All Versions
42
Latest Version
Avg Release Cycle
17 days
Latest Release
38 days ago

Changelog History
Page 1

  • v2.1.1

    June 30, 2020

    🔖 Version 2.1.1 fixes a minor regression in v2.1 related to the CEL (expression) matcher, as well as eliminating the warning about pb.proto. Both regressions were unfortunately introduced by patch updates on dependencies. This version also adds support for placeholders in the query matcher, and a WIP/experimental map handler that will be finalized before 2.2.

    🔄 Changelog

    6004d3f caddyhttp: Add 'map' handler (#3199)
    77f233a caddyhttp: Corrected host label index check (fix #3502)
    👍 ddd690d caddyhttp: Support placeholders in query matcher (#3521)
    d7dbf85 cel: fix validation of expression result type (#3526)

  • v2.1.0

    June 26, 2020

    🛠 Caddy 2.1 introduces a variety of new features, bug fixes, and other enhancements! Highlights:

    Fully automated mTLS certificates. Caddy 2.1 can fully manage all its TLS certificates -- including TLS client certificates -- using any ACME endpoint you configure. New in this version, the reverse proxy module can be configured to present an automated client certificate, just by providing its subject name in the config. We've tested it with Caddy's built-in ACME server, Let's Encrypt, Sectigo, and Smallstep ACME endpoints. Using this feature, Caddy will keep the client certificate renewed automatically.

    Embedded ACME server (powered by Smallstep). This allows other ACME clients to use Caddy as an ACME endpoint. The idea here is to replace one-off self-signed, generated certificates with proper, short-lived, auto-renewing certificates for local development and internal deployments. In other words, if you're running a command every so often to produce a self-signed certificate, use Caddy instead for proper, fully-managed internal PKI. Simply add the acme_server directive to your Caddyfile for its default configuration, or use its JSON interface.

    👍 H2C support. Although discouraged in the general case, HTTP/2 over Cleartext HTTP (h2c) can be useful when serving or proxying gRPC locally/internally on trusted networks; and due to current poor TLS support in gRPC services currently, h2c might even be required in some cases. Caddy can now serve HTTP/2 without encryption, and it can communicate as a client with an HTTP/2 server that does not support TLS. To proxy h2c, set the versions property to include "h2c". To serve h2c, enable allow_h2c in your HTTP server config.

    🆕 New handle_path Caddyfile directive. This works the exact same as handle, but it only accepts a path prefix matcher and it strips the matched portion of the path before executing the directives contained in its block. It's a shortcut for using handle and uri strip_prefix together, which was a common-enough use case that we consolidated it into a new directive.

    🔧 Auto HTTPS can be configured in the Caddyfile. You can use the auto_https global option to disable it entirely, or disable only HTTP->HTTPS redirects. This is useful if you don't want to bind to any HTTP port at all.

    Various other Caddyfile improvements. Several quality-of-life improvements for the Caddyfile, including one-line named matchers such as @foo not path /foobar/*, and the ability to use backticks (`) to enclose strings where double quotes (") are inconvenient.

    Reverse proxy response interception. The reverse proxy can now intercept and handle the response from upstream based on the response status code and/or headers. This allows you to invoke custom, arbitrary HTTP logic based on the response from a backend.

    🛠 Many bug fixes and other enhancements. We always say this, I know, but just look at that changelog.

    Thank you to all who contributed and filed actionable bug reports as well as patches! Please keep it up. :)

