mirror of
https://github.com/caddyserver/website.git
synced 2025-04-21 20:46:15 -04:00
More
This commit is contained in:
Francis Lavoie
parent
99460080db
commit
a3640d617c
4 changed files with 45 additions and 11 deletions
|
|
@ -21,7 +21,7 @@ Prior to v2.8.0, this directive was named `basicauth`, but was renamed for consi
|
||||||
|
|
||||||
```caddy-d
|
```caddy-d
|
||||||
basic_auth [<matcher>] [<hash_algorithm> [<realm>]] {
|
basic_auth [<matcher>] [<hash_algorithm> [<realm>]] {
|
||||||
<username> <hashed_password> [<salt_base64>]
|
<username> <hashed_password>
|
||||||
...
|
...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
@ -34,8 +34,6 @@ basic_auth [<matcher>] [<hash_algorithm> [<realm>]] {
|
||||||
|
|
||||||
- **<hashed_password>** is the password hash.
|
- **<hashed_password>** is the password hash.
|
||||||
|
|
||||||
- **<salt_base64>** is the base-64 encoding of the password salt, if an external salt is required. This was only needed for the `scrypt` algorithm which is now deprecated. Subject to removal.
|
|
||||||
|
|
||||||
|
|
||||||
## Examples
|
## Examples
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -54,6 +54,7 @@ When configured, by default all requests to the site will be logged. To conditio
|
||||||
- [cookie](#cookie)
|
- [cookie](#cookie)
|
||||||
- [regexp](#regexp)
|
- [regexp](#regexp)
|
||||||
- [hash](#hash)
|
- [hash](#hash)
|
||||||
|
- [append](#append)
|
||||||
- [Examples](#examples)
|
- [Examples](#examples)
|
||||||
|
|
||||||
Since Caddy v2.5, by default, headers with potentially sensitive information (`Cookie`, `Set-Cookie`, `Authorization` and `Proxy-Authorization`) will be logged with empty values. This behaviour can be disabled with the [`log_credentials`](/docs/caddyfile/options#log-credentials) global server option.
|
Since Caddy v2.5, by default, headers with potentially sensitive information (`Cookie`, `Set-Cookie`, `Authorization` and `Proxy-Authorization`) will be logged with empty values. This behaviour can be disabled with the [`log_credentials`](/docs/caddyfile/options#log-credentials) global server option.
|
||||||
|
|
@ -281,15 +282,15 @@ format json
|
||||||
|
|
||||||
#### filter
|
#### filter
|
||||||
|
|
||||||
Wraps another encoder module, allowing per-field filtering.
|
Allows per-field filtering.
|
||||||
|
|
||||||
```caddy-d
|
```caddy-d
|
||||||
format filter {
|
format filter {
|
||||||
wrap <encode_module> ...
|
|
||||||
fields {
|
fields {
|
||||||
<field> <filter> ...
|
<field> <filter> ...
|
||||||
}
|
}
|
||||||
<field> <filter> ...
|
<field> <filter> ...
|
||||||
|
wrap <encode_module> ...
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
@ -301,6 +302,7 @@ Specifying `wrap` is optional; if omitted, a default is chosen depending on whet
|
||||||
|
|
||||||
As a shortcut, the `fields` block can be omitted and the filters can be specified directly within the `filter` block.
|
As a shortcut, the `fields` block can be omitted and the filters can be specified directly within the `filter` block.
|
||||||
|
|
||||||
|
|
||||||
These are the available filters:
|
These are the available filters:
|
||||||
|
|
||||||
##### delete
|
##### delete
|
||||||
|
|
@ -416,6 +418,26 @@ Useful to obscure the value if it's sensitive, while being able to notice whethe
|
||||||
<field> hash
|
<field> hash
|
||||||
```
|
```
|
||||||
|
|
||||||
|
#### append
|
||||||
|
|
||||||
|
Appends field(s) to all log entries.
|
||||||
|
|
||||||
|
```caddy-d
|
||||||
|
format append {
|
||||||
|
fields {
|
||||||
|
<field> <value>
|
||||||
|
}
|
||||||
|
<field> <value>
|
||||||
|
wrap <encode_module> ...
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
It is most useful for adding information about the Caddy instance that is producing the log entries, possibly via an environment variable. The field values may be global placeholders (e.g. `{env.*}`), but _not_ per-request placeholders due to logs being written outside of the HTTP request context.
|
||||||
|
|
||||||
|
Specifying `wrap` is optional; if omitted, a default is chosen depending on whether the current output module is [`stderr`](#stderr) or [`stdout`](#stdout), and is an interactive terminal, in which case [`console`](#console) is chosen, otherwise [`json`](#json) is chosen.
|
||||||
|
|
||||||
|
The `fields` block can be omitted and the fields can be specified directly within the `append` block.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
## Examples
|
## Examples
|
||||||
|
|
@ -502,6 +524,22 @@ example.com {
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
|
To append a server ID from an environment variable to all log entries, and chain it with a `filter` to delete a header:
|
||||||
|
|
||||||
|
```caddy
|
||||||
|
example.com {
|
||||||
|
log {
|
||||||
|
format append {
|
||||||
|
server_id {env.SERVER_ID}
|
||||||
|
wrap filter {
|
||||||
|
request>headers>Cookie delete
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
<span id="wildcard-logs" /> To write separate log files for each subdomain in a [wildcard site block](/docs/caddyfile/patterns#wildcard-certificates), by overriding `hostnames` for each logger. This uses a [snippet](/docs/caddyfile/concepts#snippets) to avoid repetition:
|
<span id="wildcard-logs" /> To write separate log files for each subdomain in a [wildcard site block](/docs/caddyfile/patterns#wildcard-certificates), by overriding `hostnames` for each logger. This uses a [snippet](/docs/caddyfile/concepts#snippets) to avoid repetition:
|
||||||
|
|
||||||
```caddy
|
```caddy
|
||||||
|
|
|
||||||
|
|
@ -8,6 +8,9 @@ Sets one or more variables to a particular value, to be used later in the reques
|
||||||
|
|
||||||
The primary way to access variables is with placeholders, which have the form `{vars.variable_name}`, or with the [`vars`](/docs/caddyfile/matchers#vars) and [`vars_regexp`](/docs/caddyfile/matchers#vars_regexp) request matchers.
|
The primary way to access variables is with placeholders, which have the form `{vars.variable_name}`, or with the [`vars`](/docs/caddyfile/matchers#vars) and [`vars_regexp`](/docs/caddyfile/matchers#vars_regexp) request matchers.
|
||||||
|
|
||||||
|
As a special case, it's possible to override the variable named `http.auth.user.id`, which is stored in the replacer, to update the `user_id` field in access logs.
|
||||||
|
|
||||||
|
|
||||||
## Syntax
|
## Syntax
|
||||||
|
|
||||||
```caddy-d
|
```caddy-d
|
||||||
|
|
|
||||||
|
|
@ -247,8 +247,7 @@ Formats or prettifies a Caddyfile, then exits. The result is printed to stdout u
|
||||||
|
|
||||||
<pre><code class="cmd bash">caddy hash-password
|
<pre><code class="cmd bash">caddy hash-password
|
||||||
[-p, --plaintext <password>]
|
[-p, --plaintext <password>]
|
||||||
[-a, --algorithm <name>]
|
[-a, --algorithm <name>]</code></pre>
|
||||||
[-s, --salt <string>]</code></pre>
|
|
||||||
|
|
||||||
Convenient way to hash a plaintext password. The resulting hash is written to stdout as a format usable directly in your Caddy config.
|
Convenient way to hash a plaintext password. The resulting hash is written to stdout as a format usable directly in your Caddy config.
|
||||||
|
|
||||||
|
|
@ -256,10 +255,6 @@ Convenient way to hash a plaintext password. The resulting hash is written to st
|
||||||
|
|
||||||
`--algorithm` may be `bcrypt` or any installed hash algorithm. Default is `bcrypt`.
|
`--algorithm` may be `bcrypt` or any installed hash algorithm. Default is `bcrypt`.
|
||||||
|
|
||||||
`--salt` is used only if the algorithm requires an external salt (like `scrypt`).
|
|
||||||
|
|
||||||
Note that `scrypt` is deprecated. Please use `bcrypt` instead.
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue