-
Notifications
You must be signed in to change notification settings - Fork 236
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow use of wildcard outside of *.
prefix
#102
Comments
The restriction is defined by TLS certificate validation rules regarding wildcards. The Caddyfile conflates the TLS certificate name and the Host for routing HTTP requests. But you can probably do what you want with a regex matcher inside a site block. I'm mobile at the moment but you can probably find what you need in our docs. |
Oh, you know -- my bad. This is an ACL rule, duh. (See, I was mobile, I should just wait until I'm at my computer.) I think the ACL rules don't currently support any wildcard characters. But they probably should. Want to submit a PR? |
Given my Go skills, I don't think you want me to do that. ;) |
I've tested that it works with things like |
@mogul Only |
Problem
From the docs:
Active word: prefix.
This implementation is constraining how well I can address a real-world example: New Relic says that their agent traffic is ingested via
collector*.newrelic.com
. If I try to specify that pattern, I get this from Caddy:Since I can't specify
collector*.newrelic.com
for anacl
directive I instead have to allow traffic to all of*.newrelic.com
which is very overbroad for what I want!Proposed solution
acl
patterns likecollector*.newrelic.com
and*-api.newrelic.com
should be supported.The text was updated successfully, but these errors were encountered: