2.2.1
-----
This patch release contains a number of bug fixes. Thanks for the reports and
the help in debugging them!
2.2.0
-----
We are pleased to release Caddy 2.2! Our community has spent a lot of time on
bug fixes, as well as some new features you will like.
Highlights:
- Full support for ZeroSSL, a new ACME CA that is a viable alternative to Let's
Encrypt. Its ACME endpoint is free to use and might even be a better fit for
your deployment depending on your requirements (for example, it does not have
tight rate limits and does not require the DNS challenge for wildcard certs).
To clarify, ZeroSSL's ACME endpoint is RFC 8555-compliant and was already
compatible with Caddy; we just made it easier to use by automating the EAB
credentials for your convenience.
- We now have full control over our ACME stack! By replacing our previous
underlying ACME library (lego) with ACMEz, Caddy can offer:
- faster config reloads
- more efficient cert management at scale
- a more intuitive configuration experience
- lighter builds
- structured logs that are consistent with Caddy's other logs (which you have
fine-grained control over).
- (we no longer suffer from the limitations still shared by other lego-based
ACME clients)
- Integrated support for Prometheus metrics. We decided that emitting metrics
is something the core of the server has to do, rather than only a separate
module. We will continue improving this with time. Huge thanks to
@hairyhenderson for his skillful contributions.
- HTTP/2 server push has been re-introduced, this time better than it was in
Caddy 1.
- Caddyfile enhancements, including:
- Fully customize certificate issuers from the Caddyfile. Up until now, you
could only customize certain parts of the ACME issuer or choose the
Internal issuer from the Caddyfile; now you have full control.
- Named matchers can be defined inside route blocks.
- Customize log encoders.
- dns property for issuer subdirective of tls directive that allows full
customization of DNS challenge (those providers which support the
Caddyfile)
Bug fixes
- The logfmt log encoder has been deprecated and will be removed. (It is
already broken since it does not encode objects, so if you used it you
probably stopped using it anyway.)
- Customizable DNS resolver for reverse proxy
- Latest HTTP/3 version
- Numerous bug fixes and other enhancements! Notable bug fixes related to:
- ACME DNS challenge providers
- Custom resolvers for the DNS challenge
- ACME EAB (External Account Binding)
- Panic recovery
- Startup time when managing lots of certificates
- Correct port for active health checks (reverse_proxy module)
- Windows paths
- File hiding logic (file_server module)
- Bidirectional streaming (reverse_proxy module; specifically benefits v2ray
use)
- More consistent, structured error logging when produced from HTTP code in
Go's standard library
- New placeholders and log fields, especially pertaining to TLS, ACME, and
HTTP
6fb9ddbc86