mirror of
https://github.com/caddyserver/website.git
synced 2025-04-21 12:36:16 -04:00
More
This commit is contained in:
Francis Lavoie
parent
60be20ca46
commit
70d31a6959
4 changed files with 45 additions and 11 deletions
|
|
@ -21,7 +21,7 @@ Prior to v2.8.0, this directive was named `basicauth`, but was renamed for consi
|
|||
|
||||
```caddy-d
|
||||
basic_auth [<matcher>] [<hash_algorithm> [<realm>]] {
|
||||
<username> <hashed_password> [<salt_base64>]
|
||||
<username> <hashed_password>
|
||||
...
|
||||
}
|
||||
```
|
||||
|
|
@ -34,8 +34,6 @@ basic_auth [<matcher>] [<hash_algorithm> [<realm>]] {
|
|||
|
||||
- **<hashed_password>** is the password hash.
|
||||
|
||||
- **<salt_base64>** is the base-64 encoding of the password salt, if an external salt is required. This was only needed for the `scrypt` algorithm which is now deprecated. Subject to removal.
|
||||
|
||||
|
||||
## Examples
|
||||
|
||||
|
|
|
|||
|
|
@ -54,6 +54,7 @@ When configured, by default all requests to the site will be logged. To conditio
|
|||
- [cookie](#cookie)
|
||||
- [regexp](#regexp)
|
||||
- [hash](#hash)
|
||||
- [append](#append)
|
||||
- [Examples](#examples)
|
||||
|
||||
Since Caddy v2.5, by default, headers with potentially sensitive information (`Cookie`, `Set-Cookie`, `Authorization` and `Proxy-Authorization`) will be logged with empty values. This behaviour can be disabled with the [`log_credentials`](/docs/caddyfile/options#log-credentials) global server option.
|
||||
|
|
@ -281,15 +282,15 @@ format json
|
|||
|
||||
#### filter
|
||||
|
||||
Wraps another encoder module, allowing per-field filtering.
|
||||
Allows per-field filtering.
|
||||
|
||||
```caddy-d
|
||||
format filter {
|
||||
wrap <encode_module> ...
|
||||
fields {
|
||||
<field> <filter> ...
|
||||
}
|
||||
<field> <filter> ...
|
||||
wrap <encode_module> ...
|
||||
}
|
||||
```
|
||||
|
||||
|
|
@ -301,6 +302,7 @@ Specifying `wrap` is optional; if omitted, a default is chosen depending on whet
|
|||
|
||||
As a shortcut, the `fields` block can be omitted and the filters can be specified directly within the `filter` block.
|
||||
|
||||
|
||||
These are the available filters:
|
||||
|
||||
##### delete
|
||||
|
|
@ -416,6 +418,26 @@ Useful to obscure the value if it's sensitive, while being able to notice whethe
|
|||
<field> hash
|
||||
```
|
||||
|
||||
#### append
|
||||
|
||||
Appends field(s) to all log entries.
|
||||
|
||||
```caddy-d
|
||||
format append {
|
||||
fields {
|
||||
<field> <value>
|
||||
}
|
||||
<field> <value>
|
||||
wrap <encode_module> ...
|
||||
}
|
||||
```
|
||||
|
||||
It is most useful for adding information about the Caddy instance that is producing the log entries, possibly via an environment variable. The field values may be global placeholders (e.g. `{env.*}`), but _not_ per-request placeholders due to logs being written outside of the HTTP request context.
|
||||
|
||||
Specifying `wrap` is optional; if omitted, a default is chosen depending on whether the current output module is [`stderr`](#stderr) or [`stdout`](#stdout), and is an interactive terminal, in which case [`console`](#console) is chosen, otherwise [`json`](#json) is chosen.
|
||||
|
||||
The `fields` block can be omitted and the fields can be specified directly within the `append` block.
|
||||
|
||||
|
||||
|
||||
## Examples
|
||||
|
|
@ -502,6 +524,22 @@ example.com {
|
|||
```
|
||||
|
||||
|
||||
To append a server ID from an environment variable to all log entries, and chain it with a `filter` to delete a header:
|
||||
|
||||
```caddy
|
||||
example.com {
|
||||
log {
|
||||
format append {
|
||||
server_id {env.SERVER_ID}
|
||||
wrap filter {
|
||||
request>headers>Cookie delete
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
<span id="wildcard-logs" /> To write separate log files for each subdomain in a [wildcard site block](/docs/caddyfile/patterns#wildcard-certificates), by overriding `hostnames` for each logger. This uses a [snippet](/docs/caddyfile/concepts#snippets) to avoid repetition:
|
||||
|
||||
```caddy
|
||||
|
|
|
|||
|
|
@ -8,6 +8,9 @@ Sets one or more variables to a particular value, to be used later in the reques
|
|||
|
||||
The primary way to access variables is with placeholders, which have the form `{vars.variable_name}`, or with the [`vars`](/docs/caddyfile/matchers#vars) and [`vars_regexp`](/docs/caddyfile/matchers#vars_regexp) request matchers.
|
||||
|
||||
As a special case, it's possible to override the variable named `http.auth.user.id`, which is stored in the replacer, to update the `user_id` field in access logs.
|
||||
|
||||
|
||||
## Syntax
|
||||
|
||||
```caddy-d
|
||||
|
|
|
|||
|
|
@ -247,8 +247,7 @@ Formats or prettifies a Caddyfile, then exits. The result is printed to stdout u
|
|||
|
||||
<pre><code class="cmd bash">caddy hash-password
|
||||
[-p, --plaintext <password>]
|
||||
[-a, --algorithm <name>]
|
||||
[-s, --salt <string>]</code></pre>
|
||||
[-a, --algorithm <name>]</code></pre>
|
||||
|
||||
Convenient way to hash a plaintext password. The resulting hash is written to stdout as a format usable directly in your Caddy config.
|
||||
|
||||
|
|
@ -256,10 +255,6 @@ Convenient way to hash a plaintext password. The resulting hash is written to st
|
|||
|
||||
`--algorithm` may be `bcrypt` or any installed hash algorithm. Default is `bcrypt`.
|
||||
|
||||
`--salt` is used only if the algorithm requires an external salt (like `scrypt`).
|
||||
|
||||
Note that `scrypt` is deprecated. Please use `bcrypt` instead.
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue