[
{
"path": ".gitignore",
"content": "_book/\n.*\n!.gitignore\nreferences\nagent/\n"
},
{
"path": "Caddyfile",
"content": "http://127.0.0.1:22020\n\nroot * src\n\nfile_server\ntemplates\nencode gzip\n\ntry_files {path}.html {path}\n\nredir /docs/json /docs/json/\nredir /docs/modules /docs/modules/\nrewrite /docs/json/* /docs/json/index.html\nrewrite /docs/modules/* /docs/modules/index.html\nrewrite /docs/* /docs/index.html\n\nrewrite /api/modules /api/modules/index.json\nrewrite /api/modules/* {path}.json\nrewrite /api/docs/config/ /api/docs/config.json\n\n# redirect to /docs/\nredir / /docs/\n"
},
{
"path": "readme.md",
"content": "Caddy v2 中文文档\n=================\n\n这是Caddy v2中文文档的网站, [https://caddy2.dengxiaolong.com/](https://caddy2.dengxiaolong.com/docs/).\n\n\n## 要求\n\n- 安装Caddy 2 (在PATH可直接运行`caddy`)\n\n\n## 快速开始\n\n1. `git clone https://github.com/phpple/caddy2-cn-doc/`\n2. `cd caddy2-cn-doc`\n3. `caddy run`\n\n第一次,系统可能会提示你输入密码。这样Caddy就可以通过本地HTTPS为站点提供服务。如果无法绑定低端口,请更改[`Caddyfile`](Caddyfile)顶部的地址,例如`localhost:2015`。\n\n然后你可以通过浏览器访问[http://127.0.0.1:22020/](http://127.0.0.1:22020/) (或者你配置的其他地址)。\n"
},
{
"path": "src/api/docs/config.json",
"content": "{\n \"status_code\": 200,\n \"result\": {\n \"structure\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.Config\",\n \"struct_fields\": [\n {\n \"key\": \"admin\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminConfig\",\n \"struct_fields\": [\n {\n \"key\": \"disabled\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"If true, the admin endpoint will be completely disabled.\\nNote that this makes any runtime changes to the config\\nimpossible, since the interface to do so is through the\\nadmin endpoint.\"\n },\n \"doc\": \"If true, the admin endpoint will be completely disabled.\\nNote that this makes any runtime changes to the config\\nimpossible, since the interface to do so is through the\\nadmin endpoint.\"\n },\n {\n \"key\": \"listen\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"The address to which the admin endpoint's listener should\\nbind itself. Can be any single network address that can be\\nparsed by Caddy. Default: localhost:2019\"\n },\n \"doc\": \"The address to which the admin endpoint's listener should\\nbind itself. Can be any single network address that can be\\nparsed by Caddy. Default: localhost:2019\"\n },\n {\n \"key\": \"enforce_origin\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"If true, CORS headers will be emitted, and requests to the\\nAPI will be rejected if their `Host` and `Origin` headers\\ndo not match the expected value(s). Use `origins` to\\ncustomize which origins/hosts are allowed. If `origins` is\\nnot set, the listen address is the only value allowed by\\ndefault. Enforced only on local (plaintext) endpoint.\"\n },\n \"doc\": \"If true, CORS headers will be emitted, and requests to the\\nAPI will be rejected if their `Host` and `Origin` headers\\ndo not match the expected value(s). Use `origins` to\\ncustomize which origins/hosts are allowed. If `origins` is\\nnot set, the listen address is the only value allowed by\\ndefault. Enforced only on local (plaintext) endpoint.\"\n },\n {\n \"key\": \"origins\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The list of allowed origins/hosts for API requests. Only needed\\nif accessing the admin endpoint from a host different from the\\nsocket's network interface or if `enforce_origin` is true. If not\\nset, the listener address will be the default value. If set but\\nempty, no origins will be allowed. Enforced only on local\\n(plaintext) endpoint.\"\n }\n },\n \"doc\": \"The list of allowed origins/hosts for API requests. Only needed\\nif accessing the admin endpoint from a host different from the\\nsocket's network interface or if `enforce_origin` is true. If not\\nset, the listener address will be the default value. If set but\\nempty, no origins will be allowed. Enforced only on local\\n(plaintext) endpoint.\"\n },\n {\n \"key\": \"config\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.ConfigSettings\",\n \"struct_fields\": [\n {\n \"key\": \"persist\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"Whether to keep a copy of the active config on disk. Default is true.\\nNote that \\\"pulled\\\" dynamic configs (using the neighboring \\\"load\\\" module)\\nare not persisted; only configs that are pushed to Caddy get persisted.\"\n },\n \"doc\": \"Whether to keep a copy of the active config on disk. Default is true.\\nNote that \\\"pulled\\\" dynamic configs (using the neighboring \\\"load\\\" module)\\nare not persisted; only configs that are pushed to Caddy get persisted.\"\n },\n {\n \"key\": \"load\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"Loads a configuration to use. This is helpful if your configs are\\nmanaged elsewhere, and you want Caddy to pull its config dynamically\\nwhen it starts. The pulled config completely replaces the current\\none, just like any other config load. It is an error if a pulled\\nconfig is configured to pull another config.\\n\\nEXPERIMENTAL: Subject to change.\",\n \"module_namespace\": \"caddy.config_loaders\",\n \"module_inline_key\": \"module\"\n },\n \"doc\": \"Loads a configuration to use. This is helpful if your configs are\\nmanaged elsewhere, and you want Caddy to pull its config dynamically\\nwhen it starts. The pulled config completely replaces the current\\none, just like any other config load. It is an error if a pulled\\nconfig is configured to pull another config.\\n\\nEXPERIMENTAL: Subject to change.\"\n }\n ],\n \"doc\": \"Options pertaining to configuration management.\\n\\n\\nConfigSettings configures the management of configuration.\"\n },\n \"doc\": \"Options pertaining to configuration management.\\n\\n\\nConfigSettings configures the management of configuration.\"\n },\n {\n \"key\": \"identity\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.IdentityConfig\",\n \"struct_fields\": [\n {\n \"key\": \"identifiers\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"List of names or IP addresses which refer to this server.\\nCertificates will be obtained for these identifiers so\\nsecure TLS connections can be made using them.\"\n }\n },\n \"doc\": \"List of names or IP addresses which refer to this server.\\nCertificates will be obtained for these identifiers so\\nsecure TLS connections can be made using them.\"\n },\n {\n \"key\": \"issuers\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"module\",\n \"doc\": \"Issuers that can provide this admin endpoint its identity\\ncertificate(s). Default: ACME issuers configured for\\nZeroSSL and Let's Encrypt. Be sure to change this if you\\nrequire credentials for private identifiers.\",\n \"module_namespace\": \"tls.issuance\",\n \"module_inline_key\": \"module\"\n }\n },\n \"doc\": \"Issuers that can provide this admin endpoint its identity\\ncertificate(s). Default: ACME issuers configured for\\nZeroSSL and Let's Encrypt. Be sure to change this if you\\nrequire credentials for private identifiers.\"\n }\n ],\n \"doc\": \"Options that establish this server's identity. Identity refers to\\ncredentials which can be used to uniquely identify and authenticate\\nthis server instance. This is required if remote administration is\\nenabled (but does not require remote administration to be enabled).\\nDefault: no identity management.\\n\\n\\nIdentityConfig configures management of this server's identity. An identity\\nconsists of credentials that uniquely verify this instance; for example,\\nTLS certificates (public + private key pairs).\"\n },\n \"doc\": \"Options that establish this server's identity. Identity refers to\\ncredentials which can be used to uniquely identify and authenticate\\nthis server instance. This is required if remote administration is\\nenabled (but does not require remote administration to be enabled).\\nDefault: no identity management.\\n\\n\\nIdentityConfig configures management of this server's identity. An identity\\nconsists of credentials that uniquely verify this instance; for example,\\nTLS certificates (public + private key pairs).\"\n },\n {\n \"key\": \"remote\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.RemoteAdmin\",\n \"struct_fields\": [\n {\n \"key\": \"listen\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"The address on which to start the secure listener.\\nDefault: :2021\"\n },\n \"doc\": \"The address on which to start the secure listener.\\nDefault: :2021\"\n },\n {\n \"key\": \"access_control\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminAccess\",\n \"struct_fields\": [\n {\n \"key\": \"public_keys\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Base64-encoded DER certificates containing public keys to accept.\\n(The contents of PEM certificate blocks are base64-encoded DER.)\\nAny of these public keys can appear in any part of a verified chain.\"\n }\n },\n \"doc\": \"Base64-encoded DER certificates containing public keys to accept.\\n(The contents of PEM certificate blocks are base64-encoded DER.)\\nAny of these public keys can appear in any part of a verified chain.\"\n },\n {\n \"key\": \"permissions\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminPermissions\",\n \"struct_fields\": [\n {\n \"key\": \"paths\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The API paths allowed. Paths are simple prefix matches.\\nAny subpath of the specified paths will be allowed.\"\n }\n },\n \"doc\": \"The API paths allowed. Paths are simple prefix matches.\\nAny subpath of the specified paths will be allowed.\"\n },\n {\n \"key\": \"methods\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The HTTP methods allowed for the given paths.\"\n }\n },\n \"doc\": \"The HTTP methods allowed for the given paths.\"\n }\n ],\n \"doc\": \"Limits what the associated identities are allowed to do.\\nIf unspecified, all permissions are granted.\\n\\n\\nAdminPermissions specifies what kinds of requests are allowed\\nto be made to the admin endpoint.\"\n }\n },\n \"doc\": \"Limits what the associated identities are allowed to do.\\nIf unspecified, all permissions are granted.\\n\\n\\nAdminPermissions specifies what kinds of requests are allowed\\nto be made to the admin endpoint.\"\n }\n ],\n \"doc\": \"List of access controls for this secure admin endpoint.\\nThis configures TLS mutual authentication (i.e. authorized\\nclient certificates), but also application-layer permissions\\nlike which paths and methods each identity is authorized for.\\n\\n\\nAdminAccess specifies what permissions an identity or group\\nof identities are granted.\"\n }\n },\n \"doc\": \"List of access controls for this secure admin endpoint.\\nThis configures TLS mutual authentication (i.e. authorized\\nclient certificates), but also application-layer permissions\\nlike which paths and methods each identity is authorized for.\\n\\n\\nAdminAccess specifies what permissions an identity or group\\nof identities are granted.\"\n }\n ],\n \"doc\": \"Options pertaining to remote administration. By default, remote\\nadministration is disabled. If enabled, identity management must\\nalso be configured, as that is how the endpoint is secured.\\nSee the neighboring \\\"identity\\\" object.\\n\\nEXPERIMENTAL: This feature is subject to change.\\n\\n\\nRemoteAdmin enables and configures remote administration. If enabled,\\na secure listener enforcing mutual TLS authentication will be started\\non a different port from the standard plaintext admin server.\\n\\nThis endpoint is secured using identity management, which must be\\nconfigured separately (because identity management does not depend\\non remote administration). See the admin/identity config struct.\\n\\nEXPERIMENTAL: Subject to change.\"\n },\n \"doc\": \"Options pertaining to remote administration. By default, remote\\nadministration is disabled. If enabled, identity management must\\nalso be configured, as that is how the endpoint is secured.\\nSee the neighboring \\\"identity\\\" object.\\n\\nEXPERIMENTAL: This feature is subject to change.\\n\\n\\nRemoteAdmin enables and configures remote administration. If enabled,\\na secure listener enforcing mutual TLS authentication will be started\\non a different port from the standard plaintext admin server.\\n\\nThis endpoint is secured using identity management, which must be\\nconfigured separately (because identity management does not depend\\non remote administration). See the admin/identity config struct.\\n\\nEXPERIMENTAL: Subject to change.\"\n }\n ],\n \"doc\": \"AdminConfig configures Caddy's API endpoint, which is used\\nto manage Caddy while it is running.\\n\"\n },\n \"doc\": \"AdminConfig configures Caddy's API endpoint, which is used\\nto manage Caddy while it is running.\\n\"\n },\n {\n \"key\": \"logging\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.Logging\",\n \"struct_fields\": [\n {\n \"key\": \"sink\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.StandardLibLog\",\n \"struct_fields\": [\n {\n \"key\": \"writer\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The module that writes out log entries for the sink.\",\n \"module_namespace\": \"caddy.logging.writers\",\n \"module_inline_key\": \"output\"\n },\n \"doc\": \"The module that writes out log entries for the sink.\"\n }\n ],\n \"doc\": \"Sink is the destination for all unstructured logs emitted\\nfrom Go's standard library logger. These logs are common\\nin dependencies that are not designed specifically for use\\nin Caddy. Because it is global and unstructured, the sink\\nlacks most advanced features and customizations.\\n\\n\\nStandardLibLog configures the default Go standard library\\nglobal logger in the log package. This is necessary because\\nmodule dependencies which are not built specifically for\\nCaddy will use the standard logger. This is also known as\\nthe \\\"sink\\\" logger.\"\n },\n \"doc\": \"Sink is the destination for all unstructured logs emitted\\nfrom Go's standard library logger. These logs are common\\nin dependencies that are not designed specifically for use\\nin Caddy. Because it is global and unstructured, the sink\\nlacks most advanced features and customizations.\\n\\n\\nStandardLibLog configures the default Go standard library\\nglobal logger in the log package. This is necessary because\\nmodule dependencies which are not built specifically for\\nCaddy will use the standard logger. This is also known as\\nthe \\\"sink\\\" logger.\"\n },\n {\n \"key\": \"logs\",\n \"value\": {\n \"type\": \"map\",\n \"map_keys\": {\n \"type\": \"string\"\n },\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.CustomLog\",\n \"struct_fields\": [\n {\n \"key\": \"writer\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The writer defines where log entries are emitted.\",\n \"module_namespace\": \"caddy.logging.writers\",\n \"module_inline_key\": \"output\"\n },\n \"doc\": \"The writer defines where log entries are emitted.\"\n },\n {\n \"key\": \"encoder\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The encoder is how the log entries are formatted or encoded.\",\n \"module_namespace\": \"caddy.logging.encoders\",\n \"module_inline_key\": \"format\"\n },\n \"doc\": \"The encoder is how the log entries are formatted or encoded.\"\n },\n {\n \"key\": \"level\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"Level is the minimum level to emit, and is inclusive.\\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL\"\n },\n \"doc\": \"Level is the minimum level to emit, and is inclusive.\\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL\"\n },\n {\n \"key\": \"sampling\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.LogSampling\",\n \"struct_fields\": [\n {\n \"key\": \"interval\",\n \"value\": {\n \"type\": \"int\",\n \"type_name\": \"time.Duration\",\n \"doc\": \"The window over which to conduct sampling.\\n\\n\\nA Duration represents the elapsed time between two instants\\nas an int64 nanosecond count. The representation limits the\\nlargest representable duration to approximately 290 years.\"\n },\n \"doc\": \"The window over which to conduct sampling.\\n\\n\\nA Duration represents the elapsed time between two instants\\nas an int64 nanosecond count. The representation limits the\\nlargest representable duration to approximately 290 years.\"\n },\n {\n \"key\": \"first\",\n \"value\": {\n \"type\": \"int\",\n \"doc\": \"Log this many entries within a given level and\\nmessage for each interval.\"\n },\n \"doc\": \"Log this many entries within a given level and\\nmessage for each interval.\"\n },\n {\n \"key\": \"thereafter\",\n \"value\": {\n \"type\": \"int\",\n \"doc\": \"If more entries with the same level and message\\nare seen during the same interval, keep one in\\nthis many entries until the end of the interval.\"\n },\n \"doc\": \"If more entries with the same level and message\\nare seen during the same interval, keep one in\\nthis many entries until the end of the interval.\"\n }\n ],\n \"doc\": \"Sampling configures log entry sampling. If enabled,\\nonly some log entries will be emitted. This is useful\\nfor improving performance on extremely high-pressure\\nservers.\\n\\n\\nLogSampling configures log entry sampling.\"\n },\n \"doc\": \"Sampling configures log entry sampling. If enabled,\\nonly some log entries will be emitted. This is useful\\nfor improving performance on extremely high-pressure\\nservers.\\n\\n\\nLogSampling configures log entry sampling.\"\n },\n {\n \"key\": \"include\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Include defines the names of loggers to emit in this\\nlog. For example, to include only logs emitted by the\\nadmin API, you would include \\\"admin.api\\\".\"\n }\n },\n \"doc\": \"Include defines the names of loggers to emit in this\\nlog. For example, to include only logs emitted by the\\nadmin API, you would include \\\"admin.api\\\".\"\n },\n {\n \"key\": \"exclude\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Exclude defines the names of loggers that should be\\nskipped by this log. For example, to exclude only\\nHTTP access logs, you would exclude \\\"http.log.access\\\".\"\n }\n },\n \"doc\": \"Exclude defines the names of loggers that should be\\nskipped by this log. For example, to exclude only\\nHTTP access logs, you would exclude \\\"http.log.access\\\".\"\n }\n ],\n \"doc\": \"Logs are your logs, keyed by an arbitrary name of your\\nchoosing. The default log can be customized by defining\\na log called \\\"default\\\". You can further define other logs\\nand filter what kinds of entries they accept.\\n\\n\\nCustomLog represents a custom logger configuration.\\n\\nBy default, a log will emit all log entries. Some entries\\nwill be skipped if sampling is enabled. Further, the Include\\nand Exclude parameters define which loggers (by name) are\\nallowed or rejected from emitting in this log. If both Include\\nand Exclude are populated, their values must be mutually\\nexclusive, and longer namespaces have priority. If neither\\nare populated, all logs are emitted.\"\n }\n },\n \"doc\": \"Logs are your logs, keyed by an arbitrary name of your\\nchoosing. The default log can be customized by defining\\na log called \\\"default\\\". You can further define other logs\\nand filter what kinds of entries they accept.\\n\\n\\nCustomLog represents a custom logger configuration.\\n\\nBy default, a log will emit all log entries. Some entries\\nwill be skipped if sampling is enabled. Further, the Include\\nand Exclude parameters define which loggers (by name) are\\nallowed or rejected from emitting in this log. If both Include\\nand Exclude are populated, their values must be mutually\\nexclusive, and longer namespaces have priority. If neither\\nare populated, all logs are emitted.\"\n }\n ],\n \"doc\": \"Logging facilitates logging within Caddy. The default log is\\ncalled \\\"default\\\" and you can customize it. You can also define\\nadditional logs.\\n\\nBy default, all logs at INFO level and higher are written to\\nstandard error (\\\"stderr\\\" writer) in a human-readable format\\n(\\\"console\\\" encoder if stdout is an interactive terminal, \\\"json\\\"\\nencoder otherwise).\\n\\nAll defined logs accept all log entries by default, but you\\ncan filter by level and module/logger names. A logger's name\\nis the same as the module's name, but a module may append to\\nlogger names for more specificity. For example, you can\\nfilter logs emitted only by HTTP handlers using the name\\n\\\"http.handlers\\\", because all HTTP handler module names have\\nthat prefix.\\n\\nCaddy logs (except the sink) are zero-allocation, so they are\\nvery high-performing in terms of memory and CPU time. Enabling\\nsampling can further increase throughput on extremely high-load\\nservers.\\n\"\n },\n \"doc\": \"Logging facilitates logging within Caddy. The default log is\\ncalled \\\"default\\\" and you can customize it. You can also define\\nadditional logs.\\n\\nBy default, all logs at INFO level and higher are written to\\nstandard error (\\\"stderr\\\" writer) in a human-readable format\\n(\\\"console\\\" encoder if stdout is an interactive terminal, \\\"json\\\"\\nencoder otherwise).\\n\\nAll defined logs accept all log entries by default, but you\\ncan filter by level and module/logger names. A logger's name\\nis the same as the module's name, but a module may append to\\nlogger names for more specificity. For example, you can\\nfilter logs emitted only by HTTP handlers using the name\\n\\\"http.handlers\\\", because all HTTP handler module names have\\nthat prefix.\\n\\nCaddy logs (except the sink) are zero-allocation, so they are\\nvery high-performing in terms of memory and CPU time. Enabling\\nsampling can further increase throughput on extremely high-load\\nservers.\\n\"\n },\n {\n \"key\": \"storage\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"StorageRaw is a storage module that defines how/where Caddy\\nstores assets (such as TLS certificates). The default storage\\nmodule is `caddy.storage.file_system` (the local file system),\\nand the default path\\n[depends on the OS and environment](/docs/conventions#data-directory).\",\n \"module_namespace\": \"caddy.storage\",\n \"module_inline_key\": \"module\"\n },\n \"doc\": \"StorageRaw is a storage module that defines how/where Caddy\\nstores assets (such as TLS certificates). The default storage\\nmodule is `caddy.storage.file_system` (the local file system),\\nand the default path\\n[depends on the OS and environment](/docs/conventions#data-directory).\"\n },\n {\n \"key\": \"apps\",\n \"value\": {\n \"type\": \"module_map\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.ModuleMap\",\n \"doc\": \"AppsRaw are the apps that Caddy will load and run. The\\napp module name is the key, and the app's config is the\\nassociated value.\\n\\n\\nModuleMap is a map that can contain multiple modules,\\nwhere the map key is the module's name. (The namespace\\nis usually read from an associated field's struct tag.)\\nBecause the module's name is given as the key in a\\nmodule map, the name does not have to be given in the\\njson.RawMessage.\",\n \"module_namespace\": \"\"\n },\n \"doc\": \"AppsRaw are the apps that Caddy will load and run. The\\napp module name is the key, and the app's config is the\\nassociated value.\\n\\n\\nModuleMap is a map that can contain multiple modules,\\nwhere the map key is the module's name. (The namespace\\nis usually read from an associated field's struct tag.)\\nBecause the module's name is given as the key in a\\nmodule map, the name does not have to be given in the\\njson.RawMessage.\"\n }\n ],\n \"doc\": \"Config is the top (or beginning) of the Caddy configuration structure.\\nCaddy config is expressed natively as a JSON document. If you prefer\\nnot to work with JSON directly, there are [many config adapters](/docs/config-adapters)\\navailable that can convert various inputs into Caddy JSON.\\n\\nMany parts of this config are extensible through the use of Caddy modules.\\nFields which have a json.RawMessage type and which appear as dots (•••) in\\nthe online docs can be fulfilled by modules in a certain module\\nnamespace. The docs show which modules can be used in a given place.\\n\\nWhenever a module is used, its name must be given either inline as part of\\nthe module, or as the key to the module's value. The docs will make it clear\\nwhich to use.\\n\\nGenerally, all config settings are optional, as it is Caddy convention to\\nhave good, documented default values. If a parameter is required, the docs\\nshould say so.\\n\\nGo programs which are directly building a Config struct value should take\\ncare to populate the JSON-encodable fields of the struct (i.e. the fields\\nwith `json` struct tags) if employing the module lifecycle (e.g. Provision\\nmethod calls).\\n\"\n },\n \"namespaces\": {\n \"\": [\n {\n \"name\": \"exec\",\n \"docs\": \"exec is top level module that runs shell commands.\",\n \"package\": \"github.com/abiosoft/caddy-exec\",\n \"repo\": \"https://github.com/abiosoft/caddy-exec\"\n },\n {\n \"name\": \"supervisor\",\n \"package\": \"github.com/baldinof/caddy-supervisor\",\n \"repo\": \"https://github.com/baldinof/caddy-supervisor\"\n },\n {\n \"name\": \"http\",\n \"docs\": \"http is a robust, production-ready HTTP server.\\n\\nHTTPS is enabled by default if host matchers with qualifying names are used\\nin any of routes; certificates are automatically provisioned and renewed.\\nAdditionally, automatic HTTPS will also enable HTTPS for servers that listen\\nonly on the HTTPS port but which do not have any TLS connection policies\\ndefined by adding a good, default TLS connection policy.\\n\\nIn HTTP routes, additional placeholders are available (replace any `*`):\\n\\nPlaceholder | Description\\n------------|---------------\\n`{http.request.body}` | The request body (⚠️ inefficient; use only for debugging)\\n`{http.request.cookie.*}` | HTTP request cookie\\n`{http.request.duration}` | Time up to now spent handling the request (after decoding headers from client)\\n`{http.request.header.*}` | Specific request header field\\n`{http.request.host.labels.*}` | Request host labels (0-based from right); e.g. for foo.example.com: 0=com, 1=example, 2=foo\\n`{http.request.host}` | The host part of the request's Host header\\n`{http.request.hostport}` | The host and port from the request's Host header\\n`{http.request.method}` | The request method\\n`{http.request.orig_method}` | The request's original method\\n`{http.request.orig_uri.path.dir}` | The request's original directory\\n`{http.request.orig_uri.path.file}` | The request's original filename\\n`{http.request.orig_uri.path}` | The request's original path\\n`{http.request.orig_uri.query}` | The request's original query string (without `?`)\\n`{http.request.orig_uri}` | The request's original URI\\n`{http.request.port}` | The port part of the request's Host header\\n`{http.request.proto}` | The protocol of the request\\n`{http.request.remote.host}` | The host part of the remote client's address\\n`{http.request.remote.port}` | The port part of the remote client's address\\n`{http.request.remote}` | The address of the remote client\\n`{http.request.scheme}` | The request scheme\\n`{http.request.tls.version}` | The TLS version name\\n`{http.request.tls.cipher_suite}` | The TLS cipher suite\\n`{http.request.tls.resumed}` | The TLS connection resumed a previous connection\\n`{http.request.tls.proto}` | The negotiated next protocol\\n`{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server\\n`{http.request.tls.server_name}` | The server name requested by the client, if any\\n`{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate\\n`{http.request.tls.client.public_key}` | The public key of the client certificate.\\n`{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.\\n`{http.request.tls.client.certificate_pem}` | The PEM-encoded value of the certificate.\\n`{http.request.tls.client.certificate_der_base64}` | The base64-encoded value of the certificate.\\n`{http.request.tls.client.issuer}` | The issuer DN of the client certificate\\n`{http.request.tls.client.serial}` | The serial number of the client certificate\\n`{http.request.tls.client.subject}` | The subject DN of the client certificate\\n`{http.request.tls.client.san.dns_names.*}` | SAN DNS names(index optional)\\n`{http.request.tls.client.san.emails.*}` | SAN email addresses (index optional)\\n`{http.request.tls.client.san.ips.*}` | SAN IP addresses (index optional)\\n`{http.request.tls.client.san.uris.*}` | SAN URIs (index optional)\\n`{http.request.uri.path.*}` | Parts of the path, split by `/` (0-based from left)\\n`{http.request.uri.path.dir}` | The directory, excluding leaf filename\\n`{http.request.uri.path.file}` | The filename of the path, excluding directory\\n`{http.request.uri.path}` | The path component of the request URI\\n`{http.request.uri.query.*}` | Individual query string value\\n`{http.request.uri.query}` | The query string (without `?`)\\n`{http.request.uri}` | The full request URI\\n`{http.response.header.*}` | Specific response header field\\n`{http.vars.*}` | Custom variables in the HTTP handler chain\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"pki\",\n \"docs\": \"pki provides Public Key Infrastructure facilities for Caddy.\\n\\nThis app can define certificate authorities (CAs) which are capable\\nof signing certificates. Other modules can be configured to use\\nthe CAs defined by this app for issuing certificates or getting\\nkey information needed for establishing trust.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddypki\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"tls\",\n \"docs\": \"tls provides TLS facilities including certificate\\nloading and management, client auth, and more.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"security\",\n \"docs\": \"security implements security manager.\",\n \"package\": \"github.com/greenpau/caddy-security\",\n \"repo\": \"https://github.com/greenpau/caddy-security\"\n },\n {\n \"name\": \"crowdsec\",\n \"docs\": \"crowdsec is a Caddy App that functions as a CrowdSec bouncer. It acts\\nas a CrowdSec API client as well as a local cache for CrowdSec decisions,\\nwhich can be used by the HTTP handler and Layer4 matcher to decide if\\na request or connection is allowed or not.\",\n \"package\": \"github.com/hslatman/caddy-crowdsec-bouncer/crowdsec\",\n \"repo\": \"https://github.com/hslatman/caddy-crowdsec-bouncer\"\n },\n {\n \"name\": \"dynamic_dns\",\n \"docs\": \"dynamic_dns is a Caddy app that keeps your DNS records updated with the public\\nIP address of your instance. It updates A and AAAA records.\",\n \"package\": \"github.com/mholt/caddy-dynamicdns\",\n \"repo\": \"https://github.com/mholt/caddy-dynamicdns\"\n },\n {\n \"name\": \"layer4\",\n \"docs\": \"layer4 is a Caddy app that operates closest to layer 4 of the OSI model.\",\n \"package\": \"github.com/mholt/caddy-l4/layer4\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"caddy.config_loaders\": [\n {\n \"name\": \"http\",\n \"docs\": \"http can load Caddy configs over HTTP(S). It can adapt the config\\nbased on the Content-Type header of the HTTP response.\",\n \"package\": \"github.com/caddyserver/caddy/v2/caddyconfig\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders\": [\n {\n \"name\": \"console\",\n \"docs\": \"console encodes log entries that are mostly human-readable.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"filter\",\n \"docs\": \"filter can filter (manipulate) fields on\\nlog entries before they are actually encoded by\\nan underlying encoder.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"json\",\n \"docs\": \"json encodes entries as JSON.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"logfmt\",\n \"docs\": \"logfmt encodes log entries as logfmt:\\nhttps://www.brandur.org/logfmt\\n\\nNote that logfmt does not encode nested structures\\nproperly, so it is not a good fit for most logs.\\n\\n⚠️ DEPRECATED. Do not use. It will eventually be removed\\nfrom the standard Caddy modules. For more information,\\nsee https://github.com/caddyserver/caddy/issues/3575.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"single_field\",\n \"docs\": \"single_field writes a log entry that consists entirely\\nof a single string field in the log entry. This is useful\\nfor custom, self-encoded log entries that consist of a\\nsingle field in the structured log entry.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"formatted\",\n \"docs\": \"formatted allows the user to provide custom template for log prints. The\\nencoder builds atop the json encoder, thus it follows its message structure. The placeholders\\nare namespaced by the name of the app logging the message.\",\n \"package\": \"github.com/caddyserver/format-encoder\",\n \"repo\": \"https://github.com/caddyserver/format-encoder\"\n }\n ],\n \"caddy.logging.writers\": [\n {\n \"name\": \"discard\",\n \"docs\": \"discard discards all writes.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"stderr\",\n \"docs\": \"stderr writes logs to standard error.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"stdout\",\n \"docs\": \"stdout writes logs to standard out.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"file\",\n \"docs\": \"file can write logs to files. By default, log files\\nare rotated (\\\"rolled\\\") when they get large, and old log\\nfiles get deleted, to ensure that the process does not\\nexhaust disk space.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"net\",\n \"docs\": \"net implements a log writer that outputs to a network socket. If\\nthe socket goes down, it will dump logs to stderr while it attempts to\\nreconnect.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.storage\": [\n {\n \"name\": \"file_system\",\n \"docs\": \"file_system is a certmagic.Storage wrapper for certmagic.FileStorage.