1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
|
CHANGES
0.9.2 (September 20, 2016)
- New -catimeout option to customize ACME CA HTTP timeout
- import: Fix nested import absolute/relative paths
- log: Fix multiple log outputs
- proxy: Fix for keepalive in certain cases
- tls: Fix for PreferServerCipherSuites
- Numerous other bug fixes and internal improvements
0.9.1 (August 17, 2016)
- New {request_body} placeholder to log request body
- {remote} placeholder no longer uses X-Forwarded-For header
- {latency} placeholder rounds to nice looking number
- Add support for ratelimit plugin
- basicauth: Declaring realm named "Restricted"
- errors: Define catch-all/default error page with * character
- header: More control to add, set, or remove headers
- proxy: New keepalive setting to help accommodate busy servers
- proxy: New load balancing policy ip_hash
- proxy: Fixed WebSocket connections
- proxy: Fixed broken header logic
- proxy: Reuse existing connection for Upgrade requests
- proxy: Support for basic auth from header or upstream address
- templates: New .Env action to access environment variables
- tls: OCSP staples persisted to disk
- tls: ACME challenges honor bind directive
- tls: Fix default protocol version (minimum TLS 1.1)
- tls: Consume challenge requests only for names Caddy is solving for
- tls: The protocol syntax allows just one value if desired
- tls: Scoped max_certs limit to site instead of global maximum
- Many other bug fixes and minor enhancements
0.9 (July 18, 2016)
- New core
- New experimental QUIC support with -quic flag (HTTPS only)
- New -type option to specify other server types
- Moved ~/.caddy/letsencrypt to ~/.caddy/acme and reorganized assets
- Moved caddy package to top level folder, and pushed main to subfolder
- New {request} placeholder to dump entire request (without body)
- New {hostonly} placeholder for only hostname portion of host value
- Site addresses can have paths
- Site addresses can make some use of wildcards in domains
- Renamed -directives flag to -plugins
- Restarting no longer requires spawning a new process
- Removed -restart option
- fastcgi: Env variables now support placeholders
- import: Import paths now relative to Caddyfile, not current working dir
- markdown: Overhauled; removed site generation features
- proxy: More control of headers; deprecating proxy_header subdirective
- proxy: Specify multiple upstreams with optional port ranges
- proxy: New preset 'transparent' to simplify common pass-thru headers
- proxy: Chooses longest matching path; order declared is irrelevant
- redir: Added if and if_op subdirectives to make conditional redirects
- rewrite: Support for if_op to change how conditions are evaluated
- tls: Generate self-signed certificates in memory
- tls: Support for ACME DNS challenge with 10 providers
- tls: Support for TLS-SNI challenge during restarts
- Various bug fixes and enhancements
0.8.3 (April 26, 2016)
- Built with Go 1.6.2
- New pprof middleware for exposing process profiling endpoints
- New expvar middleware for exposing memory/GC performance
- New -restart option to force in-process restarts on Unix systems
- Only fail to start if managed certificate is expired (issue #642)
- Toggle case-sensitive path matching with environment variable
- File server now adds ETag header for static files
- browse: Replace .LinkedPath action with .BreadcrumbMap
- fastcgi: New except clause to exclude paths
- proxy: New max_conns setting to limit max connections per upstream
- proxy: New replaceable value for name of upstream host
- templates: New utility actions for dealing with strings
- tls: Customize certificate key with key_type (+ECC)
- tls: Session ticket keys are now rotated
- Many other minor internal improvements and bug fixes
0.8.2 (February 25, 2016)
- On-demand TLS can obtain certificates during handshakes
- Built with Go 1.6
- Process log (-log) is rotated when it gets large
- Managed certificates get renewed 30 days early instead of just 14
- fastcgi: Allow scheme prefix before address
- markdown: Support for definition lists
- proxy: Allow proxy to insecure HTTPS backends
