Caddy is een opensource-http/2-webserver die beschikbaar is voor Android, BSD, Linux, macOS, Solaris en Windows. Het zet standaard https aan en gebruikt daarvoor de integratie met Let's Encrypt als eigen certificaten niet voorhanden zijn. De eigen feature stack is al behoorlijk compleet, maar kan verder uitgebreid worden via modules. Zo is het onder andere mogelijk om via deze modules experimentele ondersteuning van http/3 aan te zetten. Het ontwikkelteam heeft versie 2.5.1 enkele dagen geleden uitgebracht met de volgende aanpassingen:
Version 2.5.1
This is a minor patch release that fixes some bugs and also enhances reverse_proxy with capabilities that weren't ready in time for v2.5.0.
HighlightsWhat's Changed
- Fixed regression in Unix socket admin endpoints.
- Fixed regression in caddy trust commands.
- Hash-based load balancing policies (ip_hash, uri_hash, header, and cookie) use an improved highest-random-weight (HRW) algorithm for increased consistency. The new rendezvous hash will ensure a client or request is consistently mapped to a particular upstream even if the list of upstreams changes.
- The reverse proxy is now able to rewrite the method and URI on its internal copy of the request that goes to the upstream. Combined with new handle_response capabilities, this enables the reverse proxy to fire off "pre-check requests" (for lack of a better term) to make routing decisions based on the results of that call. This enables a commonly-emerging pattern called forward authentication wherein a backend is queried to assess a client's authorization to be proxied. The full, verbose config for this is very flexible but tedious, so we made a new wrapper directive called forward_auth that eliminates the boilerplate (very similar to the php_fastcgi directive). This works with authentication providers like Authelia, and more.
- caddypki: Fix caddy trust command to use the correct API endpoint
- reverseproxy: Improve hashing LB policies with HRW
- Add missing backticks
- caddyhttp: Improve listen addr error message for IPv6
- cmd: Fix unix socket addresses for admin API requests
- logging: Use RedirectStdLog
- logging: Implement rename filter, changes field key names
- httpcaddyfile: Fix duplicate access log when debug is on
- reverseproxy: Fix Caddyfile support for replace_status
- templates: Add custom template function registration
- reverseproxy: Permit resolver addresses to not specify a port
- caddyfile: Shortcut for remote_ip for private IP ranges
- reverseproxy: Support performing pre-check requests
- map: Prevent output destinations overlap with Caddyfile shorthands
/u/218586/crop640e215f1a435_cropped.png?f=community){kind=small}
:strip_icc():strip_exif()/u/734971/crop5aa85c28e6c3e_cropped.jpeg?f=community){kind=small}
:strip_icc():strip_exif()/u/116001/crop5db1ffa2442b3_cropped.jpeg?f=community){kind=small}