    🔄 Changelog

    1dc4ec2 admin: Disallow websockets
    aef560c all: Recover from panics in goroutines
    41a682d caddyauth: Add realm to basicauth Caddyfile directive (#3315)
    🛠 9a7756c caddyauth: Cache basicauth results (fixes #3462) (#3465)
    96d6d27 caddyconfig: Don't start comments in middle of tokens (#3267)
    6c051cd caddyconfig: Minor internal and godoc tweaks
    fdf2a77 caddyfile: Add args on imports (#3423)
    d55c3b3 caddyhttp: Add client cert SAN placeholders
    🚚 ffc125d caddyfile: Move NewTestDispenser into non-test file (#3439)
    👍 5230561 caddyfile: Support backticks as quotes (closes #2591) (#3242)
    294910c caddyhttp: Add client.public_key(_sha256) placeholders
    ⚡️ 0cbf467 caddyhttp: Add time.now placeholder and update cel-go (closes #2594)
    2d1f7b9 caddyhttp: Auto-redirects from all bind addresses (fix #3443)
    👍 21c00a3 caddyhttp: Better host matching for logger names (fix #3488) (#3522)
    0️⃣ 7b0962b caddyhttp: Default to error status if found in context
    3af15c0 caddyhttp: Empty, not nil, query matcher matches empty query string
    6db3615 caddyhttp: Enable matching empty query string
    🔀 4c55d26 caddyhttp: Fix merging of Caddyfile matchers in not blocks (#3379)
    d534162 caddyhttp: Match hostnames with wildcards to loggers (#3378)
    ♻️ 7960b42 caddyhttp: Minor refactoring for preparing requests
    ♻️ e5bbed1 caddyhttp: Refactor header matching
    a285fe4 caddypki: Add 'acme_server' Caddyfile directive
    ♻️ bde3823 caddytest: Refactor Caddyfile adapt tests to separate files (#3398)
    🔧 e18c373 caddytls: Actually use configured test CA
    🔧 11a132d caddytls: Configurable cache size limit
    6d03fb4 caddytls: Don't decode HMAC
    62c9f2c cmd: Add --envfile flag to run command (#3278)
    👍 4df56c7 cmd: Add pidfile support (closes #3235)
    🚦 83551ed cmd: Only stop admin server on signal if it exists (fix #3470)
    👍 996af09 cmd: Support admin endpoint on unix socket (#3320)
    🌲 aa20878 cmd: file-server: add --access-log flag (#3454)
    bb67e19 cmd: hash-password: Fix broken terminal state on SIGINT (#3416)
    👍 5bde8d7 cmd: hash-password: Support reading from stdin (#3373)
    44536a7 cmd: reverse-proxy: add --insecure flag (with warning) (#3389)
    👍 ef6e53b core: Add support for d duration unit (#3323)
    👍 28ab0bf core: Support loading modules from [][]json.RawMessage fields
    b1480eb fastcgi: Fix php_fastcgi matcher regression (#3512)
    fa4cdde fastcgi: Make sure splitPos handles empty SplitPath correctly (#3491)
    7243454 fastcgi: php_fastcgi subdirectives to override shortcut behaviour (#3255)
    1e8c976 file_server: Accept files args in one-liner of Caddyfile matcher (#3298)
    ⚡️ c9049bd go.mod: Minor dependency updates
    ⚡️ 9dafa63 go.mod: Update dependencies
    ⚡️ 3fb2c39 go.mod: Update dependencies
    ⚡️ d5d7fb5 go.mod: Update dependencies
    ⚡️ cb0d983 go.mod: Update quic-go to 0.17.1 (draft 29) and certmagic 0.11.2 (eab)
    fae0642 httpcaddyfile: Add auto_https global option (#3284)
    1dfb114 httpcaddyfile: Add client_auth options to tls directive (#3335)
    🌲 21de227 httpcaddyfile: Be stricter about log syntax (#3419)
    32cafbb httpcaddyfile: Fix ordering of catch-all site blocks
    cd9317e httpcaddyfile: Fix route ordering bug
    cc8fb48 httpcaddyfile: Improve error on matcher declared outside site block (#3431)
    a496308 httpcaddyfile: Let modules add listener wrappers (#3397)
    dc9f4f1 httpcaddyfile: Make global options pluggable (#3265)
    d84a5d8 httpcaddyfile: New acme_eab option (#3492)
    8c5d00b httpcaddyfile: New handle_path directive (#3281)
    2f59467 httpcaddyfile: Only append TLS conn policy if it's non-empty (#3319)
    ea7e4b4 httpcaddyfile: Shorthands for parameterized placeholders (#3305)
    97e61c1 httpcaddyfile: Sort site blocks with wildcards last (fix #3410)
    👍 26e5596 httpcaddyfile: Support single-line matchers (#3263)
    👍 41c7bd2 httpserver: Add experimental H2C support (#3289)
    🌲 bf8c3c2 log: improve rounding logic for log rolling directives (#3367)
    🌲 9415fec logging: Net writer redials if write fails (#3453)
    📄 c47ddbe pki: Add docs to some struct fields
    184e8e9 pki: Embedded ACME server (#3198)
    👍 4b10ae5 reverseproxy: Add Caddyfile support for ClientCertificateAutomate
    afecd90 reverseproxy: Add tls_server_name option to Caddyfile (#3322)
    👀 1c17e6c reverseproxy: Allow using TLS for port 80 upstreams (see #3361)
    90c7b4b reverseproxy: Apply response header ops before copying it (fix #3382) (#3401)
    b3bff13 reverseproxy: Close websocket conn if req context cancels
    2a8a198 reverseproxy: Don't overwrite existing X-Forwarded-Proto header
    🌲 812278a reverseproxy: Emit debug log before checking error (#3425)
    7a99835 reverseproxy: Enable changing only the status code (close #2920)
    538ddb8 reverseproxy: Enable response interception (#1447, #2920)
    22055c5 reverseproxy: Fix https active health checks #3450 (#3451)
    c1e5c09 reverseproxy: Improve error message when using scheme+placeholder (#3393)
    🌲 9ee01dc reverseproxy: Make debug log safe if error occurs
    881b826 reverseproxy: Pool copy buffers (minor optimization)
    👍 003403e templates: Add support for dots to close yaml frontmatter (#3498)
    🏁 483e31b templates: trim windows whitespace in SplitFrontMatter; fix #3386 (#3387)
    b814c0a tls/client auth: verify first certificates in client request (#3344)

  • v2.1.0-beta.2

    June 26, 2020
  • v2.1.0-beta.1

    June 08, 2020

    Caddy 2.1 is now in beta! Featuring:

    • 0️⃣ Embedded ACME server (powered by Smallstep). Enable it with the acme_server HTTP handler (or Caddyfile directive). Then by default, all requests under /acme/* will be handled by the ACME server using Caddy's default built-in CA.
    • Fully-managed client certificate renewals. Caddy can obtain and renew client certificates it uses when reverse-proxying, totally hands-free! Combined with the embedded ACME server, Caddy 2.1 offers fully-automated mTLS.
    • 👍 H2C (HTTP2 over Cleartext TCP) support, both server and client side. This means Caddy can proxy gRPC over plaintext HTTP/2 frames.
    • 🆕 New handle_path Caddyfile directive which works the same as handle but it must take a path matcher, and the path prefix will be stripped implicitly before invoking the handlers in the block.
    • Many quality-of-life improvements in the Caddyfile.
    • 🛠 Several bug fixes and other enhancements.

    ⬆️ Please test and upgrade to this version, and report bugs while it's still in beta! Thank you for participating in our development cycle.

    🔄 Changelog

    1dc4ec2 admin: Disallow websockets
    aef560c all: Recover from panics in goroutines
    41a682d caddyauth: Add realm to basicauth Caddyfile directive (#3315)
    🛠 9a7756c caddyauth: Cache basicauth results (fixes #3462) (#3465)
    96d6d27 caddyconfig: Don't start comments in middle of tokens (#3267)
    6c051cd caddyconfig: Minor internal and godoc tweaks
    fdf2a77 caddyfile: Add args on imports (#3423)
    🚚 ffc125d caddyfile: Move NewTestDispenser into non-test file (#3439)
    👍 5230561 caddyfile: Support backticks as quotes (closes #2591) (#3242)
    294910c caddyhttp: Add client.public_key(_sha256) placeholders
    ⚡️ 0cbf467 caddyhttp: Add time.now placeholder and update cel-go (closes #2594)
    2d1f7b9 caddyhttp: Auto-redirects from all bind addresses (fix #3443)
    0️⃣ 7b0962b caddyhttp: Default to error status if found in context
    🔀 4c55d26 caddyhttp: Fix merging of Caddyfile matchers in not blocks (#3379)
    d534162 caddyhttp: Match hostnames with wildcards to loggers (#3378)
    ♻️ 7960b42 caddyhttp: Minor refactoring for preparing requests
    ♻️ e5bbed1 caddyhttp: Refactor header matching
    a285fe4 caddypki: Add 'acme_server' Caddyfile directive
    ♻️ bde3823 caddytest: Refactor Caddyfile adapt tests to separate files (#3398)
    🔧 e18c373 caddytls: Actually use configured test CA
    🔧 11a132d caddytls: Configurable cache size limit
    62c9f2c cmd: Add --envfile flag to run command (#3278)
    👍 4df56c7 cmd: Add pidfile support (closes #3235)
    🚦 83551ed cmd: Only stop admin server on signal if it exists (fix #3470)
    👍 996af09 cmd: Support admin endpoint on unix socket (#3320)
    🌲 aa20878 cmd: file-server: add --access-log flag (#3454)
    bb67e19 cmd: hash-password: Fix broken terminal state on SIGINT (#3416)
    👍 5bde8d7 cmd: hash-password: Support reading from stdin (#3373)
    44536a7 cmd: reverse-proxy: add --insecure flag (with warning) (#3389)
    👍 ef6e53b core: Add support for d duration unit (#3323)
    👍 28ab0bf core: Support loading modules from [][]json.RawMessage fields
    7243454 fastcgi: php_fastcgi subdirectives to override shortcut behaviour (#3255)
