Navigation:
Browse pkgsrc
(this page) 2022-09-08 19:53:22 by Benny Siegert | Files touched by this commit (5) |  |
Log message: caddy: update to 2.5.2. From pkgsrc-wip. This version builds with Go 1.19. v2.5.0 - Reverse proxy: Dynamic upstreams, which is the ability to get the list of upstreams at every request (more specifically, every iteration in the proxy loop of every request) rather than just once at config-load time. Dynamic upstream modules can be plugged in to provide Caddy with the latest list of backends in real-time. Two standard modules have been implemented which can get upstreams from SRV and A/AAAA record lookups. This deprecates the lookup_srv JSON field for upstreams (and srv+ scheme prefix in the Caddyfile), which will be removed in the future. - Automatic HTTPS: Caddy will automatically try to get relevant certificates from the local Tailscale instance (if running with permission to access the Tailscale socket). This makes services running on a Tailscale network automatically available over trusted HTTPS with Caddy. - Tracing: New OpenTelemetry integration with the tracing handler module and associated tracing directive. - Reverse proxy: When using the response handlers, a new handler copy_response is available to copy the proxy's response back to the client, and copy_response_headers may be used to selectively copy header values from the proxy's response. - API: Added new endpoints /pki/ca/<id> and /pki/ca/<id>/certificates for getting information about Caddy's managed CAs, including the chain of root and intermediate certificates. v2.5.1 - Fixed regression in Unix socket admin endpoints. - Fixed regression in caddy trust commands. - Hash-based load balancing policies (ip_hash, uri_hash, header, and cookie) use an improved highest-random-weight (HRW) algorithm for increased consistency. The new rendezvous hash will ensure a client or request is consistently mapped to a particular upstream even if the list of upstreams changes. - The reverse proxy is now able to rewrite the method and URI on its internal copy of the request that goes to the upstream. Combined with new handle_response capabilities, this enables the reverse proxy to fire off "pre-check requests" (for lack of a better term) to make routing \ decisions based on the results of that call. This enables a commonly-emerging pattern called forward authentication wherein a backend is queried to assess a client's authorization to be proxied. The full, verbose config for this is very flexible but tedious, so we made a new wrapper directive called forward_auth that eliminates the boilerplate. v2.5.2 - New /adapt admin endpoint: Use your installed config adapters via API in addition to the existing caddy adapt CLI command. - New Etag/If-Match support for config API: Safely update your config concurrently and avoid collisions by using our unique Etag implementation. - Rename copied headers from reverse_proxy: If you're using handle_response, you can more easily map headers to a different name for clients. - Many HTTP matchers have been added to CEL: You can now use the logic of our HTTP request matchers in CEL expressions. - Notable bug fixes: EAB reuse, various QUIC & HTTP/3 fixes, more specific HTTP status codes, various reverse proxy fixes. |
| 2022-09-07 11:32:31 by Benny Siegert | Files touched by this commit (114) | |
Log message: Revbump all Go packages after go118 security update |
| 2022-08-12 22:38:12 by Benny Siegert | Files touched by this commit (114) | |
Log message: Revbump all Go packages after go118 security update |
| 2022-07-13 18:03:09 by Benny Siegert | Files touched by this commit (110) | |
Log message: Revbump all Go packages after go118 update |
| 2022-06-02 20:52:08 by Benny Siegert | Files touched by this commit (109) | |
Log message: Revbump all Go packages after go118 update |
| 2022-04-18 20:28:08 by Benny Siegert | Files touched by this commit (5) | |
Log message:
caddy: update to 2.4.6
Update the quic-go module to a version that works with Go 1.18.
Caddy 2.4.6 changes:
This release contains bug fixes and minor enhancements, including one patch
with potential security implications related to path matching.
Notable patches:
- Path matchers unescape/clean URI paths to normalize match space
- Fix regex matching in map handler
Notable enhancements:
- try_files can now accept =nnn (e.g. =404) to yield a status code instead of
a file.
- Template actions httpError (stop eval and return HTTP error) and import
(like include but changes template context) were added
- New placeholder {http.request.tls.client.certificate_der_base64}
|
| 2022-04-13 09:51:02 by Benny Siegert | Files touched by this commit (106) | |
Log message: Revbump all Go packages after go117 update |
| 2022-03-07 10:14:13 by Benny Siegert | Files touched by this commit (106) | |
Log message: Revbump all Go packages after go117 update |
| 2022-02-13 20:24:33 by Benny Siegert | Files touched by this commit (106) | |
Log message: Revump all Go packages after go117 update |
| 2021-12-09 18:50:21 by Benny Siegert | Files touched by this commit (102) | |
Log message: Revbump all Go packages after go117 update |
New packages: