Support for Caddyfile

[non092]

Hi there,
First thanks for the great work there !
I'm looking at implementing revocation check but I'm having some issues as I'm using https://github.com/lucaslorentz/caddy-docker-proxy which generate the Caddy config automatically from docker labels.
This is done by generating a temp Caddyfile and reloading the config when containers are changed.

Without support for Caddyfile in this module I unfortunately cannot use it in my environnement.

Is there any chance Caddyfile support could be added ?
This looks quite straight forward : https://caddyserver.com/docs/extending-caddy/caddyfile

I also noticed the documentation should probably be updated, if I'm not wrong the sample config file should look like this according to latest JSON definition (validator(s) changed to verifier(s)) :

          "client_authentication": {
            "trusted_ca_certs_pem_files": [
              "./certificates/ca.pem",
            ],
            "mode": "require_and_verify",
			"verifiers": [
				{
					"verifier" : "revocation",
					"mode" : "prefer_ocsp",
					"crl_config": {
					  "work_dir": "./crlworkdir"
					},
					"ocsp_config": {
						"default_cache_duration" : "10m",
					}
				}
			]
          }

Happy to raise a PR to update it

[Gr33nbl00d]

Hi i am just back from vacation so answer is a little late :) Yes you are right already merged your request to update the documentation.

I did not really check yet if i can somehow also support the caddy file format.
When i have some spare time i will check if i can add support.

[Gr33nbl00d]

An update to this. I just checked it recently and also startet development. Unfortunatly a change in caddy is also needed.
I am not sure if the caddyfile is considered a future solution or if the json config will be the way to go. I will anyway prepare a pull request to caddy but this might could take some time till it will be available

[ameyer8]

@Gr33nbl00d did the caddyfile updates ever make it into a PR?

[Gr33nbl00d]

Not yet. I found some other problems implementing this which increases the effort a bit. Because of this i currently parked this as enhancement. At the moment i will focus on getting the outstanding work done for hardening the code. Test coverage and so on. When this is finished i can come back to this topic.

[zachgalvin]

@Gr33nbl00d would the attached PR work for this? I worked on getting the client_auth verifiers to work in Caddy, and that PR works great once you include that change (PR 6022)

[Gr33nbl00d]

Cool many thanks for your efforts, i will test this next week

[Gr33nbl00d]

Short update i currently wait for caddy 2.8 to be released to merge the feature branch back to master. After that caddyfile support should work

[andoks]

Caddy 2.8 has been released, possibly unblocking this issue 🎉

[Gr33nbl00d]

Caddy 2.8 has been released, possibly unblocking this issue 🎉

Thanks for the hint. I will do some final testing and will merge it next week if no problem occurs

[Gr33nbl00d]

Merged back to master should be resolved