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/filestorage\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"redis\",\n \"docs\": \"redis contain Redis client, and plugin option\",\n \"package\": \"github.com/gamalan/caddy-tlsredis\",\n \"repo\": \"https://github.com/gamalan/caddy-tlsredis\"\n },\n {\n \"name\": \"consul\",\n \"docs\": \"consul allows to store certificates and other TLS resources\\nin a shared cluster environment using Consul's key/value-store.\\nIt uses distributed locks to ensure consistency.\",\n \"package\": \"github.com/pteich/caddy-tlsconsul\",\n \"repo\": \"https://github.com/pteich/caddy-tlsconsul\"\n },\n {\n \"name\": \"consul\",\n \"docs\": \"consul holds all parameters for the Consul connection\",\n \"package\": \"github.com/pteich/caddy-tlsconsul\",\n \"repo\": \"https://github.com/pteich/caddy-tlsconsul\"\n },\n {\n \"name\": \"dynamodb\",\n \"docs\": \"dynamodb implements certmagic.Storage to facilitate\\nstorage of certificates in DynamoDB for a clustered environment.\\nAlso implements certmagic.Locker to facilitate locking\\nand unlocking of cert data during storage\",\n \"package\": \"github.com/silinternational/certmagic-storage-dynamodb/v2\",\n \"repo\": \"https://github.com/silinternational/certmagic-storage-dynamodb\"\n },\n {\n \"name\": \"s3\",\n \"package\": \"github.com/ss098/certmagic-s3\",\n \"repo\": \"https://github.com/ss098/certmagic-s3\"\n },\n {\n \"name\": \"s3\",\n \"package\": \"github.com/techknowlogick/certmagic-s3\",\n \"repo\": \"https://github.com/techknowlogick/certmagic-s3\"\n }\n ],\n \"tls.issuance\": [\n {\n \"name\": \"acme\",\n \"docs\": \"acme manages certificates using the ACME protocol (RFC 8555).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"internal\",\n \"docs\": \"internal is a certificate issuer that generates\\ncertificates internally using a locally-configured\\nCA which can be customized using the `pki` app.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n },\n {\n \"name\": \"zerossl\",\n \"docs\": \"zerossl makes an ACME manager\\nfor managing certificates using ACME.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ]\n },\n \"breadcrumb\": {\n \"\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.Config\",\n \"struct_fields\": [\n {\n \"key\": \"admin\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminConfig\",\n \"struct_fields\": [\n {\n \"key\": \"disabled\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"If true, the admin endpoint will be completely disabled.\\nNote that this makes any runtime changes to the config\\nimpossible, since the interface to do so is through the\\nadmin endpoint.\"\n },\n \"doc\": \"If true, the admin endpoint will be completely disabled.\\nNote that this makes any runtime changes to the config\\nimpossible, since the interface to do so is through the\\nadmin endpoint.\"\n },\n {\n \"key\": \"listen\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"The address to which the admin endpoint's listener should\\nbind itself. Can be any single network address that can be\\nparsed by Caddy. Default: localhost:2019\"\n },\n \"doc\": \"The address to which the admin endpoint's listener should\\nbind itself. Can be any single network address that can be\\nparsed by Caddy. Default: localhost:2019\"\n },\n {\n \"key\": \"enforce_origin\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"If true, CORS headers will be emitted, and requests to the\\nAPI will be rejected if their `Host` and `Origin` headers\\ndo not match the expected value(s). Use `origins` to\\ncustomize which origins/hosts are allowed. If `origins` is\\nnot set, the listen address is the only value allowed by\\ndefault. Enforced only on local (plaintext) endpoint.\"\n },\n \"doc\": \"If true, CORS headers will be emitted, and requests to the\\nAPI will be rejected if their `Host` and `Origin` headers\\ndo not match the expected value(s). Use `origins` to\\ncustomize which origins/hosts are allowed. If `origins` is\\nnot set, the listen address is the only value allowed by\\ndefault. Enforced only on local (plaintext) endpoint.\"\n },\n {\n \"key\": \"origins\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The list of allowed origins/hosts for API requests. Only needed\\nif accessing the admin endpoint from a host different from the\\nsocket's network interface or if `enforce_origin` is true. If not\\nset, the listener address will be the default value. If set but\\nempty, no origins will be allowed. Enforced only on local\\n(plaintext) endpoint.\"\n }\n },\n \"doc\": \"The list of allowed origins/hosts for API requests. Only needed\\nif accessing the admin endpoint from a host different from the\\nsocket's network interface or if `enforce_origin` is true. If not\\nset, the listener address will be the default value. If set but\\nempty, no origins will be allowed. Enforced only on local\\n(plaintext) endpoint.\"\n },\n {\n \"key\": \"config\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.ConfigSettings\",\n \"struct_fields\": [\n {\n \"key\": \"persist\",\n \"value\": {\n \"type\": \"bool\",\n \"doc\": \"Whether to keep a copy of the active config on disk. Default is true.\\nNote that \\\"pulled\\\" dynamic configs (using the neighboring \\\"load\\\" module)\\nare not persisted; only configs that are pushed to Caddy get persisted.\"\n },\n \"doc\": \"Whether to keep a copy of the active config on disk. Default is true.\\nNote that \\\"pulled\\\" dynamic configs (using the neighboring \\\"load\\\" module)\\nare not persisted; only configs that are pushed to Caddy get persisted.\"\n },\n {\n \"key\": \"load\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"Loads a configuration to use. This is helpful if your configs are\\nmanaged elsewhere, and you want Caddy to pull its config dynamically\\nwhen it starts. The pulled config completely replaces the current\\none, just like any other config load. It is an error if a pulled\\nconfig is configured to pull another config.\\n\\nEXPERIMENTAL: Subject to change.\",\n \"module_namespace\": \"caddy.config_loaders\",\n \"module_inline_key\": \"module\"\n },\n \"doc\": \"Loads a configuration to use. This is helpful if your configs are\\nmanaged elsewhere, and you want Caddy to pull its config dynamically\\nwhen it starts. The pulled config completely replaces the current\\none, just like any other config load. It is an error if a pulled\\nconfig is configured to pull another config.\\n\\nEXPERIMENTAL: Subject to change.\"\n }\n ],\n \"doc\": \"Options pertaining to configuration management.\\n\\n\\nConfigSettings configures the management of configuration.\"\n },\n \"doc\": \"Options pertaining to configuration management.\\n\\n\\nConfigSettings configures the management of configuration.\"\n },\n {\n \"key\": \"identity\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.IdentityConfig\",\n \"struct_fields\": [\n {\n \"key\": \"identifiers\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"List of names or IP addresses which refer to this server.\\nCertificates will be obtained for these identifiers so\\nsecure TLS connections can be made using them.\"\n }\n },\n \"doc\": \"List of names or IP addresses which refer to this server.\\nCertificates will be obtained for these identifiers so\\nsecure TLS connections can be made using them.\"\n },\n {\n \"key\": \"issuers\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"module\",\n \"doc\": \"Issuers that can provide this admin endpoint its identity\\ncertificate(s). Default: ACME issuers configured for\\nZeroSSL and Let's Encrypt. Be sure to change this if you\\nrequire credentials for private identifiers.\",\n \"module_namespace\": \"tls.issuance\",\n \"module_inline_key\": \"module\"\n }\n },\n \"doc\": \"Issuers that can provide this admin endpoint its identity\\ncertificate(s). Default: ACME issuers configured for\\nZeroSSL and Let's Encrypt. Be sure to change this if you\\nrequire credentials for private identifiers.\"\n }\n ],\n \"doc\": \"Options that establish this server's identity. Identity refers to\\ncredentials which can be used to uniquely identify and authenticate\\nthis server instance. This is required if remote administration is\\nenabled (but does not require remote administration to be enabled).\\nDefault: no identity management.\\n\\n\\nIdentityConfig configures management of this server's identity. An identity\\nconsists of credentials that uniquely verify this instance; for example,\\nTLS certificates (public + private key pairs).\"\n },\n \"doc\": \"Options that establish this server's identity. Identity refers to\\ncredentials which can be used to uniquely identify and authenticate\\nthis server instance. This is required if remote administration is\\nenabled (but does not require remote administration to be enabled).\\nDefault: no identity management.\\n\\n\\nIdentityConfig configures management of this server's identity. An identity\\nconsists of credentials that uniquely verify this instance; for example,\\nTLS certificates (public + private key pairs).\"\n },\n {\n \"key\": \"remote\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.RemoteAdmin\",\n \"struct_fields\": [\n {\n \"key\": \"listen\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"The address on which to start the secure listener.\\nDefault: :2021\"\n },\n \"doc\": \"The address on which to start the secure listener.\\nDefault: :2021\"\n },\n {\n \"key\": \"access_control\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminAccess\",\n \"struct_fields\": [\n {\n \"key\": \"public_keys\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Base64-encoded DER certificates containing public keys to accept.\\n(The contents of PEM certificate blocks are base64-encoded DER.)\\nAny of these public keys can appear in any part of a verified chain.\"\n }\n },\n \"doc\": \"Base64-encoded DER certificates containing public keys to accept.\\n(The contents of PEM certificate blocks are base64-encoded DER.)\\nAny of these public keys can appear in any part of a verified chain.\"\n },\n {\n \"key\": \"permissions\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.AdminPermissions\",\n \"struct_fields\": [\n {\n \"key\": \"paths\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The API paths allowed. Paths are simple prefix matches.\\nAny subpath of the specified paths will be allowed.\"\n }\n },\n \"doc\": \"The API paths allowed. Paths are simple prefix matches.\\nAny subpath of the specified paths will be allowed.\"\n },\n {\n \"key\": \"methods\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"The HTTP methods allowed for the given paths.\"\n }\n },\n \"doc\": \"The HTTP methods allowed for the given paths.\"\n }\n ],\n \"doc\": \"Limits what the associated identities are allowed to do.\\nIf unspecified, all permissions are granted.\\n\\n\\nAdminPermissions specifies what kinds of requests are allowed\\nto be made to the admin endpoint.\"\n }\n },\n \"doc\": \"Limits what the associated identities are allowed to do.\\nIf unspecified, all permissions are granted.\\n\\n\\nAdminPermissions specifies what kinds of requests are allowed\\nto be made to the admin endpoint.\"\n }\n ],\n \"doc\": \"List of access controls for this secure admin endpoint.\\nThis configures TLS mutual authentication (i.e. authorized\\nclient certificates), but also application-layer permissions\\nlike which paths and methods each identity is authorized for.\\n\\n\\nAdminAccess specifies what permissions an identity or group\\nof identities are granted.\"\n }\n },\n \"doc\": \"List of access controls for this secure admin endpoint.\\nThis configures TLS mutual authentication (i.e. authorized\\nclient certificates), but also application-layer permissions\\nlike which paths and methods each identity is authorized for.\\n\\n\\nAdminAccess specifies what permissions an identity or group\\nof identities are granted.\"\n }\n ],\n \"doc\": \"Options pertaining to remote administration. By default, remote\\nadministration is disabled. If enabled, identity management must\\nalso be configured, as that is how the endpoint is secured.\\nSee the neighboring \\\"identity\\\" object.\\n\\nEXPERIMENTAL: This feature is subject to change.\\n\\n\\nRemoteAdmin enables and configures remote administration. If enabled,\\na secure listener enforcing mutual TLS authentication will be started\\non a different port from the standard plaintext admin server.\\n\\nThis endpoint is secured using identity management, which must be\\nconfigured separately (because identity management does not depend\\non remote administration). See the admin/identity config struct.\\n\\nEXPERIMENTAL: Subject to change.\"\n },\n \"doc\": \"Options pertaining to remote administration. By default, remote\\nadministration is disabled. If enabled, identity management must\\nalso be configured, as that is how the endpoint is secured.\\nSee the neighboring \\\"identity\\\" object.\\n\\nEXPERIMENTAL: This feature is subject to change.\\n\\n\\nRemoteAdmin enables and configures remote administration. If enabled,\\na secure listener enforcing mutual TLS authentication will be started\\non a different port from the standard plaintext admin server.\\n\\nThis endpoint is secured using identity management, which must be\\nconfigured separately (because identity management does not depend\\non remote administration). See the admin/identity config struct.\\n\\nEXPERIMENTAL: Subject to change.\"\n }\n ],\n \"doc\": \"AdminConfig configures Caddy's API endpoint, which is used\\nto manage Caddy while it is running.\\n\"\n },\n \"doc\": \"AdminConfig configures Caddy's API endpoint, which is used\\nto manage Caddy while it is running.\\n\"\n },\n {\n \"key\": \"logging\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.Logging\",\n \"struct_fields\": [\n {\n \"key\": \"sink\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.StandardLibLog\",\n \"struct_fields\": [\n {\n \"key\": \"writer\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The module that writes out log entries for the sink.\",\n \"module_namespace\": \"caddy.logging.writers\",\n \"module_inline_key\": \"output\"\n },\n \"doc\": \"The module that writes out log entries for the sink.\"\n }\n ],\n \"doc\": \"Sink is the destination for all unstructured logs emitted\\nfrom Go's standard library logger. These logs are common\\nin dependencies that are not designed specifically for use\\nin Caddy. Because it is global and unstructured, the sink\\nlacks most advanced features and customizations.\\n\\n\\nStandardLibLog configures the default Go standard library\\nglobal logger in the log package. This is necessary because\\nmodule dependencies which are not built specifically for\\nCaddy will use the standard logger. This is also known as\\nthe \\\"sink\\\" logger.\"\n },\n \"doc\": \"Sink is the destination for all unstructured logs emitted\\nfrom Go's standard library logger. These logs are common\\nin dependencies that are not designed specifically for use\\nin Caddy. Because it is global and unstructured, the sink\\nlacks most advanced features and customizations.\\n\\n\\nStandardLibLog configures the default Go standard library\\nglobal logger in the log package. This is necessary because\\nmodule dependencies which are not built specifically for\\nCaddy will use the standard logger. This is also known as\\nthe \\\"sink\\\" logger.\"\n },\n {\n \"key\": \"logs\",\n \"value\": {\n \"type\": \"map\",\n \"map_keys\": {\n \"type\": \"string\"\n },\n \"elems\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.CustomLog\",\n \"struct_fields\": [\n {\n \"key\": \"writer\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The writer defines where log entries are emitted.\",\n \"module_namespace\": \"caddy.logging.writers\",\n \"module_inline_key\": \"output\"\n },\n \"doc\": \"The writer defines where log entries are emitted.\"\n },\n {\n \"key\": \"encoder\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"The encoder is how the log entries are formatted or encoded.\",\n \"module_namespace\": \"caddy.logging.encoders\",\n \"module_inline_key\": \"format\"\n },\n \"doc\": \"The encoder is how the log entries are formatted or encoded.\"\n },\n {\n \"key\": \"level\",\n \"value\": {\n \"type\": \"string\",\n \"doc\": \"Level is the minimum level to emit, and is inclusive.\\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL\"\n },\n \"doc\": \"Level is the minimum level to emit, and is inclusive.\\nPossible levels: DEBUG, INFO, WARN, ERROR, PANIC, and FATAL\"\n },\n {\n \"key\": \"sampling\",\n \"value\": {\n \"type\": \"struct\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.LogSampling\",\n \"struct_fields\": [\n {\n \"key\": \"interval\",\n \"value\": {\n \"type\": \"int\",\n \"type_name\": \"time.Duration\",\n \"doc\": \"The window over which to conduct sampling.