    1e8c976 file_server: Accept files args in one-liner of Caddyfile matcher (#3298)
    ⚡️ 9dafa63 go.mod: Update dependencies
    ⚡️ 3fb2c39 go.mod: Update dependencies
    ⚡️ d5d7fb5 go.mod: Update dependencies
    fae0642 httpcaddyfile: Add auto_https global option (#3284)
    1dfb114 httpcaddyfile: Add client_auth options to tls directive (#3335)
    🌲 21de227 httpcaddyfile: Be stricter about log syntax (#3419)
    cd9317e httpcaddyfile: Fix route ordering bug
    cc8fb48 httpcaddyfile: Improve error on matcher declared outside site block (#3431)
    a496308 httpcaddyfile: Let modules add listener wrappers (#3397)
    dc9f4f1 httpcaddyfile: Make global options pluggable (#3265)
    8c5d00b httpcaddyfile: New handle_path directive (#3281)
    2f59467 httpcaddyfile: Only append TLS conn policy if it's non-empty (#3319)
    ea7e4b4 httpcaddyfile: Shorthands for parameterized placeholders (#3305)
    97e61c1 httpcaddyfile: Sort site blocks with wildcards last (fix #3410)
    👍 26e5596 httpcaddyfile: Support single-line matchers (#3263)
    👍 41c7bd2 httpserver: Add experimental H2C support (#3289)
    🌲 bf8c3c2 log: improve rounding logic for log rolling directives (#3367)
    🌲 9415fec logging: Net writer redials if write fails (#3453)
    📄 c47ddbe pki: Add docs to some struct fields
    184e8e9 pki: Embedded ACME server (#3198)
    👍 4b10ae5 reverseproxy: Add Caddyfile support for ClientCertificateAutomate
    afecd90 reverseproxy: Add tls_server_name option to Caddyfile (#3322)
    👀 1c17e6c reverseproxy: Allow using TLS for port 80 upstreams (see #3361)
    90c7b4b reverseproxy: Apply response header ops before copying it (fix #3382) (#3401)
    2a8a198 reverseproxy: Don't overwrite existing X-Forwarded-Proto header
    🌲 812278a reverseproxy: Emit debug log before checking error (#3425)
    7a99835 reverseproxy: Enable changing only the status code (close #2920)
    538ddb8 reverseproxy: Enable response interception (#1447, #2920)
    22055c5 reverseproxy: Fix https active health checks #3450 (#3451)
    c1e5c09 reverseproxy: Improve error message when using scheme+placeholder (#3393)
    🌲 9ee01dc reverseproxy: Make debug log safe if error occurs
    881b826 reverseproxy: Pool copy buffers (minor optimization)
    🏁 483e31b templates: trim windows whitespace in SplitFrontMatter; fix #3386 (#3387)
    b814c0a tls/client auth: verify first certificates in client request (#3344)

  • v2.0.0

    May 04, 2020

    🎉 It's here! Caddy 2 is ready for production. Check out the v2 landing page!

    🍱 💚 *Please consider sponsoring - I work on this full-time, and it would not be possible without continued company and individual sponsors, thank you!

    📚 We recommend all users begin to upgrade. Please spend time in the documentation. We've worked hard to make everything as clear and simple as possible. Once you have tested Caddy 2, deploy it into production. We think you'll be very pleased with the results.

    🛠 Keep in mind that this is just the beginning: "2.0" does not mean the software is perfect, only that it is stable. Its readiness is guided by your feedback! We will continue to develop features, quality-of-life improvements, and bug fixes (2.1 is already slated to have 30+ improvements)

    Thank you to everyone in the community who helpfully reported bugs and contributed over the past year!

    👀 See all commits since RC 3 here.

    👌 Support:

    Resources:

    🔄 Changelog

    🛠 9a57263 admin: Close admin endpoint when shutting down (fixes #3269)
    f5ccb90 admin: Disable host checking if wildcard interface is specified
    5ae1a56 caddyhttp: Add split_path to file matcher (used by php_fastcgi) (#3302)
    🌲 f931c26 caddyhttp: Better duration logging
    ebf07f8 caddyhttp: Fix auto redirects for catch-all HTTPS sites
    bacf50a caddyhttp: Fix common_log format's user ID placeholder (#3300)
    🐧 83c85c5 caddyhttp: Fix listener overlap detection on Linux
    🛠 026937f caddyhttp: Fix trailers when recording responses (fixes #3236)
    🌲 10db570 caddyhttp: General improvements to access logging (#3301)
    📄 a1796c2 caddytls: Adjust DNS challenge structure; clarify some docs
    ⬆️ 8e42661 caddytls: Finish upgrading to libdns DNS providers for ACME challenges
    86a4f2c caddytls: Fix namespace tls.dns -> dns.providers
    c11d0e4 cmd: Clean up, simplify reverse proxy command; fix some edge cases
    100d19e dangit, of course I would bork my git commit
    ⚡️ 1fa8c18 go.mod: Remove DNSProviderMaker interface; update to lego 3.6
    ⚡️ 2609a72 go.mod: Update dependencies including CertMagic (fixes #3202)
    97ed9e1 httpcaddyfile: Add nil check to prevent panic, fix validation logic
    🛠 829e36d httpcaddyfile: Don't lowercase placeholder contents (fixes #3264)
    📜 bca610f httpcaddyfile: Minor fixes to parsing storage options
    ⚡️ a77bd1d httpcaddyfile: Update tls parsing for DNS providers
    295604d httpcaddyfile: Why was this code repeated??
    0798459 readme: Fix broken links (#3283)
    1b06181 reverseproxy: Don't forget to provision embedded headers handler
    👀 a507a5b reverseproxy: Remove circuitbreaker module (see #3331)
    76bbb47 reverseproxy: Set X-Forwarded-Proto (closes #3275) (#3276)
    da8686c reverseproxy: always set req.URL.Host with upstream (#3297)

  • v2.0.0-rc.3

    April 13, 2020

    🚀 🎉 Release Candidate 3! It is anticipated that this is the final pre-release. No new bug fixes or enhancements are planned. Only critical fixes that require a significant change will result in a fourth release candidate; otherwise, next tag should be v2.0.0.

    🍱 💚 Please consider sponsoring this project. I work on this full-time and appreciate your support!

    🚀 This release is production-ready and should be used in production (after testing locally and in staging environments) as much as possible. We recommend that all users test and upgrade to this release candidate.

    🚀 Thank you to everyone in the community who helpfully reported bugs and contributed to this release!

    Some highlights:

    • 🛠 Fixed occasional logging-related panic on some HTTP requests (introduced in rc2)
    • ✨ Enhanced default security of admin endpoint (thanks to @kalmi for the great feedback!)

    👀 See all commits since RC 2 here.

    👌 Support:

    v2 Resources:

    🔄 Changelog

    a3bdc22 admin: Always enforce Host header checks
    🛠 999ab22 caddyhttp: Add nil check (fixes #3248 and fixes #3250)
    ec45681 core: Don't return error on RegisterModule() and RegisterAdapter()
    🚚 3bee569 httpcaddyfile: Don't remove empty TLS conn policies (fix #3249)

  • v2.0.0-rc.2

    April 09, 2020

    🚀 🎉 Release Candidate 2! A release candidate means we think the software is good enough to release, but we want to allow another cycle for bug fixes based on issues raised from the community. Now is the time to upgrade!

    🍱 💚 Please consider sponsoring this project. I work on this full-time and appreciate your support!

    🚀 This release is production-ready and should be used in production (after testing locally and in staging environments) as much as possible. We recommend that all users test and upgrade to this release candidate.

    🚀 Thank you to everyone in the community who helpfully reported bugs and contributed to this release!

    Some highlights:

    • 🍱 ⚠️ The reverse proxy's NTLM transport module was moved into its own repository
    • 🆕 New key_type Caddyfile global option to customize certificate key type
    • The not matcher in the Caddyfile can now be a one-liner to negate a single matcher
    • 🛠 Numerous bug fixes and other improvements

    👀 See all commits since RC 1 here.

