloads (#5623)
  * Minor tweaks to security.md
  * reverseproxy: Pointer receiver
  * caddyhttp: Trim dot/space only on Windows (fix #5613)
  * update quic-go to v0.36.1 (#5611)
  * caddyconfig: Specify config adapter for HTTP loader (close #5607)
  * core: Embed net.UDPConn to gain optimizations (#5606)
  * chore: remove deprecated property `rlcp` in goreleaser config (#5608)
  * core: Skip `chmod` for abstract unix sockets (#5596)
  * core: Add optional unix socket file permissions (#4741)
  * reverseproxy: Honor `tls_except_port` for active health checks (#5591)
  * Appease linter
  * Fix compile on Windows, hopefully
  * core: Properly preserve unix sockets (fix  #5568)
  * go.mod: Upgrade CertMagic for hotfix
  * go.mod: Upgrade some dependencies
  * chore: upgrade otel (#5586)
  * go.mod: Update quic-go to v0.36.0 (#5584)
  * reverseproxy: weighted_round_robin load balancing policy (#5579)
  * reverseproxy: Experimental streaming timeouts (#5567)
  * chore: remove refs of deprecated io/ioutil (#5576)
  * headers: Allow `>` to defer shortcut for replacements (#5574)
  * caddyhttp: Support custom network for HTTP/3 (#5573)
  * reverseproxy: Fix parsing of source IP in case it's an ipv6 address (#5569)
  * fileserver: browse: Better grid layout (#5564)
  * caddytls: Clarify some JSON config docs
  * cmd: Implement storage import/export (#5532)
  * go.mod: Upgrade quic-go to 0.35.1
  * update quic-go to v0.35.0 (#5560)
  * templates: Add `readFile` action that does not evaluate templates (#5553)
  * caddyfile: Track import name instead of modifying filename (#5540)
  * core: Use SO_REUSEPORT_LB on FreeBSD (#5554)
  * caddyfile: Do not replace import tokens if they are part of a snippet (#5539)
  * fileserver: Don't set Etag if mtime is 0 or 1 (close #5548) (#5550)
  * fileserver: browse: minor tweaks for grid view, dark mode (#5545)
  * fileserver: Only set Etag if not already set (fix #5546) (#5547)
  * fileserver: Fix file browser breadcrumb font (#5543)
  * caddyhttp: Fix h3 shutdown (#5541)
  * fileserver: More filetypes for browse icons
  * fileserver: Fix file browser footer in grid mode (#5536)
  * cmd: Avoid spammy log messages (fix #5538)
  * httpcaddyfile: Sort Caddyfile slice
  * caddyhttp: Implement named routes, `invoke` directive (#5107)
  * rewrite: use escaped path, fix #5278 (#5504)
  * headers: Add > Caddyfile shortcut for enabling defer (#5535)
  * go.mod: Upgrade several dependencies
  * reverseproxy: Expand port ranges to multiple upstreams in CLI + Caddyfile (#5494)
  * fileserver: Use EscapedPath for browse (#5534)
  * caddyhttp: Refactor cert Managers (fix #5415) (#5533)
  * Slightly more helpful error message
  * caddytls: Check for nil ALPN; close #5470 (#5473)
  * cmd: Reduce spammy logs from --watch
  * caddyhttp: Add a getter for Server.name (#5531)
  * caddytls: Configurable fallback SNI (#5527)
  * caddyhttp: Update quic's TLS configs after reload (#5517) (fix #4849)
  * Add doc comment about changing admin endpoint
  * feature: watch include directory (#5521)
  * chore: remove deprecated linters (#5525)
  * go.mod: Upgrade CertMagic again
  * go.mod: Upgrade CertMagic
  * reverseproxy: Optimize base case for least_conn and random_choose policies (#5487)
  * reverseproxy: Fix active health check header canonicalization, refactor (#5446)
  * reverseproxy: Add `fallback` for some policies, instead of always random (#5488)
  * logging: Actually honor the SoftStart parameter
  * logging: Soft start for net writer (close #5520)
  * fastcgi: Fix `capture_stderr` (#5515)
  * acmeserver: Configurable `resolvers`, fix smallstep deprecations (#5500)
  * go.mod: Update some dependencies
  * logging: Add traceID field to access logs when tracing is active (#5507)
  * caddyhttp: Impl `ResponseWriter.Unwrap()`, prep for Go 1.20's `ResponseController` (#5509)
  * reverseproxy: Fix reinitialize upstream healthy metrics (#5498)
  * fix some comments (#5508)
  * templates: Add `fileStat` function (#5497)
  * caddyfile: Stricter parsing, error for brace on new line (#5505)
  * core: Return default logger if no modules loaded
  * celmatcher: Implement `pkix.Name` conversion to string (#5492)
  * chore: Adjustments to CI caching (#5495)
  * reverseproxy: Remove deprecated `lookup_srv` (#5396)
  * cmd: Support `'` quotes in envfile parsing (#5437)
  * Update contributing guidelines (#5466)
  * caddyhttp: Serve http2 when listener wrapper doesn't return *tls.Conn (#4929)
  * reverseproxy: Add `query` and `client_ip_hash` lb policies (#5468)
  * cmd: Create pidfile before config load (close #5477)
  * fileserver: Add color-scheme meta tag (#5475)
  * build(deps): bump actions/setup-go from 3 to 4 (#5474)
  * proxyprotocol: Add PROXY protocol support to `reverse_proxy`, add HTTP listener wrapper (#5424)
  * reverseproxy: Add mention of which half a copyBuffer err comes from (#5472)
  * caddyhttp: Log request body bytes read (#5461)
  * log: Make sink logs encodable (#5441)
  * caddytls: Eval replacer on automation policy subjects (#5459)
  * headers: Support deleting all headers as first op (#5464)
  * replacer: Add HTTP time format (#5458)
  * reverseproxy: Header up/down support for CLI command (#5460)
  * caddyhttp: Determine real client IP if trusted proxies configured (#5104)
  * httpcaddyfile: Adjust path matcher sorting to solve for specificity (#5462)
  * caddytls: Zero out throttle window first (#5443)
  * ci: add `--yes` to cosign arguments (#5440)
  * reverseproxy: Reset Content-Length to prevent FastCGI from hanging (#5435)
  * caddytls: Allow on-demand w/o ask for internal-only
  * caddytls: Require 'ask' endpoint for on-demand TLS
  * fileserver: New file browse template (#5427)
  * go.mod: Upgrade dependencies
  * tracing: Support autoprop from OTEL_PROPAGATORS (#5147)
  * caddyhttp: Enable 0-RTT QUIC (#5425)
  * encode: flush status code when hijacked. (#5419)
  * fileserver: Remove trailing slash on fs filenames (#5417)
  * core: Eliminate unnecessary shutdown delay on Unix (#5413)
  * caddyhttp: Fix `vars_regexp` matcher with placeholders (#5408)
  * context: Rename func to `AppIfConfigured` (#5397)
  * reverseproxy: allow specifying ip version for dynamic `a` upstream (#5401)
  * ci/cd: ship tarballs with vendored deps (#5403)
  * caddyfile: Fix heredoc fuzz crasher, drop trailing newline (#5404)
  * caddyfile: Implement heredoc support (#5385)
  * cmd: Expand cobra support, add short flags (#5379)
  * ci: Update minimum Go version to 1.19
  * go.mod: Upgrade quic-go to v0.33.0 (Go 1.19 min)
  * reverseproxy: refactor HTTP transport layer (#5369)
  * caddytls: Relax the warning for on-demand (#5384)
  * cmd: Strict unmarshal for validate (#5383)
  * caddyfile: Implement variadics for import args placeholders (#5249)
  * cmd: make `caddy fmt` hints more clear (#5378)
  * cmd: Adjust documentation for commands (#5377)
- BuildRequires: golang(API) >= 1.20 for guic-go bump

OBS-URL: https://build.opensuse.org/request/show/1102430
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=28
2023-08-04 19:43:00 +00:00
95c727aa17 Accepting request 1083782 from home:jfkw:branches:server:http
- Update to version 2.6.4:
  * go.mod: Upgrade acmez and x/net
  * reverseproxy: Don't buffer chunked requests (fix #5366) (#5367)
- Fix failing build on SLE-12 by defining _sharedstatedir /var/lib
  on SLE-12 consistent with SLE-15, openSUSE and upstream RPM docs.

OBS-URL: https://build.opensuse.org/request/show/1083782
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=26
2023-05-02 08:12:23 +00:00
febd84ebc0 Accepting request 1063988 from home:avicenzi:branches:server:http
Update to version 2.6.3

Fix CVE-2022-41721 (boo#1207207)

OBS-URL: https://build.opensuse.org/request/show/1063988
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=24
2023-02-09 11:16:56 +00:00
0638af3d06 Accepting request 1010537 from home:jfkw:branches:server:http
- Update to version 2.6.2:

OBS-URL: https://build.opensuse.org/request/show/1010537
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=22
2022-10-14 07:55:17 +00:00
d4e6ac210e Accepting request 1005667 from home:jfkw:branches:server:http
- Update to version 2.6.1:
  * core: Reuse unix sockets (UDS) and don't try to serve HTTP/3 over UDS (#5063)
  * encode: don't WriteHeader unless called (#5060)
  * fileserver: Reinstate --debug flag

OBS-URL: https://build.opensuse.org/request/show/1005667
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=20
2022-09-29 08:07:12 +00:00
659fec4f73 Accepting request 1005069 from home:jfkw:branches:server:http
- Update to version 2.6.0:
- BuildRequires: golang(API) >= 1.18 for new net/netip package

