CHANGES - proxy: New max_conns setting to limit max connections per upstream - Internal improvements, restructuring, and bug fixes 0.8.2 (February 25, 2016) - On-demand TLS can obtain certificates during handshakes - Built with Go 1.6 - Process log (-log) is rotated when it gets large - Managed certificates get renewed 30 days early instead of just 14 - fastcgi: Allow scheme prefix before address - markdown: Support for definition lists - proxy: Allow proxy to insecure HTTPS backends - proxy: Support proxy to unix socket - rewrite: Status code can be 2xx or 4xx - templates: New .Markdown action to interpret included file as Markdown - templates: .Truncate now truncates from end of string when length is negative - tls: Set hard limit for certificates obtained with on-demand TLS - tls: Load certificates from directory - tls: Add SHA384 cipher suites - Multiple bug fixes and internal changes 0.8.1 (January 12, 2016) - Improved OCSP stapling - Better graceful reload when new hosts need certificates from Let's Encrypt - Current pidfile is now deleted when Caddy exits - browse: New default template - gzip: Added min_length setting - import: Support for glob patterns (*) to import multiple files - rewrite: New complex rules with conditions, regex captures, and status code - tls: Removed DES ciphers from default cipher suite list - tls: All supported certificates are OCSP-stapled - tls: Allow custom configuration without specifying certificate and key - tls: No longer allow HTTPS over port 80 - Dozens of bug fixes, improvements, and more tests across the board 0.8.0 (December 4, 2015) - HTTPS by default via Let's Encrypt (certs & keys are fully managed) - Graceful restarts (on POSIX-compliant systems) - Major internal refactoring to allow use of Caddy as library - New directive 'mime' to customize Content-Type based on file extension - New -accept flag to accept Let's Encrypt SA without prompt - New -email flag to customize default email used for ACME transactions - New -ca flag to customize ACME CA server URL - New -revoke flag to revoke a certificate - New -log flag to enable process log - New -pidfile flag to enable writing pidfile - New -grace flag to customize the graceful shutdown timeout - New support for SIGHUP, SIGTERM, and SIGQUIT signals - browse: Render filenames with multiple whitespace properly - core: Use environment variables in Caddyfile - markdown: Include Last-Modified header in response - markdown: Render tables, strikethrough, and fenced code blocks - proxy: Ability to exclude/ignore paths from proxying - startup, shutdown: Better Windows support - templates: Bug fix for .Host when port is absent - templates: Include Last-Modified header in response - templates: Support for custom delimiters - tls: For non-local hosts, default port is now 443 unless specified - tls: Force-disable HTTPS - tls: Specify Let's Encrypt email address - Many, many more tests and numerous bug fixes and improvements 0.7.6 (September 28, 2015) - Pass in simple Caddyfile as command line arguments - basicauth: Support for legacy htpasswd files - browse: JSON response with file listing - core: Caddyfile as command line argument - errors: Can write full stack trace to HTTP response for debugging - errors, log: Roll log files after certain size or age - proxy: Fix for 32-bit architectures - rewrite: Better compatibility with fastcgi and PHP apps - templates: Added .StripExt and .StripHTML methods - Internal improvements and minor bug fixes 0.7.5 (August 5, 2015) - core: All listeners bind to 0.0.0.0 unless 'bind' directive is used - fastcgi: Set HTTPS env variable if connection is secure - log: Output to system log (except Windows) - markdown: Added dev command to disable caching during development - markdown: Fixed error reporting during initial site generation - markdown: Fixed crash if path does not exist when server starts - markdown: Fixed site generation and link indexing when files change - templates: Added .NowDate for use in date-related functions - Several bug fixes related to startup and shutdown functions 0.7.4 (July 30, 2015) - browse: Sorting preference persisted in cookie - browse: Added index.txt and default.txt to list of default files - browse: Template files may now use Caddy template actions - markdown: Template files may now use Caddy template actions - markdown: Several bug fixes, especially for large and empty Markdown files - markdown: Generate index pages to link to markdown pages (sitegen only) - markdown: Flatten structure of front matter, changed template variables - redir: Can use variables (placeholders) like log formats can - redir: Catch-all redirects no longer preserve path; use {uri} instead - redir: Syntax supports redirect tables by opening a block - templates: Renamed .Date to .Now and added .Truncate, .Replace actions - Other minor internal improvements and more tests 0.7.3 (July 15, 2015) - errors: Error log now shows timestamp with each entry - gzip: Fixed; Default filtering is by extension; removed MIME type filter - import: Fixed; works inside and outside server blocks - redir: Query string preserved on catch-all redirects - templates: Proper 403 or 404 errors for restricted or missing files 0.7.2 (July 1, 2015) - Custom builds through caddyserver.com - extend Caddy by writing addons - browse: Sort by clicking column heading or using query string - core: Serving hostname that doesn't resolve issues warning then listens on 0.0.0.0 - errors: Missing error page during parse time is warning, not error - ext: Extension only appended if request path does not end in / - fastcgi: Fix for backend responding without status text - fastcgi: Fix PATH_TRANSLATED when PATH_INFO is empty (RFC 3875) - git: Removed from core (available as add-on) - gzip: Enable by file path and/or extension - gzip: Customize compression level - log: Fix for missing status in log entry when error unhandled - proxy: Strip prefix from path for proxy to path - redir: Meta tag redirects - templates: Support for nested includes - Internal improvements and more tests 0.7.1 (June 2, 2015) - basicauth: Patched timing vulnerability - proxy: Support for WebSocket backends - tls: Client authentication 0.7.0 (May 25, 2015) - New directive 'internal' to protect resources with X-Accel-Redirect - New -version flag to show program name and version - core: Fixed escaped backslash characters inside quoted strings - core: Fixed parsing Caddyfile for IPv6 addresses missing ports - core: A notice is shown when non-local address resolves to loopback interface - core: Warns if file descriptor limit is too low for production site (Mac/Linux) - fastcgi: Support for Unix sockets - git: Fixed issue that prevented pulling at designated interval - header: Remove a header field by prefixing field name with "-" - markdown: Simple static site generation - markdown: Support for metadata ("front matter") at beginning of files - rewrite: Experimental support for regular expressions - tls: Customize cipher suites and protocols - tls: Removed RC4 ciphers - Other internal improvements that are not user-facing (more tests, etc.) 0.6.0 (May 7, 2015) - New directive 'git' to automatically pull changes - New directive 'bind' to override host server binds to - New -root flag to specify root path to default site - Ability to receive config data piped through stdin - core: Warning if root directory doesn't exist at startup - core: Entire process dies if any server fails to start - gzip: Fixed Content-Length value when proxying requests - errors: Error log now includes file and line number of panics - fastcgi: Pass custom environment variables - fastcgi: Support for HEAD, OPTIONS, PUT, PATCH, and DELETE methods - fastcgi: Fixed SERVER_SOFTWARE variables - markdown: Support for index files when URL points to a directory - proxy: Load balancing with multiple backends, health checks, failovers, and multiple policies - proxy: Add custom headers - startup/shutdown: Run command in background with '&' at end - templates: Added .tpl and .tmpl as default extensions - templates: Support for index files when URL points to a directory - templates: Changed .RemoteAddr to .IP and stripped out remote port - tls: TLS disabled (with warning) for servers that are explicitly http:// - websocket: Fixed SERVER_SOFTWARE and GATEWAY_INTERFACE variables - Many internal improvements 0.5.1 (April 30, 2015) - Default host is now 0.0.0.0 (wildcard) - New -host and -port flags to override default host and port - core: Support for binding to 0.0.0.0 - core: Graceful error handling during heavy load; proper error responses - errors: Fixed file path handling - errors: Fixed panic due to nil log file - fastcgi: Support for index files - fastcgi: Fix for handling errors that come from responder 0.5.0 (April 28, 2015) - Initial release