Navigation:
Browse pkgsrc
(this page)
www caddy
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2026-01-15 20:55:00 by Benny Siegert | Files touched by this commit (202) |  |
Log message: Revbump all Go packages after go125 update |
| 2025-12-02 20:25:26 by Benny Siegert | Files touched by this commit (202) | |
Log message: Revbump all Go packages after go125 update |
| 2025-10-16 20:00:06 by Benny Siegert | Files touched by this commit (200) | |
Log message: Revbump all Go packages after go125 update |
| 2025-10-08 08:54:42 by Benny Siegert | Files touched by this commit (200) | |
Log message: Revbump all Go packages after go125 update |
| 2025-09-06 15:17:15 by Benny Siegert | Files touched by this commit (195) | |
Log message: Revbump all Go packages after go125 security update |
| 2025-08-31 12:03:04 by Benny Siegert | Files touched by this commit (191) |
Log message: Revbump all Go packages after moving to go125 |
| 2025-06-06 16:01:43 by Benny Siegert | Files touched by this commit (193) | |
Log message: Revbump all Go packages after go124 update |
| 2025-05-19 21:09:31 by Benny Siegert | Files touched by this commit (3) | |
Log message: caddy: update to 2.10.0 Caddy 2.10 is here! Aside from bug fixes, this release features: - Encrypted ClientHello (ECH): This new technology encrypts the last plaintext portion of a TLS connection: the ClientHello, which includes the domain name being connected to. The draft spec for ECH is almost finalized, so we can now support this privacy feature for TLS. This is a powerful but nuanced capability; we highly recommend reading the ECH documentation on our website. - Post-quantum (PQC) key exchange: Caddy now supports the standardized x25519mlkem768 cryptographic group by default. - ACME profiles: ACME profiles are an experimental draft that allow you to choose properties of your certificates with more flexibility than traditional CSR methods. For example, Let's Encrypt will issue 6-day certificates under a certain profile. Caddy may eventually use that profile by default. - Via header: The reverse proxy now sets a Via header instead of a duplicate Server header. - Global DNS provider: You can now specify a default "global" DNS module to use instead of having to configure it locally in every part of your config that requires a DNS provider (for example, ACME DNS challenges, and ECH). This is the dns global option in the Caddyfile, or in JSON config, it's the dns parameter in the tls app configuration. - Wildcards used by default: Previously, Caddy would obtain individual certificates for every domain in your config literally; now wildcards, if present, will be utilized for subdomains, rather than obtaining individual certificates. This change was motivated by the novel possibility for subdomain privacy afforded by ECH. It can be overridden with tls force_automate in the Caddyfile. The experimental auto_https prefer_wildcard option has been removed. - libdns 1.0 APIs: Many of you use DNS provider modules to solve ACME DNS challenges or to enable dynamic DNS. They implement interfaces defined by libdns to get, set, append, and delete DNS records. After 5 years of production experience, including lessons learned with ECH, libdns APIs have been updated and 1.0 beta has been tagged. DNS provider packages will need to update their code to be compatible, which will help ensure stability and well-defined semantics for the future. Several packages have already updated or are in the process of updating (cloudflare, rfc2136, and desec to name a few). - Global dns config: Now that several components of Caddy configuration may affect DNS records (ACME challenges, ECH publication, etc.), there is a new dns global option that can be used to specify your DNS provider config in a single place. This prevents repetition of credentials for servers where all the domains are managed by a single DNS provider. |
New packages: