diff --git a/README.md b/README.md index 427561f..f7f5a2c 100644 --- a/README.md +++ b/README.md @@ -590,7 +590,7 @@ Environment variables having `{$VAR}` syntax are supported in Caddyfile only. Th Runtime placeholders having `{...}` syntax, including environment variables referenced as `{env.VAR}`, are supported in both Caddyfile and pure JSON, with some caveats described below. - Options of *int*, *float*, *big.int*, *duration*, and other numeric types don't support runtime placeholders at all. -- Options of *string* type containing IPs or CIDRs (e.g. `dial` in `upstream` of `proxy` handler), regular expressions (e.g. `cookie_hash_regexp` of `rdp` matcher), or special values (e.g. `commands` and `credentials` of `socks5` handler) support runtime placeholders, but they are evaluated __once at provision__ due to the existing optimizations. +- Options of *string* type containing IPs or CIDRs (e.g. `remote_ip` matcher), regular expressions (e.g. `cookie_hash_regexp` of `rdp` matcher), or special values (e.g. `commands` and `credentials` of `socks5` handler) support runtime placeholders, but they are evaluated __once at provision__ due to the existing optimizations. A special case is `dial` in `upstream` of `proxy` handler: it is evaluated 2 times: at handler provision for all known placeholders (e.g. `{env.*}`) and at dial for all placeholders (e.g. `{l4.*}`). - Other options of *string* type (e.g. `alpn` of `tls` matcher) generally support runtime placeholders, and they are evaluated __each time at match or handle__. However, there are some exceptions, e.g. `tls_*` options inside `upstream` of `proxy` handler, and all options inside `connection_policy` of `tls` handler, that don't support runtime placeholders at all. Please note that runtime placeholders support depends on handler/matcher implementations. Given some matchers and handlers are outside of this repository, it's up to their developers to support or restrict usage of runtime placeholders. diff --git a/modules/l4proxy/upstream.go b/modules/l4proxy/upstream.go index a09f9ab..c4f1255 100644 --- a/modules/l4proxy/upstream.go +++ b/modules/l4proxy/upstream.go @@ -59,7 +59,9 @@ func (u *Upstream) provision(ctx caddy.Context, h *Handler) error { repl := caddy.NewReplacer() for _, dialAddr := range u.Dial { // replace runtime placeholders - replDialAddr := repl.ReplaceAll(dialAddr, "") + // Note: ReplaceKnown is used here instead of ReplaceAll to let unknown placeholders be replaced later + // in Handler.dialPeers. E.g. {l4.tls.server_name}:443 will allow for dynamic TLS SNI based upstreams. + replDialAddr := repl.ReplaceKnown(dialAddr, "") // parse and validate address addr, err := caddy.ParseNetworkAddress(replDialAddr)