    👌 Support:

    v2 Resources:

    🔄 Changelog

    fbd9515 basicauth: Re-prompt after invalid credentials (fix #3239) (#3240)
    7be747f caddyhttp: Add missing LB policy Caddyfile unmarshalers (#3230)
    ♻️ e5dc76b caddyhttp: CEL matcher checks return type; slight refactor
    0️⃣ 0fe9803 caddyhttp: Fix logging name associations by adding a default
    e30deed caddyhttp: Return port placeholders as ints
    5b355cb caddyhttp: Strictly forbid unnecessary blocks on matchers (#3229)
    👍 a3cfe43 caddyhttp: Support single-line not matcher (#3228)
    0️⃣ 85f5f47 caddytls: Don't initialize default internal issuer unless necessary
    d89ad2f caddytls: Fix for TLS conn policy being applied to HTTP-only servers (#3243)
    👍 6a32daa caddytls: Support custom bind host for challenges (#3232)
    0️⃣ 4d9b63d cel: Leverage DefaultAdapter to extend CEL's type system
    346c33b cmd: Log warning if --resume and --config used together
    📜 8b2dbc5 core: Rename ParsedAddress -> NetworkAddress
    🔧 1e8af27 fastcgi: Account for lack of split path configuration (fix #3221)
    c5f9227 go.mod: Try smallstep again
    ⚡️ c7ac7de go.mod: Update CertMagic (again) v0.10.10
    ⚡️ b6482e5 go.mod: Update CertMagic to v0.10.8
    ⚡️ d33926b go.mod: Update certmagic
    ⚡️ b4a7d62 go.mod: Update dependencies
    ⚡️ 88d391c go.mod: Update smallstep/cli
    05164c8 go.mod: Use latest Certmagic (v0.10.9)
    28fdf64 httpcaddyfile, caddytls: Multiple edge case fixes; add tests
    5110643 httpcaddyfile: Add key_type global option (#3231)
    🛠 145aebb httpcaddyfile: Carry bind setting through to ACME issuer (fixes #3232)
    🌲 3d6fc1e httpcaddyfile: Yield cleaner JSON when conn policy or log name is empty
    🌲 6e4132e logging: Colorize output in all cases of stdout/stderr
    🌲 6e4c688 logging: Only colorize console output
    f29023b reverseproxy: Minor tweaks
    ♻️ 2c1b663 reverseproxy: Remove NTLM transport; refactor and improve docs
    b1ce9d4 templates: Add env function (closes #3237)
    ⚡️ 95f6bd7 templates: Update docs
    📄 437d509 templates: Use text/template; add experimental notice to docs

  • v2.0.0-rc.1

    April 02, 2020

    🚀 🎉 Release Candidate 1! A release candidate means we think the software is good enough to release, but we want to allow another cycle for bug fixes based on issues raised from the community. Now is the time to upgrade!

    🍱 💚 Please consider sponsoring this project. I work on this full-time and appreciate your support!

    🚀 This release is production-ready and should be used in production (after testing locally and in staging environments) as much as possible. We recommend that all users test and upgrade to RC1.

    🚀 Remember that release candidates are still pre-release, and there may be more than one release candidate depending on bug reports.

    🚀 Thank you to everyone who participated in the improvements for this release, especially @Mohammed90 for being our CI wizard! Also a huge thanks to @sarge for working on integration tests, which will get more attention in the coming months, and to @whitestrake and @francislavoie for helping in the community so much.

    Some highlights:

    • 🔀 ⚠️ A few lesser-known/used properties in the JSON were changed: not request matchers now take an array of objects rather than a single object; removed manage_sync from TLS automation policies; renamed tag to any_tags and all_tags and removed policy in TLS certificate selection policies.
    • 0️⃣ The root directive now gets evaluated before redir and rewrite by default.
    • 🆕 New caddy trust command for installing Caddy's default root certificate.
    • 👌 Supports ACME externalAccountBinding feature, for interop with commercial CAs.
    • The not HTTP request matcher can now consult one or more matcher sets.
    • 🛠 Numerous bug fixes and other improvements.

    👀 See all commits since beta 20 here.