\\n\\n\\nA Duration represents the elapsed time between two instants\\nas an int64 nanosecond count. The representation limits the\\nlargest representable duration to approximately 290 years.\"\n },\n \"doc\": \"The window over which to conduct sampling.\\n\\n\\nA Duration represents the elapsed time between two instants\\nas an int64 nanosecond count. The representation limits the\\nlargest representable duration to approximately 290 years.\"\n },\n {\n \"key\": \"first\",\n \"value\": {\n \"type\": \"int\",\n \"doc\": \"Log this many entries within a given level and\\nmessage for each interval.\"\n },\n \"doc\": \"Log this many entries within a given level and\\nmessage for each interval.\"\n },\n {\n \"key\": \"thereafter\",\n \"value\": {\n \"type\": \"int\",\n \"doc\": \"If more entries with the same level and message\\nare seen during the same interval, keep one in\\nthis many entries until the end of the interval.\"\n },\n \"doc\": \"If more entries with the same level and message\\nare seen during the same interval, keep one in\\nthis many entries until the end of the interval.\"\n }\n ],\n \"doc\": \"Sampling configures log entry sampling. If enabled,\\nonly some log entries will be emitted. This is useful\\nfor improving performance on extremely high-pressure\\nservers.\\n\\n\\nLogSampling configures log entry sampling.\"\n },\n \"doc\": \"Sampling configures log entry sampling. If enabled,\\nonly some log entries will be emitted. This is useful\\nfor improving performance on extremely high-pressure\\nservers.\\n\\n\\nLogSampling configures log entry sampling.\"\n },\n {\n \"key\": \"include\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Include defines the names of loggers to emit in this\\nlog. For example, to include only logs emitted by the\\nadmin API, you would include \\\"admin.api\\\".\"\n }\n },\n \"doc\": \"Include defines the names of loggers to emit in this\\nlog. For example, to include only logs emitted by the\\nadmin API, you would include \\\"admin.api\\\".\"\n },\n {\n \"key\": \"exclude\",\n \"value\": {\n \"type\": \"array\",\n \"elems\": {\n \"type\": \"string\",\n \"doc\": \"Exclude defines the names of loggers that should be\\nskipped by this log. For example, to exclude only\\nHTTP access logs, you would exclude \\\"http.log.access\\\".\"\n }\n },\n \"doc\": \"Exclude defines the names of loggers that should be\\nskipped by this log. For example, to exclude only\\nHTTP access logs, you would exclude \\\"http.log.access\\\".\"\n }\n ],\n \"doc\": \"Logs are your logs, keyed by an arbitrary name of your\\nchoosing. The default log can be customized by defining\\na log called \\\"default\\\". You can further define other logs\\nand filter what kinds of entries they accept.\\n\\n\\nCustomLog represents a custom logger configuration.\\n\\nBy default, a log will emit all log entries. Some entries\\nwill be skipped if sampling is enabled. Further, the Include\\nand Exclude parameters define which loggers (by name) are\\nallowed or rejected from emitting in this log. If both Include\\nand Exclude are populated, their values must be mutually\\nexclusive, and longer namespaces have priority. If neither\\nare populated, all logs are emitted.\"\n }\n },\n \"doc\": \"Logs are your logs, keyed by an arbitrary name of your\\nchoosing. The default log can be customized by defining\\na log called \\\"default\\\". You can further define other logs\\nand filter what kinds of entries they accept.\\n\\n\\nCustomLog represents a custom logger configuration.\\n\\nBy default, a log will emit all log entries. Some entries\\nwill be skipped if sampling is enabled. Further, the Include\\nand Exclude parameters define which loggers (by name) are\\nallowed or rejected from emitting in this log. If both Include\\nand Exclude are populated, their values must be mutually\\nexclusive, and longer namespaces have priority. If neither\\nare populated, all logs are emitted.\"\n }\n ],\n \"doc\": \"Logging facilitates logging within Caddy. The default log is\\ncalled \\\"default\\\" and you can customize it. You can also define\\nadditional logs.\\n\\nBy default, all logs at INFO level and higher are written to\\nstandard error (\\\"stderr\\\" writer) in a human-readable format\\n(\\\"console\\\" encoder if stdout is an interactive terminal, \\\"json\\\"\\nencoder otherwise).\\n\\nAll defined logs accept all log entries by default, but you\\ncan filter by level and module/logger names. A logger's name\\nis the same as the module's name, but a module may append to\\nlogger names for more specificity. For example, you can\\nfilter logs emitted only by HTTP handlers using the name\\n\\\"http.handlers\\\", because all HTTP handler module names have\\nthat prefix.\\n\\nCaddy logs (except the sink) are zero-allocation, so they are\\nvery high-performing in terms of memory and CPU time. Enabling\\nsampling can further increase throughput on extremely high-load\\nservers.\\n\"\n },\n \"doc\": \"Logging facilitates logging within Caddy. The default log is\\ncalled \\\"default\\\" and you can customize it. You can also define\\nadditional logs.\\n\\nBy default, all logs at INFO level and higher are written to\\nstandard error (\\\"stderr\\\" writer) in a human-readable format\\n(\\\"console\\\" encoder if stdout is an interactive terminal, \\\"json\\\"\\nencoder otherwise).\\n\\nAll defined logs accept all log entries by default, but you\\ncan filter by level and module/logger names. A logger's name\\nis the same as the module's name, but a module may append to\\nlogger names for more specificity. For example, you can\\nfilter logs emitted only by HTTP handlers using the name\\n\\\"http.handlers\\\", because all HTTP handler module names have\\nthat prefix.\\n\\nCaddy logs (except the sink) are zero-allocation, so they are\\nvery high-performing in terms of memory and CPU time. Enabling\\nsampling can further increase throughput on extremely high-load\\nservers.\\n\"\n },\n {\n \"key\": \"storage\",\n \"value\": {\n \"type\": \"module\",\n \"doc\": \"StorageRaw is a storage module that defines how/where Caddy\\nstores assets (such as TLS certificates). The default storage\\nmodule is `caddy.storage.file_system` (the local file system),\\nand the default path\\n[depends on the OS and environment](/docs/conventions#data-directory).\",\n \"module_namespace\": \"caddy.storage\",\n \"module_inline_key\": \"module\"\n },\n \"doc\": \"StorageRaw is a storage module that defines how/where Caddy\\nstores assets (such as TLS certificates). The default storage\\nmodule is `caddy.storage.file_system` (the local file system),\\nand the default path\\n[depends on the OS and environment](/docs/conventions#data-directory).\"\n },\n {\n \"key\": \"apps\",\n \"value\": {\n \"type\": \"module_map\",\n \"type_name\": \"github.com/caddyserver/caddy/v2.ModuleMap\",\n \"doc\": \"AppsRaw are the apps that Caddy will load and run. The\\napp module name is the key, and the app's config is the\\nassociated value.\\n\\n\\nModuleMap is a map that can contain multiple modules,\\nwhere the map key is the module's name. (The namespace\\nis usually read from an associated field's struct tag.)\\nBecause the module's name is given as the key in a\\nmodule map, the name does not have to be given in the\\njson.RawMessage.\",\n \"module_namespace\": \"\"\n },\n \"doc\": \"AppsRaw are the apps that Caddy will load and run. The\\napp module name is the key, and the app's config is the\\nassociated value.\\n\\n\\nModuleMap is a map that can contain multiple modules,\\nwhere the map key is the module's name. (The namespace\\nis usually read from an associated field's struct tag.)\\nBecause the module's name is given as the key in a\\nmodule map, the name does not have to be given in the\\njson.RawMessage.\"\n }\n ],\n \"doc\": \"Config is the top (or beginning) of the Caddy configuration structure.\\nCaddy config is expressed natively as a JSON document. If you prefer\\nnot to work with JSON directly, there are [many config adapters](/docs/config-adapters)\\navailable that can convert various inputs into Caddy JSON.\\n\\nMany parts of this config are extensible through the use of Caddy modules.\\nFields which have a json.RawMessage type and which appear as dots (•••) in\\nthe online docs can be fulfilled by modules in a certain module\\nnamespace. The docs show which modules can be used in a given place.\\n\\nWhenever a module is used, its name must be given either inline as part of\\nthe module, or as the key to the module's value. The docs will make it clear\\nwhich to use.\\n\\nGenerally, all config settings are optional, as it is Caddy convention to\\nhave good, documented default values. If a parameter is required, the docs\\nshould say so.\\n\\nGo programs which are directly building a Config struct value should take\\ncare to populate the JSON-encodable fields of the struct (i.e. the fields\\nwith `json` struct tags) if employing the module lifecycle (e.g. Provision\\nmethod calls).\\n\"\n }\n },\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n}"
},
{
"path": "src/api/modules/index.json",
"content": "{\n \"status_code\": 200,\n \"result\": {\n \"admin.api.load\": [\n {\n \"name\": \"admin.api.load\",\n \"docs\": \"admin.api.load is a module that provides the /load endpoint\\nfor the Caddy admin API. The only reason it's not baked\\ninto the caddy package directly is because of the import\\nof the caddyconfig package for its GetAdapter function.\\nIf the caddy package depends on the caddyconfig package,\\nthen the caddyconfig package will not be able to import\\nthe caddy package, and it can more easily cause backward\\nedges in the dependency tree (i.e. import cycle).\\nFortunately, the admin API has first-class support for\\nadding endpoints from modules.\",\n \"package\": \"github.com/caddyserver/caddy/v2/caddyconfig\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"admin.api.metrics\": [\n {\n \"name\": \"admin.api.metrics\",\n \"docs\": \"admin.api.metrics is a module that serves a metrics endpoint so that any gathered\\nmetrics can be exposed for scraping. This module is not configurable, and\\nis permanently mounted to the admin API endpoint at \\\"/metrics\\\".\\nSee the Metrics module for a configurable endpoint that is usable if the\\nAdmin API is disabled.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/metrics\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"admin.api.reverse_proxy\": [\n {\n \"name\": \"admin.api.reverse_proxy\",\n \"docs\": \"admin.api.reverse_proxy is a module that provides the\\n/reverse_proxy/upstreams endpoint for the Caddy admin\\nAPI. This allows for checking the health of configured\\nreverse proxy upstreams in the pool.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.config_loaders.http\": [\n {\n \"name\": \"caddy.config_loaders.http\",\n \"docs\": \"caddy.config_loaders.http can load Caddy configs over HTTP(S). It can adapt the config\\nbased on the Content-Type header of the HTTP response.\",\n \"package\": \"github.com/caddyserver/caddy/v2/caddyconfig\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.listeners.proxy_protocol\": [\n {\n \"name\": \"caddy.listeners.proxy_protocol\",\n \"package\": \"github.com/mastercactapus/caddy2-proxyprotocol\",\n \"repo\": \"https://github.com/mastercactapus/caddy2-proxyprotocol\"\n }\n ],\n \"caddy.listeners.tls\": [\n {\n \"name\": \"caddy.listeners.tls\",\n \"docs\": \"caddy.listeners.tls is a no-op listener wrapper that marks\\nwhere the TLS listener should be in a chain of listener wrappers.\\nIt should only be used if another listener wrapper must be placed\\nin front of the TLS handshake.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.console\": [\n {\n \"name\": \"caddy.logging.encoders.console\",\n \"docs\": \"caddy.logging.encoders.console encodes log entries that are mostly human-readable.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.filter\": [\n {\n \"name\": \"caddy.logging.encoders.filter\",\n \"docs\": \"caddy.logging.encoders.filter can filter (manipulate) fields on\\nlog entries before they are actually encoded by\\nan underlying encoder.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.filter.basic_auth_user\": [\n {\n \"name\": \"caddy.logging.encoders.filter.basic_auth_user\",\n \"docs\": \"caddy.logging.encoders.filter.basic_auth_user is a Caddy log field filter that replaces the a base64 encoded authorization\\nheader with just the user name.\",\n \"package\": \"github.com/ueffel/caddy-basic-auth-filter\",\n \"repo\": \"https://github.com/ueffel/caddy-basic-auth-filter\"\n }\n ],\n \"caddy.logging.encoders.filter.delete\": [\n {\n \"name\": \"caddy.logging.encoders.filter.delete\",\n \"docs\": \"caddy.logging.encoders.filter.delete is a Caddy log field filter that\\ndeletes the field.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.filter.ip_mask\": [\n {\n \"name\": \"caddy.logging.encoders.filter.ip_mask\",\n \"docs\": \"caddy.logging.encoders.filter.ip_mask is a Caddy log field filter that\\nmasks IP addresses.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.filter.replace\": [\n {\n \"name\": \"caddy.logging.encoders.filter.replace\",\n \"docs\": \"caddy.logging.encoders.filter.replace is a Caddy log field filter that\\nreplaces the field with the indicated string.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.filter.tls_cipher\": [\n {\n \"name\": \"caddy.logging.encoders.filter.tls_cipher\",\n \"docs\": \"caddy.logging.encoders.filter.tls_cipher is Caddy log field filter that replaces the numeric TLS cipher_suite value with\\nthe string representation.\",\n \"package\": \"github.com/ueffel/caddy-tls-format\",\n \"repo\": \"https://github.com/ueffel/caddy-tls-format\"\n }\n ],\n \"caddy.logging.encoders.filter.tls_version\": [\n {\n \"name\": \"caddy.logging.encoders.filter.tls_version\",\n \"docs\": \"caddy.logging.encoders.filter.tls_version is a Caddy log field filter that replaces the numeric TLS version with the\\nstring version and optionally adds a prefix.\",\n \"package\": \"github.com/ueffel/caddy-tls-format\",\n \"repo\": \"https://github.com/ueffel/caddy-tls-format\"\n }\n ],\n \"caddy.logging.encoders.formatted\": [\n {\n \"name\": \"caddy.logging.encoders.formatted\",\n \"docs\": \"caddy.logging.encoders.formatted allows the user to provide custom template for log prints. The\\nencoder builds atop the json encoder, thus it follows its message structure. The placeholders\\nare namespaced by the name of the app logging the message.\",\n \"package\": \"github.com/caddyserver/format-encoder\",\n \"repo\": \"https://github.com/caddyserver/format-encoder\"\n }\n ],\n \"caddy.logging.encoders.json\": [\n {\n \"name\": \"caddy.logging.encoders.json\",\n \"docs\": \"caddy.logging.encoders.json encodes entries as JSON.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.logfmt\": [\n {\n \"name\": \"caddy.logging.encoders.logfmt\",\n \"docs\": \"caddy.logging.encoders.logfmt encodes log entries as logfmt:\\nhttps://www.brandur.org/logfmt\\n\\nNote that logfmt does not encode nested structures\\nproperly, so it is not a good fit for most logs.\\n\\n⚠️ DEPRECATED. Do not use. It will eventually be removed\\nfrom the standard Caddy modules. For more information,\\nsee https://github.com/caddyserver/caddy/issues/3575.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.encoders.single_field\": [\n {\n \"name\": \"caddy.logging.encoders.single_field\",\n \"docs\": \"caddy.logging.encoders.single_field writes a log entry that consists entirely\\nof a single string field in the log entry. This is useful\\nfor custom, self-encoded log entries that consist of a\\nsingle field in the structured log entry.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.writers.discard\": [\n {\n \"name\": \"caddy.logging.writers.discard\",\n \"docs\": \"caddy.logging.writers.discard discards all writes.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.writers.file\": [\n {\n \"name\": \"caddy.logging.writers.file\",\n \"docs\": \"caddy.logging.writers.file can write logs to files. By default, log files\\nare rotated (\\\"rolled\\\") when they get large, and old log\\nfiles get deleted, to ensure that the process does not\\nexhaust disk space.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.writers.net\": [\n {\n \"name\": \"caddy.logging.writers.net\",\n \"docs\": \"caddy.logging.writers.net implements a log writer that outputs to a network socket. If\\nthe socket goes down, it will dump logs to stderr while it attempts to\\nreconnect.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/logging\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.writers.stderr\": [\n {\n \"name\": \"caddy.logging.writers.stderr\",\n \"docs\": \"caddy.logging.writers.stderr writes logs to standard error.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.logging.writers.stdout\": [\n {\n \"name\": \"caddy.logging.writers.stdout\",\n \"docs\": \"caddy.logging.writers.stdout writes logs to standard out.\",\n \"package\": \"github.com/caddyserver/caddy/v2\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.storage.consul\": [\n {\n \"name\": \"caddy.storage.consul\",\n \"docs\": \"caddy.storage.consul allows to store certificates and other TLS resources\\nin a shared cluster environment using Consul's key/value-store.\\nIt uses distributed locks to ensure consistency.\",\n \"package\": \"github.com/pteich/caddy-tlsconsul\",\n \"repo\": \"https://github.com/pteich/caddy-tlsconsul\"\n },\n {\n \"name\": \"caddy.storage.consul\",\n \"docs\": \"caddy.storage.consul holds all parameters for the Consul connection\",\n \"package\": \"github.com/pteich/caddy-tlsconsul\",\n \"repo\": \"https://github.com/pteich/caddy-tlsconsul\"\n }\n ],\n \"caddy.storage.dynamodb\": [\n {\n \"name\": \"caddy.storage.dynamodb\",\n \"docs\": \"caddy.storage.dynamodb implements certmagic.Storage to facilitate\\nstorage of certificates in DynamoDB for a clustered environment.\\nAlso implements certmagic.Locker to facilitate locking\\nand unlocking of cert data during storage\",\n \"package\": \"github.com/silinternational/certmagic-storage-dynamodb/v2\",\n \"repo\": \"https://github.com/silinternational/certmagic-storage-dynamodb\"\n }\n ],\n \"caddy.storage.file_system\": [\n {\n \"name\": \"caddy.storage.file_system\",\n \"docs\": \"caddy.storage.file_system is a certmagic.Storage wrapper for certmagic.FileStorage.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/filestorage\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"caddy.storage.redis\": [\n {\n \"name\": \"caddy.storage.redis\",\n \"docs\": \"caddy.storage.redis contain Redis client, and plugin option\",\n \"package\": \"github.com/gamalan/caddy-tlsredis\",\n \"repo\": \"https://github.com/gamalan/caddy-tlsredis\"\n }\n ],\n \"caddy.storage.s3\": [\n {\n \"name\": \"caddy.storage.s3\",\n \"package\": \"github.com/ss098/certmagic-s3\",\n \"repo\": \"https://github.com/ss098/certmagic-s3\"\n },\n {\n \"name\": \"caddy.storage.s3\",\n \"package\": \"github.com/techknowlogick/certmagic-s3\",\n \"repo\": \"https://github.com/techknowlogick/certmagic-s3\"\n }\n ],\n \"crowdsec\": [\n {\n \"name\": \"crowdsec\",\n \"docs\": \"crowdsec is a Caddy App that functions as a CrowdSec bouncer. It acts\\nas a CrowdSec API client as well as a local cache for CrowdSec decisions,\\nwhich can be used by the HTTP handler and Layer4 matcher to decide if\\na request or connection is allowed or not.\",\n \"package\": \"github.com/hslatman/caddy-crowdsec-bouncer/crowdsec\",\n \"repo\": \"https://github.com/hslatman/caddy-crowdsec-bouncer\"\n }\n ],\n \"dns.providers.alidns\": [\n {\n \"name\": \"dns.providers.alidns\",\n \"docs\": \"dns.providers.alidns wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/alidns\",\n \"repo\": \"https://github.com/caddy-dns/alidns\"\n }\n ],\n \"dns.providers.azure\": [\n {\n \"name\": \"dns.providers.azure\",\n \"docs\": \"dns.providers.azure wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/azure\",\n \"repo\": \"https://github.com/caddy-dns/azure\"\n }\n ],\n \"dns.providers.cloudflare\": [\n {\n \"name\": \"dns.providers.cloudflare\",\n \"docs\": \"dns.providers.cloudflare wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/cloudflare\",\n \"repo\": \"https://github.com/caddy-dns/cloudflare\"\n }\n ],\n \"dns.providers.digitalocean\": [\n {\n \"name\": \"dns.providers.digitalocean\",\n \"docs\": \"dns.providers.digitalocean wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/digitalocean\",\n \"repo\": \"https://github.com/caddy-dns/digitalocean\"\n }\n ],\n \"dns.providers.dnspod\": [\n {\n \"name\": \"dns.providers.dnspod\",\n \"docs\": \"dns.providers.dnspod wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/dnspod\",\n \"repo\": \"https://github.com/caddy-dns/dnspod\"\n }\n ],\n \"dns.providers.duckdns\": [\n {\n \"name\": \"dns.providers.duckdns\",\n \"docs\": \"dns.providers.duckdns wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/duckdns\",\n \"repo\": \"https://github.com/caddy-dns/duckdns\"\n }\n ],\n \"dns.providers.gandi\": [\n {\n \"name\": \"dns.providers.gandi\",\n \"docs\": \"dns.providers.gandi wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/gandi\",\n \"repo\": \"https://github.com/caddy-dns/gandi\"\n }\n ],\n \"dns.providers.godaddy\": [\n {\n \"name\": \"dns.providers.godaddy\",\n \"docs\": \"dns.providers.godaddy wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/godaddy\",\n \"repo\": \"https://github.com/caddy-dns/godaddy\"\n }\n ],\n \"dns.providers.googleclouddns\": [\n {\n \"name\": \"dns.providers.googleclouddns\",\n \"docs\": \"dns.providers.googleclouddns lets Caddy read and manipulate DNS records hosted by this DNS provider.\",\n \"package\": \"github.com/caddy-dns/googleclouddns\",\n \"repo\": \"https://github.com/caddy-dns/googleclouddns\"\n }\n ],\n \"dns.providers.hetzner\": [\n {\n \"name\": \"dns.providers.hetzner\",\n \"docs\": \"dns.providers.hetzner wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/hetzner\",\n \"repo\": \"https://github.com/caddy-dns/hetzner\"\n }\n ],\n \"dns.providers.lego_deprecated\": [\n {\n \"name\": \"dns.providers.lego_deprecated\",\n \"docs\": \"dns.providers.lego_deprecated is a shim module that allows any and all of the\\nDNS providers in go-acme/lego to be used with Caddy. They must\\nbe configured via environment variables, they do not support\\ncancellation in the case of frequent config changes.\\n\\nEven though this module is in the dns.providers namespace, it\\nis only a special case for solving ACME challenges, intended to\\nreplace the modules that used to be in the now-defunct tls.dns\\nnamespace. Using it in other places of the Caddy config will\\nresult in errors.\\n\\nThis module will eventually go away in favor of the modules that\\nmake use of the libdns APIs: https://github.com/libdns\",\n \"package\": \"github.com/caddy-dns/lego-deprecated\",\n \"repo\": \"https://github.com/caddy-dns/lego-deprecated\"\n }\n ],\n \"dns.providers.netcup\": [\n {\n \"name\": \"dns.providers.netcup\",\n \"docs\": \"dns.providers.netcup lets Caddy read and manipulate DNS records hosted by this DNS provider.\",\n \"package\": \"github.com/caddy-dns/netcup\",\n \"repo\": \"https://github.com/caddy-dns/netcup\"\n }\n ],\n \"dns.providers.openstack-designate\": [\n {\n \"name\": \"dns.providers.openstack-designate\",\n \"docs\": \"dns.providers.openstack-designate wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/openstack-designate\",\n \"repo\": \"https://github.com/caddy-dns/openstack-designate\"\n }\n ],\n \"dns.providers.route53\": [\n {\n \"name\": \"dns.providers.route53\",\n \"docs\": \"dns.providers.route53 wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/route53\",\n \"repo\": \"https://github.com/caddy-dns/route53\"\n }\n ],\n \"dns.providers.vultr\": [\n {\n \"name\": \"dns.providers.vultr\",\n \"docs\": \"dns.providers.vultr wraps the provider implementation as a Caddy module.\",\n \"package\": \"github.com/caddy-dns/vultr\",\n \"repo\": \"https://github.com/caddy-dns/vultr\"\n }\n ],\n \"dynamic_dns\": [\n {\n \"name\": \"dynamic_dns\",\n \"docs\": \"dynamic_dns is a Caddy app that keeps your DNS records updated with the public\\nIP address of your instance. It updates A and AAAA records.\",\n \"package\": \"github.com/mholt/caddy-dynamicdns\",\n \"repo\": \"https://github.com/mholt/caddy-dynamicdns\"\n }\n ],\n \"dynamic_dns.ip_sources.simple_http\": [\n {\n \"name\": \"dynamic_dns.ip_sources.simple_http\",\n \"docs\": \"dynamic_dns.ip_sources.simple_http is an IP source that looks up the public IP addresses by\\nmaking HTTP(S) requests to the specified endpoints; it will try each\\nendpoint with IPv4 and IPv6 until at least one returns a valid value.\\nIt is OK if an endpoint doesn't support both IP versions; returning\\na single valid IP address is sufficient.\\n\\nThe endpoints must return HTTP status 200 and the response body must\\ncontain only the IP address in plain text.\",\n \"package\": \"github.com/mholt/caddy-dynamicdns\",\n \"repo\": \"https://github.com/mholt/caddy-dynamicdns\"\n }\n ],\n \"dynamic_dns.ip_sources.upnp\": [\n {\n \"name\": \"dynamic_dns.ip_sources.upnp\",\n \"docs\": \"dynamic_dns.ip_sources.upnp gets the IP address from UPnP device.\",\n \"package\": \"github.com/mholt/caddy-dynamicdns\",\n \"repo\": \"https://github.com/mholt/caddy-dynamicdns\"\n }\n ],\n \"exec\": [\n {\n \"name\": \"exec\",\n \"docs\": \"exec is top level module that runs shell commands.\",\n \"package\": \"github.com/abiosoft/caddy-exec\",\n \"repo\": \"https://github.com/abiosoft/caddy-exec\"\n }\n ],\n \"http\": [\n {\n \"name\": \"http\",\n \"docs\": \"http is a robust, production-ready HTTP server.\\n\\nHTTPS is enabled by default if host matchers with qualifying names are used\\nin any of routes; certificates are automatically provisioned and renewed.\\nAdditionally, automatic HTTPS will also enable HTTPS for servers that listen\\nonly on the HTTPS port but which do not have any TLS connection policies\\ndefined by adding a good, default TLS connection policy.\\n\\nIn HTTP routes, additional placeholders are available (replace any `*`):\\n\\nPlaceholder | Description\\n------------|---------------\\n`{http.request.body}` | The request body (⚠️ inefficient; use only for debugging)\\n`{http.request.cookie.*}` | HTTP request cookie\\n`{http.request.duration}` | Time up to now spent handling the request (after decoding headers from client)\\n`{http.request.header.*}` | Specific request header field\\n`{http.request.host.labels.*}` | Request host labels (0-based from right); e.g. for foo.example.com: 0=com, 1=example, 2=foo\\n`{http.request.host}` | The host part of the request's Host header\\n`{http.request.hostport}` | The host and port from the request's Host header\\n`{http.request.method}` | The request method\\n`{http.request.orig_method}` | The request's original method\\n`{http.request.orig_uri.path.dir}` | The request's original directory\\n`{http.request.orig_uri.path.file}` | The request's original filename\\n`{http.request.orig_uri.path}` | The request's original path\\n`{http.request.orig_uri.query}` | The request's original query string (without `?`)\\n`{http.request.orig_uri}` | The request's original URI\\n`{http.request.port}` | The port part of the request's Host header\\n`{http.request.proto}` | The protocol of the request\\n`{http.request.remote.host}` | The host part of the remote client's address\\n`{http.request.remote.port}` | The port part of the remote client's address\\n`{http.request.remote}` | The address of the remote client\\n`{http.request.scheme}` | The request scheme\\n`{http.request.tls.version}` | The TLS version name\\n`{http.request.tls.cipher_suite}` | The TLS cipher suite\\n`{http.request.tls.resumed}` | The TLS connection resumed a previous connection\\n`{http.request.tls.proto}` | The negotiated next protocol\\n`{http.request.tls.proto_mutual}` | The negotiated next protocol was advertised by the server\\n`{http.request.tls.server_name}` | The server name requested by the client, if any\\n`{http.request.tls.client.fingerprint}` | The SHA256 checksum of the client certificate\\n`{http.request.tls.client.public_key}` | The public key of the client certificate.\\n`{http.request.tls.client.public_key_sha256}` | The SHA256 checksum of the client's public key.\\n`{http.request.tls.client.certificate_pem}` | The PEM-encoded value of the certificate.\\n`{http.request.tls.client.certificate_der_base64}` | The base64-encoded value of the certificate.\\n`{http.request.tls.client.issuer}` | The issuer DN of the client certificate\\n`{http.request.tls.client.serial}` | The serial number of the client certificate\\n`{http.request.tls.client.subject}` | The subject DN of the client certificate\\n`{http.request.tls.client.san.dns_names.*}` | SAN DNS names(index optional)\\n`{http.request.tls.client.san.emails.*}` | SAN email addresses (index optional)\\n`{http.request.tls.client.san.ips.*}` | SAN IP addresses (index optional)\\n`{http.request.tls.client.san.uris.*}` | SAN URIs (index optional)\\n`{http.request.uri.path.*}` | Parts of the path, split by `/` (0-based from left)\\n`{http.request.uri.path.dir}` | The directory, excluding leaf filename\\n`{http.request.uri.path.file}` | The filename of the path, excluding directory\\n`{http.request.uri.path}` | The path component of the request URI\\n`{http.request.uri.query.*}` | Individual query string value\\n`{http.request.uri.query}` | The query string (without `?`)\\n`{http.request.uri}` | The full request URI\\n`{http.response.header.*}` | Specific response header field\\n`{http.vars.*}` | Custom variables in the HTTP handler chain\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.authentication.hashes.bcrypt\": [\n {\n \"name\": \"http.authentication.hashes.bcrypt\",\n \"docs\": \"http.authentication.hashes.bcrypt implements the bcrypt hash.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.authentication.hashes.scrypt\": [\n {\n \"name\": \"http.authentication.hashes.scrypt\",\n \"docs\": \"http.authentication.hashes.scrypt implements the scrypt KDF as a hash.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.authentication.providers.authorize\": [\n {\n \"name\": \"http.authentication.providers.authorize\",\n \"docs\": \"http.authentication.providers.authorize authorizes access to endpoints based on\\nthe presense and content of JWT token.\",\n \"package\": \"github.com/greenpau/caddy-authorize\",\n \"repo\": \"https://github.com/greenpau/caddy-authorize\"\n }\n ],\n \"http.authentication.providers.authorizer\": [\n {\n \"name\": \"http.authentication.providers.authorizer\",\n \"docs\": \"http.authentication.providers.authorizer authorizes access to endpoints based on\\nthe presense and content of JWT token.\",\n \"package\": \"github.com/greenpau/caddy-security\",\n \"repo\": \"https://github.com/greenpau/caddy-security\"\n }\n ],\n \"http.authentication.providers.forms\": [\n {\n \"name\": \"http.authentication.providers.forms\",\n \"docs\": \"http.authentication.providers.forms authorizes access to endpoints based on\\nthe credentials provided in a request.\",\n \"package\": \"github.com/greenpau/caddy-auth-forms\",\n \"repo\": \"https://github.com/greenpau/caddy-auth-forms\"\n }\n ],\n \"http.authentication.providers.http_basic\": [\n {\n \"name\": \"http.authentication.providers.http_basic\",\n \"docs\": \"http.authentication.providers.http_basic facilitates HTTP basic authentication.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.authentication.providers.jwt\": [\n {\n \"name\": \"http.authentication.providers.jwt\",\n \"docs\": \"http.authentication.providers.jwt facilitates JWT (JSON Web Token) authentication.\",\n \"package\": \"github.com/ggicci/caddy-jwt\",\n \"repo\": \"https://github.com/ggicci/caddy-jwt\"\n },\n {\n \"name\": \"http.authentication.providers.jwt\",\n \"docs\": \"http.authentication.providers.jwt authorizes access to endpoints based on\\nthe presense and content of JWT token.\",\n \"package\": \"github.com/greenpau/caddy-auth-jwt\",\n \"repo\": \"https://github.com/greenpau/caddy-auth-jwt\"\n }\n ],\n \"http.authentication.providers.saml\": [\n {\n \"name\": \"http.authentication.providers.saml\",\n \"docs\": \"http.authentication.providers.saml authenticates requests the SAML Response to the SP Assertion\\nConsumer Service using the HTTP-POST Binding.\",\n \"package\": \"github.com/greenpau/caddy-auth-saml\",\n \"repo\": \"https://github.com/greenpau/caddy-auth-saml\"\n }\n ],\n \"http.encoders.br\": [\n {\n \"name\": \"http.encoders.br\",\n \"docs\": \"http.encoders.br can create brotli encoders.\",\n \"package\": \"github.com/ueffel/caddy-brotli\",\n \"repo\": \"https://github.com/ueffel/caddy-brotli\"\n }\n ],\n \"http.encoders.gzip\": [\n {\n \"name\": \"http.encoders.gzip\",\n \"docs\": \"http.encoders.gzip can create gzip encoders.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.encoders.zstd\": [\n {\n \"name\": \"http.encoders.zstd\",\n \"docs\": \"http.encoders.zstd can create Zstandard encoders.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.acme_server\": [\n {\n \"name\": \"http.handlers.acme_server\",\n \"docs\": \"http.handlers.acme_server is an ACME server handler.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddypki/acmeserver\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.authelia\": [\n {\n \"name\": \"http.handlers.authelia\",\n \"docs\": \"http.handlers.authelia implements a plugin for securing routes with authentication\",\n \"package\": \"github.com/HeavenVolkoff/caddy-authelia/plugin\",\n \"repo\": \"https://github.com/HeavenVolkoff/caddy-authelia\"\n }\n ],\n \"http.handlers.authentication\": [\n {\n \"name\": \"http.handlers.authentication\",\n \"docs\": \"http.handlers.authentication is a middleware which provides user authentication.