caddyserver/caddy v2.6.3 on GitHub

This release brings a number of bug fixes and minor features. We recommend that all users check the release notes/commits, then test and upgrade.

Notable changes:

New trusted_proxies global option (within servers) can be used to specify trusted proxy IP ranges globally. This is important if relying on headers for client IP addresses.
Unix sockets on Windows now supported as proxy upstreams.
Proxied WebSocket connections are now logged with correct status code and "size" (bytes read + bytes written).
The quic-go package has received significant optimizations, so HTTP/3 should be more efficient now.

Thank you to everyone who contributed to this release!

Changelog

bfaf2a8 acme_server: Configurable default lifetime for issued certificates (#5232)
ac83b7e admin: Add CADDY_ADMIN env var to override the default (#5332)
ac96455 admin: fix certificate renewal for admin (#5169)
762b027 admin: set certmagic cache logger (#5173)
329af5c build(deps): bump actions/cache from 2 to 3 (#5263)
3b724a2 build(deps): bump actions/upload-artifact from 1 to 3 (#5262)
af93517 build(deps): bump goreleaser/goreleaser-action from 2 to 4 (#5264)
cd49847 build(deps): bump peter-evans/repository-dispatch from 1 to 2 (#5261)
8d3a1b8 caddyauth: Use singleflight for basic auth (#5344)
bbe3663 caddyconfig: Fix httploader leak from unused responses (#5159)
7f2a93e caddyfile: Allow overriding server names (#5323)
223cbe3 caddyhttp: Add server-level trusted_proxies config (#5103)
087f126 caddyhttp: Canonicalize header field names (#5176)
12bcbe2 caddyhttp: Pluggable trusted proxy IP range sources (#5328)
ed50311 caddyhttp: add placeholder {http.request.orig_uri.path.*} (#5161)
33fdea8 caddypki: Prefer user-configured root instead of generating new one (#5189)
6f8fe01 caddypki: Use go.step.sm/crypto to generate the PKI (#5217)
1fa4cb7 caddytest: Increased sleep between retries to reduce flakey tests in CI (#5160)
fef9cb3 caddytest: internalize init config into '.go' file (#5230)
55035d3 caddytls: Add dns_ttl config, improve Caddyfile tls options (#5287)
66ce0c5 caddytls: Add test cases for Caddyfile tls options (#5293)
0a3efd1 caddytls: Debug log for ask endpoint
94b8d56 cmd: Add --envfile flag to validate command (#5350)
a999b70 cmd: Add missing \n to HelpTemplate (#5151)
c3b5b18 cmd: Avoid panic when printing version without build info (#5210)
5805b3c cmd: caddy fmt return code is 1 if not formatted (#5297)
8c0b49b cmd: fmt exit successfully after overwriting config file (#5351)
f20a8e7 cmd: replace deprecate func use (#5170)
536c28d core: Support Windows absolute paths for UDS proxy upstreams (#5114)
dac7cac encode: Respect Cache-Control no-transform (#5257)
4e9ad50 fileserver: Add a couple test cases
4bf6cb4 fileserver: Reject ADS and short name paths; trim trailing dots and spaces on Windows (#5148)
a3ae146 fileserver: Reject non-GET/HEAD requests (close #5166) (#5167)
e8ad9b3 go.mod: Update golang.org/x/net to v0.5.0 (#5314)
fac35db go.mod: Update quic-go to v0.31.0
798c4a3 go.mod: Upgrade some dependencies
90798f3 go.mod: Upgrade various dependencies (#5362)
98867ac go.mod: bump tscert package to fix Tailscale 1.34+ on Windows (#5331)
d73660f httpcaddyfile: Add persist_config global option (#5339)
c38a040 httpcaddyfile: Fix handle grouping inside route (#5315)
d6d7511 httpcaddyfile: Warn on importing empty file; skip dotfiles (#5320)
817470d httploader: Close resp body on bad status code
72e7edd map: Clarified how destination values should be formatted (#5156)
e9d95ab reverseproxy: Add flag to short command to disable redirects (#5330)
e450a73 reverseproxy: Don't enable auto-https when --from flag is http (#5269)
845bc4d reverseproxy: Fix hanging for Transfer-Encoding: chunked (#5289)
d4a7d89 reverseproxy: Improve hostByHashing distribution (#5229)
c77a6be reverseproxy: Log status code and byte count for websockets (#5140)
ee7c92e reverseproxy: Mask the WS close message when we're the client (#5199)
d74f6fd reverseproxy: Set origreq in active health check (#5284)
9623102 tracing: Support placeholders in span name (#5329)