- proxy: Support proxy to unix socket
- rewrite: Status code can be 2xx or 4xx
- templates: New .Markdown action to interpret included file as Markdown
- templates: .Truncate now truncates from end of string when length is negative
- tls: Set hard limit for certificates obtained with on-demand TLS
- tls: Load certificates from directory
- tls: Add SHA384 cipher suites
- Multiple bug fixes and internal changes
0.8.1 (January 12, 2016)
- Improved OCSP stapling
- Better graceful reload when new hosts need certificates from Let's Encrypt
- Current pidfile is now deleted when Caddy exits
- browse: New default template
- gzip: Added min_length setting
- import: Support for glob patterns (*) to import multiple files
- rewrite: New complex rules with conditions, regex captures, and status code
- tls: Removed DES ciphers from default cipher suite list
- tls: All supported certificates are OCSP-stapled
- tls: Allow custom configuration without specifying certificate and key
- tls: No longer allow HTTPS over port 80
- Dozens of bug fixes, improvements, and more tests across the board
0.8 (December 4, 2015)
- HTTPS by default via Let's Encrypt (certs & keys are fully managed)
- Graceful restarts (on POSIX-compliant systems)
- Major internal refactoring to allow use of Caddy as library
- New directive 'mime' to customize Content-Type based on file extension
- New -accept flag to accept Let's Encrypt SA without prompt
- New -email flag to customize default email used for ACME transactions
- New -ca flag to customize ACME CA server URL
- New -revoke flag to revoke a certificate
- New -log flag to enable process log
- New -pidfile flag to enable writing pidfile
- New -grace flag to customize the graceful shutdown timeout
- New support for SIGHUP, SIGTERM, and SIGQUIT signals
- browse: Render filenames with multiple whitespace properly
- core: Use environment variables in Caddyfile
- markdown: Include Last-Modified header in response
- markdown: Render tables, strikethrough, and fenced code blocks
- proxy: Ability to exclude/ignore paths from proxying
- startup, shutdown: Better Windows support
- templates: Bug fix for .Host when port is absent
- templates: Include Last-Modified header in response
- templates: Support for custom delimiters
- tls: For non-local hosts, default port is now 443 unless specified
- tls: Force-disable HTTPS
- tls: Specify Let's Encrypt email address
- Many, many more tests and numerous bug fixes and improvements
0.7.6 (September 28, 2015)
- Pass in simple Caddyfile as command line arguments
- basicauth: Support for legacy htpasswd files
- browse: JSON response with file listing
- core: Caddyfile as command line argument
- errors: Can write full stack trace to HTTP response for debugging
- errors, log: Roll log files after certain size or age
- proxy: Fix for 32-bit architectures
- rewrite: Better compatibility with fastcgi and PHP apps
- templates: Added .StripExt and .StripHTML methods
- Internal improvements and minor bug fixes
0.7.5 (August 5, 2015)
- core: All listeners bind to 0.0.0.0 unless 'bind' directive is used
- fastcgi: Set HTTPS env variable if connection is secure
- log: Output to system log (except Windows)
- markdown: Added dev command to disable caching during development
- markdown: Fixed error reporting during initial site generation
- markdown: Fixed crash if path does not exist when server starts
- markdown: Fixed site generation and link indexing when files change
- templates: Added .NowDate for use in date-related functions
- Several bug fixes related to startup and shutdown functions
0.7.4 (July 30, 2015)
- browse: Sorting preference persisted in cookie
- browse: Added index.txt and default.txt to list of default files
- browse: Template files may now use Caddy template actions
- markdown: Template files may now use Caddy template actions
- markdown: Several bug fixes, especially for large and empty Markdown files
- markdown: Generate index pages to link to markdown pages (sitegen only)
- markdown: Flatten structure of front matter, changed template variables
- redir: Can use variables (placeholders) like log formats can