\\nRejects requests with HTTP 401 if the request is not authenticated.\\n\\nAfter a successful authentication, the placeholder\\n`{http.auth.user.id}` will be set to the username, and also\\n`{http.auth.user.*}` placeholders may be set for any authentication\\nmodules that provide user metadata.\\n\\nIts API is still experimental and may be subject to change.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/caddyauth\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.authenticator\": [\n {\n \"name\": \"http.handlers.authenticator\",\n \"docs\": \"http.handlers.authenticator implements Form-Based, Basic, Local, LDAP,\\nOpenID Connect, OAuth 2.0, SAML Authentication.\",\n \"package\": \"github.com/greenpau/caddy-security\",\n \"repo\": \"https://github.com/greenpau/caddy-security\"\n }\n ],\n \"http.handlers.authp\": [\n {\n \"name\": \"http.handlers.authp\",\n \"docs\": \"http.handlers.authp implements Form-Based, Basic, Local, LDAP,\\nOpenID Connect, OAuth 2.0, SAML Authentication.\",\n \"package\": \"github.com/greenpau/caddy-auth-portal\",\n \"repo\": \"https://github.com/greenpau/caddy-auth-portal\"\n }\n ],\n \"http.handlers.authz\": [\n {\n \"name\": \"http.handlers.authz\",\n \"package\": \"github.com/casbin/caddy-authz/v2\",\n \"repo\": \"https://github.com/casbin/caddy-authz\"\n }\n ],\n \"http.handlers.cgi\": [\n {\n \"name\": \"http.handlers.cgi\",\n \"package\": \"github.com/aksdb/caddy-cgi/v2\",\n \"repo\": \"https://github.com/aksdb/caddy-cgi\"\n }\n ],\n \"http.handlers.crowdsec\": [\n {\n \"name\": \"http.handlers.crowdsec\",\n \"docs\": \"http.handlers.crowdsec matches request IPs to CrowdSec decisions to (dis)allow access\",\n \"package\": \"github.com/hslatman/caddy-crowdsec-bouncer/http\",\n \"repo\": \"https://github.com/hslatman/caddy-crowdsec-bouncer\"\n }\n ],\n \"http.handlers.ct\": [\n {\n \"name\": \"http.handlers.ct\",\n \"docs\": \"http.handlers.ct allows to transpile YAML based configuration into a JSON ignition to be used with Flatcar or Fedora CoreOS.\",\n \"package\": \"github.com/cubic3d/caddy-ct\",\n \"repo\": \"https://github.com/cubic3d/caddy-ct\"\n }\n ],\n \"http.handlers.encode\": [\n {\n \"name\": \"http.handlers.encode\",\n \"docs\": \"http.handlers.encode is a middleware which can encode responses.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.error\": [\n {\n \"name\": \"http.handlers.error\",\n \"docs\": \"http.handlers.error implements a simple handler that returns an error.\\nThis handler returns an error value, but does not write a response.\\nThis is useful when you want the server to act as if an error\\noccurred; for example, to invoke your custom error handling logic.\\n\\nSince this handler does not write a response, the error information\\nis for use by the server to know how to handle the error.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.exec\": [\n {\n \"name\": \"http.handlers.exec\",\n \"docs\": \"http.handlers.exec implements an HTTP handler that runs shell command.\",\n \"package\": \"github.com/abiosoft/caddy-exec\",\n \"repo\": \"https://github.com/abiosoft/caddy-exec\"\n }\n ],\n \"http.handlers.file_server\": [\n {\n \"name\": \"http.handlers.file_server\",\n \"docs\": \"http.handlers.file_server implements a static file server responder for Caddy.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.filter\": [\n {\n \"name\": \"http.handlers.filter\",\n \"docs\": \"http.handlers.filter implements an HTTP handler that writes the\\nvisitor's IP address to a file or stream.\",\n \"package\": \"github.com/sjtug/caddy2-filter\",\n \"repo\": \"https://github.com/sjtug/caddy2-filter\"\n }\n ],\n \"http.handlers.geofence\": [\n {\n \"name\": \"http.handlers.geofence\",\n \"docs\": \"http.handlers.geofence implements IP geofencing functionality. https://github.com/circa10a/caddy-geofence\",\n \"package\": \"github.com/circa10a/caddy-geofence\",\n \"repo\": \"https://github.com/circa10a/caddy-geofence\"\n }\n ],\n \"http.handlers.git\": [\n {\n \"name\": \"http.handlers.git\",\n \"docs\": \"http.handlers.git implements git repository manager.\",\n \"package\": \"github.com/greenpau/caddy-git\",\n \"repo\": \"https://github.com/greenpau/caddy-git\"\n }\n ],\n \"http.handlers.gopkg\": [\n {\n \"name\": \"http.handlers.gopkg\",\n \"docs\": \"http.handlers.gopkg implements vanity go package import paths.\\n\\nVanity go package import paths give a cleaner appearance to go projects by separating the source code location from\\nthe import path. It also gives flexibility to developers by allowing them to change a project's source code hosting\\nplatform without requiring the project to be renamed. Finally, it allows projects hosted on various platforms to be\\ngrouped under a common import path.\",\n \"package\": \"magnax.ca/caddy/gopkg\",\n \"repo\": \"https://github.com/MagnaXSoftware/gopkg\"\n },\n {\n \"name\": \"http.handlers.gopkg\",\n \"docs\": \"http.handlers.gopkg represents the GoPkg Caddy module.\",\n \"package\": \"magnax.ca/caddy/gopkg\",\n \"repo\": \"https://github.com/MagnaXSoftware/gopkg\"\n }\n ],\n \"http.handlers.headers\": [\n {\n \"name\": \"http.handlers.headers\",\n \"docs\": \"http.handlers.headers is a middleware which modifies request and response headers.\\n\\nChanges to headers are applied immediately, except for the response\\nheaders when Deferred is true or when Required is set. In those cases,\\nthe changes are applied when the headers are written to the response.\\nNote that deferred changes do not take effect if an error occurs later\\nin the middleware chain.\\n\\nProperties in this module accept placeholders.\\n\\nResponse header operations can be conditioned upon response status code\\nand/or other header values.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/headers\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.hmac\": [\n {\n \"name\": \"http.handlers.hmac\",\n \"docs\": \"http.handlers.hmac implements an HTTP handler that\\nvalidates request body with hmac.\",\n \"package\": \"github.com/abiosoft/caddy-hmac\",\n \"repo\": \"https://github.com/abiosoft/caddy-hmac\"\n }\n ],\n \"http.handlers.image_filter\": [\n {\n \"name\": \"http.handlers.image_filter\",\n \"docs\": \"http.handlers.image_filter is a caddy module that can apply image filters to images from the filesystem at\\nruntime. It should be used together with a cache module, so filters don't have to be applied\\nrepeatedly because it's an expensive operation.\",\n \"package\": \"github.com/ueffel/caddy-imagefilter\",\n \"repo\": \"https://github.com/ueffel/caddy-imagefilter\"\n }\n ],\n \"http.handlers.json_parse\": [\n {\n \"name\": \"http.handlers.json_parse\",\n \"docs\": \"http.handlers.json_parse implements an HTTP handler that parses\\njson body as placeholders.\",\n \"package\": \"github.com/abiosoft/caddy-json-parse\",\n \"repo\": \"https://github.com/abiosoft/caddy-json-parse\"\n }\n ],\n \"http.handlers.map\": [\n {\n \"name\": \"http.handlers.map\",\n \"docs\": \"http.handlers.map implements a middleware that maps inputs to outputs. Specifically, it\\ncompares a source value against the map inputs, and for one that matches, it\\napplies the output values to each destination. Destinations become placeholder\\nnames.\\n\\nMapped placeholders are not evaluated until they are used, so even for very\\nlarge mappings, this handler is quite efficient.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/map\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.mercure\": [\n {\n \"name\": \"http.handlers.mercure\",\n \"docs\": \"http.handlers.mercure implements a Mercure hub as a Caddy module. Mercure is a protocol allowing to push data updates to web browsers and other HTTP clients in a convenient, fast, reliable and battery-efficient way.\",\n \"package\": \"github.com/dunglas/mercure/caddy\",\n \"repo\": \"https://github.com/dunglas/mercure\"\n }\n ],\n \"http.handlers.metrics\": [\n {\n \"name\": \"http.handlers.metrics\",\n \"docs\": \"http.handlers.metrics is a module that serves a /metrics endpoint so that any gathered\\nmetrics can be exposed for scraping. This module is configurable by end-users\\nunlike AdminMetrics.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/metrics\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.openapi\": [\n {\n \"name\": \"http.handlers.openapi\",\n \"package\": \"github.com/chukmunnlee/caddy-openapi\",\n \"repo\": \"https://github.com/chukmunnlee/caddy-openapi\"\n }\n ],\n \"http.handlers.openapi_validator\": [\n {\n \"name\": \"http.handlers.openapi_validator\",\n \"docs\": \"http.handlers.openapi_validator is used to validate OpenAPI requests and responses against an OpenAPI specification\",\n \"package\": \"github.com/hslatman/caddy-openapi-validator\",\n \"repo\": \"https://github.com/hslatman/caddy-openapi-validator\"\n }\n ],\n \"http.handlers.pirsch\": [\n {\n \"name\": \"http.handlers.pirsch\",\n \"package\": \"github.com/muety/caddy-pirsch-plugin\",\n \"repo\": \"https://github.com/muety/caddy-pirsch-plugin\"\n }\n ],\n \"http.handlers.prometheus\": [\n {\n \"name\": \"http.handlers.prometheus\",\n \"docs\": \"http.handlers.prometheus -\",\n \"package\": \"github.com/hairyhenderson/caddyprom\",\n \"repo\": \"https://github.com/hairyhenderson/caddyprom\"\n }\n ],\n \"http.handlers.push\": [\n {\n \"name\": \"http.handlers.push\",\n \"docs\": \"http.handlers.push is a middleware for manipulating the request body.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/push\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.quantity_limiter\": [\n {\n \"name\": \"http.handlers.quantity_limiter\",\n \"docs\": \"http.handlers.quantity_limiter limits the number of successful requests for a token and allows the counter to be reset.\",\n \"package\": \"github.com/cubic3d/caddy-quantity-limiter\",\n \"repo\": \"https://github.com/cubic3d/caddy-quantity-limiter\"\n }\n ],\n \"http.handlers.rate_limit\": [\n {\n \"name\": \"http.handlers.rate_limit\",\n \"docs\": \"http.handlers.rate_limit implements a handler for rate-limiting.\\n\\nIf a client exceeds the rate limit, an HTTP error with status `\\u003creject_status\\u003e` will\\nbe returned. This error can be handled using the conventional error handlers.\\nSee [handle_errors](https://caddyserver.com/docs/caddyfile/directives/handle_errors)\\nfor how to set up error handlers.\",\n \"package\": \"github.com/RussellLuo/caddy-ext/ratelimit\",\n \"repo\": \"https://github.com/RussellLuo/caddy-ext\"\n },\n {\n \"name\": \"http.handlers.rate_limit\",\n \"docs\": \"http.handlers.rate_limit implements rate limiting functionality.\\n\\nIf a rate limit is exceeded, an HTTP error with status 429 will be\\nreturned. This error can be handled using the conventional error\\nhandling routes in your config. An additional placeholder is made\\navailable, called `{http.rate_limit.exceeded.name}`, which you can\\nuse for logging or handling; it contains the name of the rate limit\\nzone which limit was exceeded.\",\n \"package\": \"github.com/mholt/caddy-ratelimit\",\n \"repo\": \"https://github.com/mholt/caddy-ratelimit\"\n }\n ],\n \"http.handlers.realip\": [\n {\n \"name\": \"http.handlers.realip\",\n \"package\": \"github.com/kirsch33/realip\",\n \"repo\": \"https://github.com/kirsch33/realip\"\n }\n ],\n \"http.handlers.replace_response\": [\n {\n \"name\": \"http.handlers.replace_response\",\n \"docs\": \"http.handlers.replace_response manipulates response bodies by performing\\nsubstring or regex replacements.\",\n \"package\": \"github.com/caddyserver/replace-response\",\n \"repo\": \"https://github.com/caddyserver/replace-response\"\n }\n ],\n \"http.handlers.request_body\": [\n {\n \"name\": \"http.handlers.request_body\",\n \"docs\": \"http.handlers.request_body is a middleware for manipulating the request body.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/requestbody\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.request_debug\": [\n {\n \"name\": \"http.handlers.request_debug\",\n \"docs\": \"http.handlers.request_debug is a middleware which displays the content of the request it\\nhandles. It helps troubleshooting web requests by exposing headers\\n(e.g. cookies), URL parameters, etc.\",\n \"package\": \"github.com/greenpau/caddy-request-debug\",\n \"repo\": \"https://github.com/greenpau/caddy-request-debug\"\n }\n ],\n \"http.handlers.request_id\": [\n {\n \"name\": \"http.handlers.request_id\",\n \"docs\": \"http.handlers.request_id implements an HTTP handler that writes a\\nunique request ID to response headers.\",\n \"package\": \"github.com/lolPants/caddy-requestid\",\n \"repo\": \"https://github.com/lolPants/caddy-requestid\"\n }\n ],\n \"http.handlers.reverse_proxy\": [\n {\n \"name\": \"http.handlers.reverse_proxy\",\n \"docs\": \"http.handlers.reverse_proxy implements a highly configurable and production-ready reverse proxy.\\n\\nUpon proxying, this module sets the following placeholders (which can be used\\nboth within and after this handler; for example, in response headers):\\n\\nPlaceholder | Description\\n------------|-------------\\n`{http.reverse_proxy.upstream.address}` | The full address to the upstream as given in the config\\n`{http.reverse_proxy.upstream.hostport}` | The host:port of the upstream\\n`{http.reverse_proxy.upstream.host}` | The host of the upstream\\n`{http.reverse_proxy.upstream.port}` | The port of the upstream\\n`{http.reverse_proxy.upstream.requests}` | The approximate current number of requests to the upstream\\n`{http.reverse_proxy.upstream.max_requests}` | The maximum approximate number of requests allowed to the upstream\\n`{http.reverse_proxy.upstream.fails}` | The number of recent failed requests to the upstream\\n`{http.reverse_proxy.upstream.latency}` | How long it took the proxy upstream to write the response header.\\n`{http.reverse_proxy.upstream.duration}` | Time spent proxying to the upstream, including writing response body to client.\\n`{http.reverse_proxy.duration}` | Total time spent proxying, including selecting an upstream, retries, and writing response.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.rewrite\": [\n {\n \"name\": \"http.handlers.rewrite\",\n \"docs\": \"http.handlers.rewrite is a middleware which can rewrite HTTP requests.\\n\\nThe Method and URI properties are \\\"setters\\\": the request URI\\nwill be set to the given values. Other properties are \\\"modifiers\\\":\\nthey modify existing files but do not explicitly specify what the\\nresult will be. It is atypical to combine the use of setters and\\nmodifiers in a single rewrite.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/rewrite\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.s3proxy\": [\n {\n \"name\": \"http.handlers.s3proxy\",\n \"docs\": \"http.handlers.s3proxy implements a proxy to return, set, delete or browse objects from S3\",\n \"package\": \"github.com/lindenlab/caddy-s3-proxy\",\n \"repo\": \"https://github.com/lindenlab/caddy-s3-proxy\"\n }\n ],\n \"http.handlers.static_response\": [\n {\n \"name\": \"http.handlers.static_response\",\n \"docs\": \"http.handlers.static_response implements a simple responder for static responses.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.subroute\": [\n {\n \"name\": \"http.handlers.subroute\",\n \"docs\": \"http.handlers.subroute implements a handler that compiles and executes routes.\\nThis is useful for a batch of routes that all inherit the same\\nmatchers, or for multiple routes that should be treated as a\\nsingle route.\\n\\nYou can also use subroutes to handle errors from its handlers.\\nFirst the primary routes will be executed, and if they return an\\nerror, the errors routes will be executed; in that case, an error\\nis only returned to the entry point at the server if there is an\\nadditional error returned from the errors routes.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.teapot\": [\n {\n \"name\": \"http.handlers.teapot\",\n \"docs\": \"http.handlers.teapot implements a static \\\"418 I'm a teapot\\\" response to all requests on the route\",\n \"package\": \"github.com/hairyhenderson/caddy-teapot-module\",\n \"repo\": \"https://github.com/hairyhenderson/caddy-teapot-module\"\n }\n ],\n \"http.handlers.templates\": [\n {\n \"name\": \"http.handlers.templates\",\n \"docs\": \"http.handlers.templates is a middleware which executes response bodies as Go templates.\\nThe syntax is documented in the Go standard library's\\n[text/template package](https://golang.org/pkg/text/template/).\\n\\n⚠️ Template functions/actions are still experimental, so they are subject to change.\\n\\n[All Sprig functions](https://masterminds.github.io/sprig/) are supported.\\n\\nIn addition to the standard functions and the Sprig library, Caddy adds\\nextra functions and data that are available to a template:\\n\\n##### `.Args`\\n\\nAccess arguments passed to this page/context, for example as the result of a `include`.