OBS-URL: https://build.opensuse.org/request/show/1005069
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=18
2022-09-21 10:02:44 +00:00
8c99dd1c76 Accepting request 992223 from home:avicenzi:branches:server:http
Add bsc#1201822 (CVE-2022-34037) mention in changelog

OBS-URL: https://build.opensuse.org/request/show/992223
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=16
2022-08-02 10:20:14 +00:00
cfa7c1a6a5 Accepting request 989489 from home:dirkmueller:Factory
- Update to version 2.5.2:
  * admin: expect quoted ETags (#4879)
  * headers: Only replace known placeholders (#4880)
  * reverseproxy: Err 503 if all upstreams unavailable
  * reverseproxy: Adjust new TLS Caddyfile directive names (#4872)
  * fileserver: Use safe redirects in file browser
  * admin: support ETag on config endpoints (#4579)
  * go.mod: Bump up quic-go to v0.28.0, fixes for BC breaks (#4867)
  * caddytls: Reuse issuer between PreCheck and Issue (#4866)
  * admin: Implement /adapt endpoint (close #4465) (#4846)
  * forwardauth: Fix case when `copy_headers` is omitted (#4856)
  * Expose several Caddy HTTP Matchers to the CEL Matcher (#4715)
  * reverseproxy: Fix double headers in response handlers (#4847)
  * reverseproxy: Fix panic when TLS is not configured (#4848)
  * reverseproxy: Skip TLS for certain configured ports (#4843)
  * go.mod: Update some dependencies
  * forwardauth: Support renaming copied headers, block support (#4783)
  * Add comment about xcaddy to main
  * headers: Support wildcards for delete ops (close #4830) (#4831)
  * reverseproxy: Dynamic ServerName for TLS upstreams (#4836)
  * reverseproxy: Make TLS renegotiation optional
  * reverseproxy: Add renegotiation param in TLS client (#4784)
  * caddyhttp: Log error from CEL evaluation (fix #4832)
  * reverseproxy: Correct the `tls_server_name` docs (#4827)
  * reverseproxy: HTTP 504 for upstream timeouts (#4824)
  * caddytls: Make peer certificate verification pluggable (#4389)
  * reverseproxy: api: Remove misleading 'healthy' value
  * go.mod: Update go-yaml to v3
  * Fix #4822 and fix #4779
  * reverseproxy: Add --internal-certs CLI flag #3589 (#4817)

OBS-URL: https://build.opensuse.org/request/show/989489
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=14
2022-07-19 11:44:45 +00:00
697971ca6a Accepting request 981170 from home:avicenzi:branches:server:http
Add mention to CVE fixed in 2.5.0

OBS-URL: https://build.opensuse.org/request/show/981170
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=12
2022-06-07 15:34:49 +00:00
240c8da693 Accepting request 978655 from home:avicenzi:branches:server:http
Update to 2.5.1

OBS-URL: https://build.opensuse.org/request/show/978655
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=10
2022-05-23 08:58:48 +00:00
d35f043647 Accepting request 964918 from home:avicenzi:branches:server:http
Update to version 2.4.6

OBS-URL: https://build.opensuse.org/request/show/964918
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=8
2022-03-29 13:17:45 +00:00
5cea0efc8d Accepting request 926947 from home:susnux:branches:server:http
- Update to version 2.4.5:
  * Hotfix for a regression introduced in 2.4.4 related to
    combining the encode and reverse_proxy directives.

OBS-URL: https://build.opensuse.org/request/show/926947
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=7
2021-10-22 13:15:00 +00:00
922211390a Accepting request 915786 from home:avicenzi:branches:server:http
Update to version 2.4.4

OBS-URL: https://build.opensuse.org/request/show/915786
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=6
2021-09-07 09:33:23 +00:00
583b912711 Accepting request 914365 from home:jsegitz:branches:systemdhardening:server:http
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

OBS-URL: https://build.opensuse.org/request/show/914365
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=5
2021-09-02 14:38:26 +00:00
dca65c36eb Accepting request 895174 from home:avicenzi:branches:server:http
Update caddy to 2.4.1

OBS-URL: https://build.opensuse.org/request/show/895174
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=3
2021-06-08 08:31:32 +00:00
Dominique Leuenberger
2042b97f6a Accepting request 895317 from server:http
Add Caddy package

OBS-URL: https://build.opensuse.org/request/show/895317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/caddy?expand=0&rev=1
2021-06-01 08:35:28 +00:00
Marguerite Su
81a622221b Accepting request 889343 from home:avicenzi
Add Caddy

OBS-URL: https://build.opensuse.org/request/show/889343
OBS-URL: https://build.opensuse.org/package/show/server:http/caddy?expand=0&rev=1
2021-05-05 09:08:17 +00:00