diff --git a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/dialogReverseProxy.xml b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/dialogReverseProxy.xml
index eb8e1b366..56f2562dd 100644
--- a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/dialogReverseProxy.xml
+++ b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/dialogReverseProxy.xml
@@ -5,6 +5,12 @@
checkbox
+
+ reverse.DisableTls
+
+ dropdown
+
+
reverse.FromDomain
@@ -41,30 +47,24 @@
true
-
- reverse.DisableTls
-
- checkbox
-
-
reverse.DnsChallenge
checkbox
-
- reverse.AcmePassthrough
-
- text
-
-
reverse.CustomCertificate
dropdown
+
+ reverse.AcmePassthrough
+
+ text
+
+
header
diff --git a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
index e76e34a2c..beb0b5ef1 100644
--- a/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
+++ b/www/caddy/src/opnsense/mvc/app/controllers/OPNsense/Caddy/forms/general.xml
@@ -29,10 +29,16 @@
caddy.general.DisableSuperuser
-
- checkbox
+
+ dropdown
+
+ caddy.general.HttpVersion
+
+ select_multiple
+
+
caddy.general.HttpPort
diff --git a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
index 324e6069e..243b323b0 100644
--- a/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
+++ b/www/caddy/src/opnsense/mvc/app/models/OPNsense/Caddy/Caddy.xml
@@ -1,7 +1,7 @@
//Pischem/caddy
Caddy Reverse Proxy
- 1.3.0
+ 1.3.1
@@ -85,7 +85,14 @@
-
+
+ Y
+ 0
+
+ root (default)
+ www
+
+
10
1
@@ -93,6 +100,16 @@
Please enter a valid Grace Period between 1 and 3600 seconds.
Y
+
+ Y
+ h1,h2,h3
+ Y
+
+ HTTP/1.1
+ HTTP/2
+ HTTP/3
+
+
@@ -186,7 +203,14 @@
-
+
+ Y
+ 0
+
+ HTTPS (default)
+ HTTP
+
+
@@ -312,7 +336,7 @@
- HTTP/1.1, HTTP/2
+ HTTP/1.1, HTTP/2 (default)
HTTP/1.1
HTTP/2
diff --git a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
index ef1a10481..be973608a 100644
--- a/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
+++ b/www/caddy/src/opnsense/service/templates/OPNsense/Caddy/Caddyfile
@@ -76,38 +76,19 @@
# Purpose: The trusted proxy section is important when using CDNs so that headers are trusted.
# Credential logging is useful for troubleshooting basic auth.
#}
- {% set accessListUuid = generalSettings.accesslist %}
- {% set logCredentials = generalSettings.LogCredentials %}
- {% set enableLayer4 = generalSettings.EnableLayer4 %}
-
- {% set hasAccessList = false %}
- {% set hasLogCredentials = false %}
- {% set hasEnableLayer4 = false %}
-
- {% if accessListUuid %}
- {% set accessList = helpers.toList('Pischem.caddy.reverseproxy.accesslist') | selectattr('@uuid', 'equalto', accessListUuid) | first %}
- {% if accessList %}
- {% set hasAccessList = true %}
- {% endif %}
+ {% if generalSettings.accesslist %}
+ {% set accessList = helpers.toList('Pischem.caddy.reverseproxy.accesslist') | selectattr('@uuid', 'equalto', generalSettings.accesslist) | first %}
{% endif %}
- {% if logCredentials == '1' %}
- {% set hasLogCredentials = true %}
- {% endif %}
-
- {% if enableLayer4 == '1' %}
- {% set hasEnableLayer4 = true %}
- {% endif %}
-
- {% if hasAccessList or hasLogCredentials or hasEnableLayer4 %}
servers {
- {% if hasAccessList %}
+ protocols {{ generalSettings.HttpVersion.split(',') | join(' ') }}
+ {% if accessList %}
trusted_proxies static {{ accessList.clientIps.split(',') | join(' ') }}
{% endif %}
- {% if hasLogCredentials %}
+ {% if generalSettings.LogCredentials|default("0") == "1" %}
log_credentials
{% endif %}
- {% if hasEnableLayer4 %}
+ {% if generalSettings.EnableLayer4|default("0") == "1" %}
listener_wrappers {
{# Plug the Layer 4 template in #}
{% include "OPNsense/Caddy/includeLayer4" %}
@@ -115,7 +96,6 @@
}
{% endif %}
}
- {% endif %}
{#
# Section: Dynamic DNS Global Configuration