\\n\\n```\\n{{.Args 0}} // first argument\\n```\\n\\n##### `.Cookie`\\n\\nGets the value of a cookie by name.\\n\\n```\\n{{.Cookie \\\"cookiename\\\"}}\\n```\\n\\n##### `env`\\n\\nGets an environment variable.\\n\\n```\\n{{env \\\"VAR_NAME\\\"}}\\n```\\n\\n##### `placeholder`\\n\\nGets an [placeholder variable](/docs/conventions#placeholders).\\nThe braces (`{}`) have to be omitted.\\n\\n```\\n{{placeholder \\\"http.request.uri.path\\\"}}\\n{{placeholder \\\"http.error.status_code\\\"}}\\n```\\n\\n##### `.Host`\\n\\nReturns the hostname portion (no port) of the Host header of the HTTP request.\\n\\n```\\n{{.Host}}\\n```\\n\\n##### `httpInclude`\\n\\nIncludes the contents of another file by making a virtual HTTP request (also known as a sub-request). The URI path must exist on the same virtual server because the request does not use sockets; instead, the request is crafted in memory and the handler is invoked directly for increased efficiency.\\n\\n```\\n{{httpInclude \\\"/foo/bar?q=val\\\"}}\\n```\\n\\n##### `include`\\n\\nIncludes the contents of another file. Optionally can pass key-value pairs as arguments to be accessed by the included file.\\n\\n```\\n{{include \\\"path/to/file.html\\\"}} // no arguments\\n{{include \\\"path/to/file.html\\\" \\\"arg1\\\" 2 \\\"value 3\\\"}} // with arguments\\n```\\n\\n##### `listFiles`\\n\\nReturns a list of the files in the given directory, which is relative to the template context's file root.\\n\\n```\\n{{listFiles \\\"/mydir\\\"}}\\n```\\n\\n##### `markdown`\\n\\nRenders the given Markdown text as HTML.\\n\\n```\\n{{markdown \\\"My _markdown_ text\\\"}}\\n```\\n\\n##### `.RemoteIP`\\n\\nReturns the client's IP address.\\n\\n```\\n{{.RemoteIP}}\\n```\\n\\n##### `.Req`\\n\\nAccesses the current HTTP request, which has various fields, including:\\n\\n - `.Method` - the method\\n - `.URL` - the URL, which in turn has component fields (Scheme, Host, Path, etc.)\\n - `.Header` - the header fields\\n - `.Host` - the Host or :authority header of the request\\n\\n```\\n{{.Req.Header.Get \\\"User-Agent\\\"}}\\n```\\n\\n##### `.RespHeader.Add`\\n\\nAdds a header field to the HTTP response.\\n\\n```\\n{{.RespHeader.Add \\\"Field-Name\\\" \\\"val\\\"}}\\n```\\n\\n##### `.RespHeader.Del`\\n\\nDeletes a header field on the HTTP response.\\n\\n```\\n{{.RespHeader.Del \\\"Field-Name\\\"}}\\n```\\n\\n##### `.RespHeader.Set`\\n\\nSets a header field on the HTTP response, replacing any existing value.\\n\\n```\\n{{.RespHeader.Set \\\"Field-Name\\\" \\\"val\\\"}}\\n```\\n\\n##### `splitFrontMatter`\\n\\nSplits front matter out from the body. Front matter is metadata that appears at the very beginning of a file or string. Front matter can be in YAML, TOML, or JSON formats:\\n\\n**TOML** front matter starts and ends with `+++`:\\n\\n```\\n+++\\ntemplate = \\\"blog\\\"\\ntitle = \\\"Blog Homepage\\\"\\nsitename = \\\"A Caddy site\\\"\\n+++\\n```\\n\\n**YAML** is surrounded by `---`:\\n\\n```\\n---\\ntemplate: blog\\ntitle: Blog Homepage\\nsitename: A Caddy site\\n---\\n```\\n\\n**JSON** is simply `{` and `}`:\\n\\n```\\n{\\n\\t\\\"template\\\": \\\"blog\\\",\\n\\t\\\"title\\\": \\\"Blog Homepage\\\",\\n\\t\\\"sitename\\\": \\\"A Caddy site\\\"\\n}\\n```\\n\\nThe resulting front matter will be made available like so:\\n\\n- `.Meta` to access the metadata fields, for example: `{{$parsed.Meta.title}}`\\n- `.Body` to access the body after the front matter, for example: `{{markdown $parsed.Body}}`\\n\\n##### `stripHTML`\\n\\nRemoves HTML from a string.\\n\\n```\\n{{stripHTML \\\"Shows \\u003cb\\u003eonly\\u003c/b\\u003e text content\\\"}}\\n```\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/templates\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.trace\": [\n {\n \"name\": \"http.handlers.trace\",\n \"docs\": \"http.handlers.trace is a middleware which displays the content of the request it\\nhandles. It helps troubleshooting web requests by exposing headers\\n(e.g. cookies), URL parameters, etc.\",\n \"package\": \"github.com/greenpau/caddy-trace\",\n \"repo\": \"https://github.com/greenpau/caddy-trace\"\n }\n ],\n \"http.handlers.vars\": [\n {\n \"name\": \"http.handlers.vars\",\n \"docs\": \"http.handlers.vars is an HTTP middleware which sets variables to\\nhave values that can be used in the HTTP request handler\\nchain. The primary way to access variables is with placeholders,\\nwhich have the form: `{http.vars.variable_name}`, or with\\nthe `vars` and `vars_regexp` request matchers.\\n\\nThe key is the variable name, and the value is the value of the\\nvariable. Both the name and value may use or contain placeholders.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.handlers.vulcain\": [\n {\n \"name\": \"http.handlers.vulcain\",\n \"package\": \"github.com/dunglas/vulcain/caddy\",\n \"repo\": \"https://github.com/dunglas/vulcain\"\n }\n ],\n \"http.handlers.webdav\": [\n {\n \"name\": \"http.handlers.webdav\",\n \"docs\": \"http.handlers.webdav implements an HTTP handler for responding to WebDAV clients.\",\n \"package\": \"github.com/mholt/caddy-webdav\",\n \"repo\": \"https://github.com/mholt/caddy-webdav\"\n }\n ],\n \"http.handlers.webhook\": [\n {\n \"name\": \"http.handlers.webhook\",\n \"docs\": \"http.handlers.webhook is the module configuration.\",\n \"package\": \"github.com/WingLim/caddy-webhook\",\n \"repo\": \"https://github.com/WingLim/caddy-webhook\"\n }\n ],\n \"http.matchers.exec_noop\": [\n {\n \"name\": \"http.matchers.exec_noop\",\n \"docs\": \"http.matchers.exec_noop is a matcher that blocks all requests.\\nIt's primary purpose is to ensure the command is not\\nexecuted when no route/matcher is specified.\\nLimitation of Caddyfile config. JSON/API config do not need this.\",\n \"package\": \"github.com/abiosoft/caddy-exec\",\n \"repo\": \"https://github.com/abiosoft/caddy-exec\"\n }\n ],\n \"http.matchers.execnopmatch\": [\n {\n \"name\": \"http.matchers.execnopmatch\",\n \"docs\": \"http.matchers.execnopmatch is a matcher that blocks all request.\\nIt's primary purpose is to ensure the command is not\\nexecuted when no route/matcher is specified.\\nLimitation of Caddyfile config. JSON/API config do not need this.\",\n \"package\": \"github.com/abiosoft/caddy-exec\",\n \"repo\": \"https://github.com/abiosoft/caddy-exec\"\n }\n ],\n \"http.matchers.expression\": [\n {\n \"name\": \"http.matchers.expression\",\n \"docs\": \"http.matchers.expression matches requests by evaluating a\\n[CEL](https://github.com/google/cel-spec) expression.\\nThis enables complex logic to be expressed using a comfortable,\\nfamiliar syntax. Please refer to\\n[the standard definitions of CEL functions and operators](https://github.com/google/cel-spec/blob/master/doc/langdef.md#standard-definitions).\\n\\nThis matcher's JSON interface is actually a string, not a struct.\\nThe generated docs are not correct because this type has custom\\nmarshaling logic.\\n\\nCOMPATIBILITY NOTE: This module is still experimental and is not\\nsubject to Caddy's compatibility guarantee.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.file\": [\n {\n \"name\": \"http.matchers.file\",\n \"docs\": \"http.matchers.file is an HTTP request matcher that can match\\nrequests based upon file existence.\\n\\nUpon matching, three new placeholders will be made\\navailable:\\n\\n- `{http.matchers.file.relative}` The root-relative\\npath of the file. This is often useful when rewriting\\nrequests.\\n- `{http.matchers.file.absolute}` The absolute path\\nof the matched file.\\n- `{http.matchers.file.type}` Set to \\\"directory\\\" if\\nthe matched file is a directory, \\\"file\\\" otherwise.\\n- `{http.matchers.file.remainder}` Set to the remainder\\nof the path if the path was split by `split_path`.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/fileserver\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.header\": [\n {\n \"name\": \"http.matchers.header\",\n \"docs\": \"http.matchers.header matches requests by header fields. The key is the field\\nname and the array is the list of field values. It performs fast,\\nexact string comparisons of the field values. Fast prefix, suffix,\\nand substring matches can also be done by suffixing, prefixing, or\\nsurrounding the value with the wildcard `*` character, respectively.\\nIf a list is null, the header must not exist. If the list is empty,\\nthe field must simply exist, regardless of its value.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.header_regexp\": [\n {\n \"name\": \"http.matchers.header_regexp\",\n \"docs\": \"http.matchers.header_regexp matches requests by a regular expression on header fields.\\n\\nUpon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}`\\nwhere `name` is the regular expression's name, and `capture_group` is either\\nthe named or positional capture group from the expression itself. If no name\\nis given, then the placeholder omits the name: `{http.regexp.capture_group}`\\n(potentially leading to collisions).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.host\": [\n {\n \"name\": \"http.matchers.host\",\n \"docs\": \"http.matchers.host matches requests by the Host value (case-insensitive).\\n\\nWhen used in a top-level HTTP route,\\n[qualifying domain names](/docs/automatic-https#hostname-requirements)\\nmay trigger [automatic HTTPS](/docs/automatic-https), which automatically\\nprovisions and renews certificates for you. Before doing this, you\\nshould ensure that DNS records for these domains are properly configured,\\nespecially A/AAAA pointed at your server.\\n\\nAutomatic HTTPS can be\\n[customized or disabled](/docs/modules/http#servers/automatic_https).\\n\\nWildcards (`*`) may be used to represent exactly one label of the\\nhostname, in accordance with RFC 1034 (because host matchers are also\\nused for automatic HTTPS which influences TLS certificates). Thus,\\na host of `*` matches hosts like `localhost` or `internal` but not\\n`example.com`. To catch all hosts, omit the host matcher entirely.\\n\\nThe wildcard can be useful for matching all subdomains, for example:\\n`*.example.com` matches `foo.example.com` but not `foo.bar.example.com`.\\n\\nDuplicate entries will return an error.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.maxmind_geolocation\": [\n {\n \"name\": \"http.matchers.maxmind_geolocation\",\n \"docs\": \"Allows to filter requests based on source IP country.\",\n \"package\": \"github.com/porech/caddy-maxmind-geolocation\",\n \"repo\": \"https://github.com/porech/caddy-maxmind-geolocation\"\n }\n ],\n \"http.matchers.method\": [\n {\n \"name\": \"http.matchers.method\",\n \"docs\": \"http.matchers.method matches requests by the method.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.not\": [\n {\n \"name\": \"http.matchers.not\",\n \"docs\": \"http.matchers.not matches requests by negating the results of its matcher\\nsets. A single \\\"not\\\" matcher takes one or more matcher sets. Each\\nmatcher set is OR'ed; in other words, if any matcher set returns\\ntrue, the final result of the \\\"not\\\" matcher is false. Individual\\nmatchers within a set work the same (i.e. different matchers in\\nthe same set are AND'ed).\\n\\nNOTE: The generated docs which describe the structure of this\\nmodule are wrong because of how this type unmarshals JSON in a\\ncustom way. The correct structure is:\\n\\n```json\\n[\\n\\t{},\\n\\t{}\\n]\\n```\\n\\nwhere each of the array elements is a matcher set, i.e. an\\nobject keyed by matcher name.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.path\": [\n {\n \"name\": \"http.matchers.path\",\n \"docs\": \"http.matchers.path matches requests by the URI's path (case-insensitive). Path\\nmatches are exact, but wildcards may be used:\\n\\n- At the end, for a prefix match (`/prefix/*`)\\n- At the beginning, for a suffix match (`*.suffix`)\\n- On both sides, for a substring match (`*/contains/*`)\\n- In the middle, for a globular match (`/accounts/*/info`)\\n\\nThis matcher is fast, so it does not support regular expressions or\\ncapture groups. For slower but more powerful matching, use the\\npath_regexp matcher.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.path_regexp\": [\n {\n \"name\": \"http.matchers.path_regexp\",\n \"docs\": \"http.matchers.path_regexp matches requests by a regular expression on the URI's path.\\n\\nUpon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}`\\nwhere `name` is the regular expression's name, and `capture_group` is either\\nthe named or positional capture group from the expression itself. If no name\\nis given, then the placeholder omits the name: `{http.regexp.capture_group}`\\n(potentially leading to collisions).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.protocol\": [\n {\n \"name\": \"http.matchers.protocol\",\n \"docs\": \"http.matchers.protocol matches requests by protocol. Recognized values are\\n\\\"http\\\", \\\"https\\\", and \\\"grpc\\\".\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.query\": [\n {\n \"name\": \"http.matchers.query\",\n \"docs\": \"http.matchers.query matches requests by the URI's query string. It takes a JSON object\\nkeyed by the query keys, with an array of string values to match for that key.\\nQuery key matches are exact, but wildcards may be used for value matches. Both\\nkeys and values may be placeholders.\\nAn example of the structure to match `?key=value\\u0026topic=api\\u0026query=something` is:\\n\\n```json\\n{\\n\\t\\\"key\\\": [\\\"value\\\"],\\n\\t\\\"topic\\\": [\\\"api\\\"],\\n\\t\\\"query\\\": [\\\"*\\\"]\\n}\\n```\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.remote_host\": [\n {\n \"name\": \"http.matchers.remote_host\",\n \"docs\": \"http.matchers.remote_host matches based on the remote IP of the\\nconnection. A host name can be specified, whose A and AAAA\\nDNS records will be resolved to a corresponding IP for matching.\\n\\nNote that IPs can sometimes be spoofed, so do not rely\\non this as a replacement for actual authentication.\",\n \"package\": \"github.com/muety/caddy-remote-host\",\n \"repo\": \"https://github.com/muety/caddy-remote-host\"\n }\n ],\n \"http.matchers.remote_ip\": [\n {\n \"name\": \"http.matchers.remote_ip\",\n \"docs\": \"http.matchers.remote_ip matches requests by client IP (or CIDR range).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.vars\": [\n {\n \"name\": \"http.matchers.vars\",\n \"docs\": \"http.matchers.vars is an HTTP request matcher which can match\\nrequests based on variables in the context.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.matchers.vars_regexp\": [\n {\n \"name\": \"http.matchers.vars_regexp\",\n \"docs\": \"http.matchers.vars_regexp matches the value of the context variables by a given regular expression.\\n\\nUpon a match, it adds placeholders to the request: `{http.regexp.name.capture_group}`\\nwhere `name` is the regular expression's name, and `capture_group` is either\\nthe named or positional capture group from the expression itself. If no name\\nis given, then the placeholder omits the name: `{http.regexp.capture_group}`\\n(potentially leading to collisions).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.precompressed.br\": [\n {\n \"name\": \"http.precompressed.br\",\n \"docs\": \"http.precompressed.br provides the file extension for files precompressed with brotli encoding.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/brotli\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.precompressed.gzip\": [\n {\n \"name\": \"http.precompressed.gzip\",\n \"docs\": \"http.precompressed.gzip provides the file extension for files precompressed with gzip encoding.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/gzip\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.precompressed.zstd\": [\n {\n \"name\": \"http.precompressed.zstd\",\n \"docs\": \"http.precompressed.zstd provides the file extension for files precompressed with zstandard encoding.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/encode/zstd\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.cookie\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.cookie\",\n \"docs\": \"http.reverse_proxy.selection_policies.cookie is a policy that selects\\na host based on a given cookie name.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.first\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.first\",\n \"docs\": \"http.reverse_proxy.selection_policies.first is a policy that selects\\nthe first available host.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.header\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.header\",\n \"docs\": \"http.reverse_proxy.selection_policies.header is a policy that selects\\na host based on a given request header.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.ip_hash\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.ip_hash\",\n \"docs\": \"http.reverse_proxy.selection_policies.ip_hash is a policy that selects a host\\nbased on hashing the remote IP of the request.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.least_conn\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.least_conn\",\n \"docs\": \"http.reverse_proxy.selection_policies.least_conn is a policy that selects the\\nhost with the least active requests. If multiple\\nhosts have the same fewest number, one is chosen\\nrandomly. The term \\\"conn\\\" or \\\"connection\\\" is used\\nin this policy name due to its similar meaning in\\nother software, but our load balancer actually\\ncounts active requests rather than connections,\\nsince these days requests are multiplexed onto\\nshared connections.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.random\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.random\",\n \"docs\": \"http.reverse_proxy.selection_policies.random is a policy that selects\\nan available host at random.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.random_choose\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.random_choose\",\n \"docs\": \"http.reverse_proxy.selection_policies.random_choose is a policy that selects\\ntwo or more available hosts at random, then\\nchooses the one with the least load.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.round_robin\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.round_robin\",\n \"docs\": \"http.reverse_proxy.selection_policies.round_robin is a policy that selects\\na host based on round-robin ordering.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.selection_policies.uri_hash\": [\n {\n \"name\": \"http.reverse_proxy.selection_policies.uri_hash\",\n \"docs\": \"http.reverse_proxy.selection_policies.uri_hash is a policy that selects a\\nhost by hashing the request URI.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.transport.fastcgi\": [\n {\n \"name\": \"http.reverse_proxy.transport.fastcgi\",\n \"docs\": \"http.reverse_proxy.transport.fastcgi facilitates FastCGI communication.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy/fastcgi\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.transport.http\": [\n {\n \"name\": \"http.reverse_proxy.transport.http\",\n \"docs\": \"http.reverse_proxy.transport.http is essentially a configuration wrapper for http.Transport.\\nIt defines a JSON structure useful when configuring the HTTP transport\\nfor Caddy's reverse proxy. It builds its http.Transport at Provision.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddyhttp/reverseproxy\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"http.reverse_proxy.transport.http_ntlm\": [\n {\n \"name\": \"http.reverse_proxy.transport.http_ntlm\",\n \"docs\": \"http.reverse_proxy.transport.http_ntlm proxies HTTP with NTLM authentication.\\nIt basically wraps HTTPTransport so that it is compatible with\\nNTLM's HTTP-hostile requirements. Specifically, it will use\\nHTTPTransport's single, default *http.Transport for all requests\\n(unless the client's connection is already mapped to a different\\ntransport) until a request comes in with an Authorization header\\nthat has \\\"NTLM\\\" or \\\"Negotiate\\\"; when that happens, NTLMTransport\\nmaps the client's connection (by its address, req.RemoteAddr)\\nto a new transport that is used only by that downstream conn.\\nWhen the upstream connection is closed, the mapping is deleted.\\nThis preserves NTLM authentication contexts by ensuring that\\nclient connections use the same upstream connection. It does\\nhurt performance a bit, but that's NTLM for you.\\n\\nThis transport also forces HTTP/1.1 and Keep-Alives in order\\nfor NTLM to succeed.\\n\\nIt is basically the same thing as\\n[nginx's paid ntlm directive](https://nginx.org/en/docs/http/ngx_http_upstream_module.html#ntlm)\\n(but is free in Caddy!).\",\n \"package\": \"github.com/caddyserver/ntlm-transport\",\n \"repo\": \"https://github.com/caddyserver/ntlm-transport\"\n }\n ],\n \"layer4\": [\n {\n \"name\": \"layer4\",\n \"docs\": \"layer4 is a Caddy app that operates closest to layer 4 of the OSI model.\",\n \"package\": \"github.com/mholt/caddy-l4/layer4\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.echo\": [\n {\n \"name\": \"layer4.handlers.echo\",\n \"docs\": \"layer4.handlers.echo is a simple handler that writes what it reads.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4echo\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.proxy\": [\n {\n \"name\": \"layer4.handlers.proxy\",\n \"docs\": \"layer4.handlers.proxy is a handler that can proxy connections.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.proxy_protocol\": [\n {\n \"name\": \"layer4.handlers.proxy_protocol\",\n \"docs\": \"layer4.handlers.proxy_protocol is a connection handler that accepts the PROXY protocol.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxyprotocol\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.tee\": [\n {\n \"name\": \"layer4.handlers.tee\",\n \"docs\": \"layer4.handlers.tee is a layer4 handler that replicates a connection so\\nthat a branch of handlers can concurrently handle it. Reads\\nhappen in lock-step with all concurrent branches so as to\\navoid buffering: if one of the branches (including the main\\nhandler chain) stops reading from the connection, it will\\nblock all branches.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4tee\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.throttle\": [\n {\n \"name\": \"layer4.handlers.throttle\",\n \"docs\": \"layer4.handlers.throttle throttles connections using leaky bucket rate limiting.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4throttle\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.handlers.tls\": [\n {\n \"name\": \"layer4.handlers.tls\",\n \"docs\": \"layer4.handlers.tls is a connection handler that terminates TLS.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4tls\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.crowdsec\": [\n {\n \"name\": \"layer4.matchers.crowdsec\",\n \"docs\": \"layer4.matchers.crowdsec matches IPs to CrowdSec decisions to (dis)allow access\",\n \"package\": \"github.com/hslatman/caddy-crowdsec-bouncer/layer4\",\n \"repo\": \"https://github.com/hslatman/caddy-crowdsec-bouncer\"\n }\n ],\n \"layer4.matchers.http\": [\n {\n \"name\": \"layer4.matchers.http\",\n \"docs\": \"layer4.matchers.http is able to match HTTP connections. The auto-generated\\ndocumentation for this type is wrong; instead of an object, it\\nis an array of matcher set objects.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4http\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.ip\": [\n {\n \"name\": \"layer4.matchers.ip\",\n \"docs\": \"layer4.matchers.ip matches requests by remote IP (or CIDR range).\",\n \"package\": \"github.com/mholt/caddy-l4/layer4\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.proxy_protocol\": [\n {\n \"name\": \"layer4.matchers.proxy_protocol\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.ssh\": [\n {\n \"name\": \"layer4.matchers.ssh\",\n \"docs\": \"layer4.matchers.ssh is able to match SSH connections.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4ssh\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.tls\": [\n {\n \"name\": \"layer4.matchers.tls\",\n \"docs\": \"layer4.matchers.tls is able to match TLS connections. Its structure\\nis different from the auto-generated documentation. This\\nvalue should be a map of matcher names to their values.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4tls\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.matchers.xmpp\": [\n {\n \"name\": \"layer4.matchers.xmpp\",\n \"docs\": \"layer4.matchers.xmpp is able to match XMPP connections.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4xmpp\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.first\": [\n {\n \"name\": \"layer4.proxy.selection_policies.first\",\n \"docs\": \"layer4.proxy.selection_policies.first is a policy that selects\\nthe first available host.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.ip_hash\": [\n {\n \"name\": \"layer4.proxy.selection_policies.ip_hash\",\n \"docs\": \"layer4.proxy.selection_policies.ip_hash is a policy that selects a host\\nbased on hashing the remote IP of the connection.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.least_conn\": [\n {\n \"name\": \"layer4.proxy.selection_policies.least_conn\",\n \"docs\": \"layer4.proxy.selection_policies.least_conn is a policy that selects the upstream\\nwith the least active connections. If multiple upstreams\\nhave the same fewest number, one is chosen randomly.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.random\": [\n {\n \"name\": \"layer4.proxy.selection_policies.random\",\n \"docs\": \"layer4.proxy.selection_policies.random is a policy that selects\\nan available host at random.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.random_choose\": [\n {\n \"name\": \"layer4.proxy.selection_policies.random_choose\",\n \"docs\": \"layer4.proxy.selection_policies.random_choose is a policy that selects\\ntwo or more available hosts at random, then\\nchooses the one with the least load.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"layer4.proxy.selection_policies.round_robin\": [\n {\n \"name\": \"layer4.proxy.selection_policies.round_robin\",\n \"docs\": \"layer4.proxy.selection_policies.round_robin is a policy that selects\\na host based on round-robin ordering.\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4proxy\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"pki\": [\n {\n \"name\": \"pki\",\n \"docs\": \"pki provides Public Key Infrastructure facilities for Caddy.\\n\\nThis app can define certificate authorities (CAs) which are capable\\nof signing certificates. Other modules can be configured to use\\nthe CAs defined by this app for issuing certificates or getting\\nkey information needed for establishing trust.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddypki\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"security\": [\n {\n \"name\": \"security\",\n \"docs\": \"security implements security manager.\",\n \"package\": \"github.com/greenpau/caddy-security\",\n \"repo\": \"https://github.com/greenpau/caddy-security\"\n }\n ],\n \"supervisor\": [\n {\n \"name\": \"supervisor\",\n \"package\": \"github.com/baldinof/caddy-supervisor\",\n \"repo\": \"https://github.com/baldinof/caddy-supervisor\"\n }\n ],\n \"tls\": [\n {\n \"name\": \"tls\",\n \"docs\": \"tls provides TLS facilities including certificate\\nloading and management, client auth, and more.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.certificates.automate\": [\n {\n \"name\": \"tls.certificates.automate\",\n \"docs\": \"tls.certificates.automate will automatically manage certificates for the names in the\\nlist, including obtaining and renewing certificates. Automated certificates\\nare managed according to their matching automation policy, configured\\nelsewhere in this app.\\n\\nTechnically, this is a no-op certificate loader module that is treated as\\na special case: it uses this app's automation features to load certificates\\nfor the list of hostnames, rather than loading certificates manually.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.certificates.load_files\": [\n {\n \"name\": \"tls.certificates.load_files\",\n \"docs\": \"tls.certificates.load_files loads certificates and their associated keys from disk.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.certificates.load_folders\": [\n {\n \"name\": \"tls.certificates.load_folders\",\n \"docs\": \"tls.certificates.load_folders loads certificates and their associated keys from disk\\nby recursively walking the specified directories, looking for PEM\\nfiles which contain both a certificate and a key.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.certificates.load_pem\": [\n {\n \"name\": \"tls.certificates.load_pem\",\n \"docs\": \"tls.certificates.load_pem loads certificates and their associated keys by\\ndecoding their PEM blocks directly. This has the advantage\\nof not needing to store them on disk at all.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.certificates.load_storage\": [\n {\n \"name\": \"tls.certificates.load_storage\",\n \"docs\": \"tls.certificates.load_storage loads certificates and their associated keys\\nfrom the globally configured storage module.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.handshake_match.alpn\": [\n {\n \"name\": \"tls.handshake_match.alpn\",\n \"package\": \"github.com/mholt/caddy-l4/modules/l4tls\",\n \"repo\": \"https://github.com/mholt/caddy-l4\"\n }\n ],\n \"tls.handshake_match.remote_ip\": [\n {\n \"name\": \"tls.handshake_match.remote_ip\",\n \"docs\": \"tls.handshake_match.remote_ip matches based on the remote IP of the\\nconnection. Specific IPs or CIDR ranges can be specified.\\n\\nNote that IPs can sometimes be spoofed, so do not rely\\non this as a replacement for actual authentication.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.handshake_match.sni\": [\n {\n \"name\": \"tls.handshake_match.sni\",\n \"docs\": \"tls.handshake_match.sni matches based on SNI. Names in\\nthis list may use left-most-label wildcards,\\nsimilar to wildcard certificates.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.issuance.acme\": [\n {\n \"name\": \"tls.issuance.acme\",\n \"docs\": \"tls.issuance.acme manages certificates using the ACME protocol (RFC 8555).\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.issuance.internal\": [\n {\n \"name\": \"tls.issuance.internal\",\n \"docs\": \"tls.issuance.internal is a certificate issuer that generates\\ncertificates internally using a locally-configured\\nCA which can be customized using the `pki` app.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.issuance.zerossl\": [\n {\n \"name\": \"tls.issuance.zerossl\",\n \"docs\": \"tls.issuance.zerossl makes an ACME manager\\nfor managing certificates using ACME.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.stek.distributed\": [\n {\n \"name\": \"tls.stek.distributed\",\n \"docs\": \"tls.stek.distributed implements a distributed STEK provider. This\\nmodule will obtain STEKs from a storage module instead\\nof generating STEKs internally. This allows STEKs to be\\ncoordinated, improving TLS session resumption in a cluster.\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls/distributedstek\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ],\n \"tls.stek.standard\": [\n {\n \"name\": \"tls.stek.standard\",\n \"package\": \"github.com/caddyserver/caddy/v2/modules/caddytls/standardstek\",\n \"repo\": \"https://github.com/caddyserver/caddy\"\n }\n ]\n }\n}"
},
{
"path": "src/docs/index.html",
"content": "{{$pathParts := splitList \"/\" .OriginalReq.URL.Path}}\n{{$markdownFilename := default \"index\" (slice $pathParts 2 | join \"/\")}}\n{{$markdownFilePath := printf \"/docs/markdown/%s.md\" $markdownFilename}}\n{{if not (fileExists $markdownFilePath)}}{{httpError 404}}{{end}}\n{{$markdownFile := (include $markdownFilePath | splitFrontMatter)}}\n{{$title := default $markdownFilename $markdownFile.Meta.title}}\n\n\n\n {{$title}} — Caddy v2中文文档\n {{include \"/includes/docs/head.html\"}}\n \n \n\n\n{{include \"/includes/docs/header.html\"}}\n\n {{include \"/includes/docs/nav.html\"}}\n
\n\n\n\n如果你看到_Hello, world!_,就恭喜啦——它已经工作了!确保你的配置按预期工作始终是一个好主意,尤其是在部署到生产环境之前。\n\n```json\n{\n\t\"handler\": \"static_response\",\n\t\"body\": \"I can do hard things.\"\n}\n```\n\n保存配置文件,然后通过再次运行相同的POST请求来更新Caddy的活动配置:\n\n
\n\n通过在浏览器中刷新页面(或再次运行`curl`)来测试它,你将看到一条鼓舞人心的消息!\n\n## 遍历配置\n\n让我们使用 Caddy API 的强大功能来进行更改,而不需要修改我们的配置文件,而不是上传整个配置文件。\n\n通过像我们上面所做的那样替换整个配置来对生产服务器进行少量更改可能是危险的;这就像拥有对文件系统的root访问权限。Caddy的API允许你限制更改的范围,以确保配置的其他部分不会被意外更改。\n使用请求URI的路径,我们可以遍历配置结构并仅更新消息字符串(如果被遮挡,请确保向右滚动):\n\n\n\n使用请求 URI 的路径,我们可以遍历配置结构并仅更新消息字符串(如果被遮挡,请确保向右滚动):\n\n
curl \\\n\tlocalhost:2019/config/apps/http/servers/example/routes/0/handle/0/body \\\n\t-H \"Content-Type: application/json\" \\\n\t-d '\"Work smarter, not harder.\"'\n
\n\n注释从行首的`#`开始并一直持续到行尾:\n\n```caddy-d\n# Comments can start a line\ndirective # or go at the end\n```\n\n哈希字符`#`不能出现在标记的中间(即它必须以空格开头或出现在行首)。这允许在URI或其他值中使用它而不需要引号。\n\n
![](\"/old/resources/images/external-link.svg\")
](https://caddy.community/t/the-subfolder-problem-or-why-cant-i-reverse-proxy-my-app-into-a-subfolder/8575)\n\n```caddy\nexample.com {\n\t# 提供 API,并剥离 /api 前缀\n\thandle_path /api/* {\n\t\treverse_proxy localhost:9000\n\t}\n\n\t# 提供静态站点\n\thandle {\n\t\troot /srv\n\t\tfile_server\n\t}\n}\n```\n"
},
{
"path": "src/docs/markdown/caddyfile/directives/header.md",
"content": "---\ntitle: header (Caddyfile directive)\n---\n\n# header\n\n操作 HTTP 响应标头字段。它可以设置、添加和删除标头值,或使用正则表达式执行替换。\n\n默认情况下,除非删除任何标头(`-`前缀)或设置默认值(`?`前缀),否则立即执行标头操作。在这些情况下,标头操作会自动推迟,直到将它们写入客户端为止。\n\n要操作 HTTP 请求标头,您可以使用[`request_header`](request_header)指令。\n\n\n## 语法\n\n```caddy-d\nheader [