Skip to content

Commit

Permalink
Fix dynamic upstreams: make use of ReplaceKnown at provision (#235)
Browse files Browse the repository at this point in the history
  • Loading branch information
vnxme authored Aug 19, 2024
1 parent afa78d7 commit e23bce0
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 2 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -590,7 +590,7 @@ Environment variables having `{$VAR}` syntax are supported in Caddyfile only. Th

Runtime placeholders having `{...}` syntax, including environment variables referenced as `{env.VAR}`, are supported in both Caddyfile and pure JSON, with some caveats described below.
- Options of *int*, *float*, *big.int*, *duration*, and other numeric types don't support runtime placeholders at all.
- Options of *string* type containing IPs or CIDRs (e.g. `dial` in `upstream` of `proxy` handler), regular expressions (e.g. `cookie_hash_regexp` of `rdp` matcher), or special values (e.g. `commands` and `credentials` of `socks5` handler) support runtime placeholders, but they are evaluated __once at provision__ due to the existing optimizations.
- Options of *string* type containing IPs or CIDRs (e.g. `remote_ip` matcher), regular expressions (e.g. `cookie_hash_regexp` of `rdp` matcher), or special values (e.g. `commands` and `credentials` of `socks5` handler) support runtime placeholders, but they are evaluated __once at provision__ due to the existing optimizations. A special case is `dial` in `upstream` of `proxy` handler: it is evaluated 2 times: at handler provision for all known placeholders (e.g. `{env.*}`) and at dial for all placeholders (e.g. `{l4.*}`).
- Other options of *string* type (e.g. `alpn` of `tls` matcher) generally support runtime placeholders, and they are evaluated __each time at match or handle__. However, there are some exceptions, e.g. `tls_*` options inside `upstream` of `proxy` handler, and all options inside `connection_policy` of `tls` handler, that don't support runtime placeholders at all.

Please note that runtime placeholders support depends on handler/matcher implementations. Given some matchers and handlers are outside of this repository, it's up to their developers to support or restrict usage of runtime placeholders.
4 changes: 3 additions & 1 deletion modules/l4proxy/upstream.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,9 @@ func (u *Upstream) provision(ctx caddy.Context, h *Handler) error {
repl := caddy.NewReplacer()
for _, dialAddr := range u.Dial {
// replace runtime placeholders
replDialAddr := repl.ReplaceAll(dialAddr, "")
// Note: ReplaceKnown is used here instead of ReplaceAll to let unknown placeholders be replaced later
// in Handler.dialPeers. E.g. {l4.tls.server_name}:443 will allow for dynamic TLS SNI based upstreams.
replDialAddr := repl.ReplaceKnown(dialAddr, "")

// parse and validate address
addr, err := caddy.ParseNetworkAddress(replDialAddr)
Expand Down

0 comments on commit e23bce0

Please sign in to comment.