- redir: Catch-all redirects no longer preserve path; use {uri} instead
- redir: Syntax supports redirect tables by opening a block
- templates: Renamed .Date to .Now and added .Truncate, .Replace actions
- Other minor internal improvements and more tests
0.7.3 (July 15, 2015)
- errors: Error log now shows timestamp with each entry
- gzip: Fixed; Default filtering is by extension; removed MIME type filter
- import: Fixed; works inside and outside server blocks
- redir: Query string preserved on catch-all redirects
- templates: Proper 403 or 404 errors for restricted or missing files
0.7.2 (July 1, 2015)
- Custom builds through caddyserver.com - extend Caddy by writing addons
- browse: Sort by clicking column heading or using query string
- core: Serving hostname that doesn't resolve issues warning then listens on 0.0.0.0
- errors: Missing error page during parse time is warning, not error
- ext: Extension only appended if request path does not end in /
- fastcgi: Fix for backend responding without status text
- fastcgi: Fix PATH_TRANSLATED when PATH_INFO is empty (RFC 3875)
- git: Removed from core (available as add-on)
- gzip: Enable by file path and/or extension
- gzip: Customize compression level
- log: Fix for missing status in log entry when error unhandled
- proxy: Strip prefix from path for proxy to path
- redir: Meta tag redirects
- templates: Support for nested includes
- Internal improvements and more tests
0.7.1 (June 2, 2015)
- basicauth: Patched timing vulnerability
- proxy: Support for WebSocket backends
- tls: Client authentication
0.7 (May 25, 2015)
- New directive 'internal' to protect resources with X-Accel-Redirect
- New -version flag to show program name and version
- core: Fixed escaped backslash characters inside quoted strings
- core: Fixed parsing Caddyfile for IPv6 addresses missing ports
- core: A notice is shown when non-local address resolves to loopback interface
- core: Warns if file descriptor limit is too low for production site (Mac/Linux)
- fastcgi: Support for Unix sockets
- git: Fixed issue that prevented pulling at designated interval
- header: Remove a header field by prefixing field name with "-"
- markdown: Simple static site generation
- markdown: Support for metadata ("front matter") at beginning of files
- rewrite: Experimental support for regular expressions
- tls: Customize cipher suites and protocols
- tls: Removed RC4 ciphers
- Other internal improvements that are not user-facing (more tests, etc.)
0.6 (May 7, 2015)
- New directive 'git' to automatically pull changes
- New directive 'bind' to override host server binds to
- New -root flag to specify root path to default site
- Ability to receive config data piped through stdin
- core: Warning if root directory doesn't exist at startup
- core: Entire process dies if any server fails to start
- gzip: Fixed Content-Length value when proxying requests
- errors: Error log now includes file and line number of panics
- fastcgi: Pass custom environment variables
- fastcgi: Support for HEAD, OPTIONS, PUT, PATCH, and DELETE methods
- fastcgi: Fixed SERVER_SOFTWARE variables
- markdown: Support for index files when URL points to a directory
- proxy: Load balancing with multiple backends, health checks, failovers, and multiple policies
- proxy: Add custom headers
- startup/shutdown: Run command in background with '&' at end
- templates: Added .tpl and .tmpl as default extensions
- templates: Support for index files when URL points to a directory
- templates: Changed .RemoteAddr to .IP and stripped out remote port
- tls: TLS disabled (with warning) for servers that are explicitly http://
- websocket: Fixed SERVER_SOFTWARE and GATEWAY_INTERFACE variables
- Many internal improvements
0.5.1 (April 30, 2015)
- Default host is now 0.0.0.0 (wildcard)
- New -host and -port flags to override default host and port
- core: Support for binding to 0.0.0.0
- core: Graceful error handling during heavy load; proper error responses
- errors: Fixed file path handling
- errors: Fixed panic due to nil log file
- fastcgi: Support for index files
- fastcgi: Fix for handling errors that come from responder
0.5 (April 28, 2015)
- Initial release
|