* Disable StrictHostMatching for single server configs
* Add the insecure_disable_sni_matching directive
* Do not override insecure_disable_sni_matching
* Remove comment
* Add flag to enable/disable timstamps for process log.
solves #2615
* Remove timestamp argument from log.Printf()
* Add log-timestamps=false to systemd unit
* Copy log flags
* Fix argument list
Clear rc_flags in start precmd. If these flags are still present during
start command, they are passed to daemon(8) instead of caddy(8).
Extract all options into $caddy_options environment variable.
In systemd 231
(4f10b80786/NEWS (L3558-L3565)),
ReadWriteDirectories was renamed ReadWritePaths.
In https://github.com/caddyserver/caddy/pull/2620/files, @aspeteRakete
renamed the directive in Caddy's example systemd unit.
However, this means that if anyone runs this sytemd unit on a version of
systemd older than 231, Caddy will go into a crash loop that hammers
Let's Encrypt's servers. That's because the ProtectSystem=full directive
prevents writes to all paths that aren't explicitly permitted, and older
systemd doesn't see any paths being permitted.
To maximize compatibility, I re-add the original ReadWriteDirectories
directive. Older systemd will read that; newer systemd will read the
newer directive. Both should ignore the directive they do not recognize.
Another approach to solve this problem would be to remove
ProtectSystem=true, originally introduced in da8ae9e5. That would reduce
the risk of similar breakages in the future. It would make for a slightly
less "exemplary" systemd unit, but I think it would still be adequate,
given that this unit runs caddy as "www-data", a user the presumably has
low privileges.
The Handler interface expects a first return value of 0 if headers have
already been written.
(cf. https://godoc.org/github.com/caddyserver/caddy/caddyhttp/httpserver#Handler)
When using http.Redirect, this is the case as http.Redirect does write
headers. When using Caddy with nested handlers, returning
http.StatusMovedPermanently could cause a wrong (200) response on a
non-slashy request on a directory name. Returning 0 ensures the
redirection will always take place.
Issue #2716 was caused by a misunderstanding regarding the filename to use when creating a custom build from source. These changes aim to make the instructions more explicit.
* Use syslog to manage caddy std{out,err} on FreeBSD
There is no good way to rotate the logfile created by the previous
FreeBSD rc.d script (it's the result of redirecting std{out,err} and
is held open by the shell).
This solves the problem by sending caddy's std{out,err} stream to
syslog, using the daemon command's builtin functionality.
It replaces the old `caddy_logfile` rc.conf variable with
`caddy_syslog_facility` (which defaults to 'local7') and
`caddy_syslog_level` (which defaults to 'notice').
By default, these messages will end up in /var/log/messages but can
be redirected as documented in the script's comments.
* Add info about rotating log with newsyslog
If you create a caddy specific logfile in `/var/log`, you should
rotate it.
This adds a bit of info to the dist/init/freebsd/README.md about
rotating that log file with newsyslog.