    👌 Support:

    v2 Resources:

    🔄 Changelog

    📇 397e04e caddyauth: Add Metadata field to caddyauth.User (#3174)
    6fe04a3 caddyfile: Export NewTestDispenser() (close #2930)
    7ee3ab7 caddyfile: Formatter enhancements
    🛠 deba26d caddyfile: Minor fixes to the formatter
    73643ea caddyhttp: 'not' matcher now accepts multiple matcher sets and OR's them (#3208)
    🖨 581f1de caddyhttp: Print actual listener address in log message (closes #2992)
    ac65f69 caddyhttp: Rename MatchNegate type to MatchNot type
    ⚡️ 0d2a351 caddyhttp: Update host matcher docs about wildcards
    👍 9fb0b1e caddytls: Add support for externalAccountBinding ACME extension
    7ca1586 caddytls: Encode big.Int as string with JSON
    c87f82f caddytls: Match automation policies by wildcard subjects too
    ♻️ 6ca5828 caddytls: Refactor certificate selection policies (close #1575)
    🚚 ea3688e caddytls: Remove ManageSync
    👍 5c55e5d caddytls: Support placeholders in key_type (#3176)
    ⚡️ ce3ca54 caddytls: Update cipher suite names and curve names
    673d3d0 file_server: Fix dumb error check I must have written at 1am
    ⚡️ 19b4554 go.mod: Update smallstep/truststore
    ⚡️ d322de6 gzip: Use klauspost/gzip, an optimized gzip implementation
    37aa516 headers: Trim any trailing colon from field names as a courtesy
    904d9ca httpcaddyfile: Include non-standard ports when mapping logger names
    178ba02 httpcaddyfile: Put root directive first, before redir and rewrite
    ♻️ 1c190b0 httpcaddyfile: Refactor site key parsing; detect conflicting schemes
    244b839 pki: Add trust subcommand to install root cert (closes #3204)
    🛠 1456f15 readme: So much more ... what? Fixed cliffhanger
    e207240 reverse_proxy: Upstream.String() method returns either LookupSRV or Dial
    809e727 rewrite: Fix for rewrites with URI placeholders (#3209)

  • v2.0.0-beta9

    November 04, 2019

    🚀 Caddy 2.0 beta 9 is the next pre-release in the development cycle of Caddy 2 and is the best update yet! Some highlights:

    • 🛠 Significant bug fixes, especially related to HTTP requests. (Got rid of those panics! Oops)
    • ♻️ Refactored the admin (API) endpoint code significantly, making many internal improvements and fixing several bugs.
    • ➕ Added optional origin enforcement features to the API for added security.
    • 👌 Improved config reload performance significantly.
    • 🛠 Fixed some bugs related to the Caddyfile.

    👀 See all commits since beta 8 here.

    🚀 Please remember that Caddy 2 beta releases are not yet feature-complete as development is ongoing, nor are they stable; there are likely to be some breaking changes between tags. We hope you will find ways to use Caddy 2 beta in production and report any issues you find!

    Thank you to all of you who have reported bugs or requested features so far. We continue to make good progress.

    👀 To learn how to get started, see the README on the v2 branch.

    🍱 💚 Please consider sponsoring this project!

    This is a community effort, so please report bugs, join the discussion, and submit pull requests to be a part of the team!

    👌 Support:

    v2 Resources:

  • v2.0.0-beta8

    October 29, 2019

    🚀 Caddy 2.0 beta 8 is the next pre-release in the development cycle of Caddy 2 and is the best update yet! Some highlights:

    • 📚 Logging! Caddy 2 has an exceptionally powerful, flexible, and high-performing log. Read the docs about logging.
    • Rewrite handler can now quickly strip path prefix or suffix conveniently, and issue HTTP redirects
    • Significant improvements to TLS certificate management, especially at large scale. Give Caddy 2 a million domains and it will gradually obtain certificates for them with built-in rate limiting and retries over the course of days or weeks.
    • CI improvements, including continuous fuzzing.
    • 🔧 HTTP cache can be configured to work in a group/cluster setting.
    • 🚑 Several bug fixes, including a hotfix for silly bug in beta 7 (d'oh! 🤦‍♂️)

    👀 See all commits since beta 6 here.

    🚀 Please remember that Caddy 2 beta releases are not yet feature-complete as development is ongoing, nor are they stable; there are likely to be some breaking changes between tags. We hope you will find ways to use Caddy 2 beta in production and report any issues you find!

    Thank you to all of you who have reported bugs or requested features so far. We continue to make good progress.

    👀 To learn how to get started, see the README on the v2 branch.

    This is a community effort, so please report bugs, join the discussion, and submit pull requests to be a part of the team!

    👌 Support:

    v2 Resources: