docs: Various updates for 2.3, 2.4 beta, and Go 1.16

Steps on #139 (sorry)

src/docs/markdown/caddyfile/directives.md

@@ -8,6 +8,7 @@ The following directives come standard with Caddy, and can be used in the HTTP C
 
 Directive | Description
 ----------|------------
+**[abort](/docs/caddyfile/directives/abort)** | Aborts the HTTP request
 **[acme_server](/docs/caddyfile/directives/acme_server)** | An embedded ACME server
 **[basicauth](/docs/caddyfile/directives/basicauth)** | Enforces HTTP Basic Authentication
 **[bind](/docs/caddyfile/directives/bind)** | Customize the server's socket address

src/docs/markdown/caddyfile/directives/abort.md

@@ -0,0 +1,22 @@
+---
+title: abort (Caddyfile directive)
+---
+
+# abort
+
+Prevents any response to the client by immediately aborting the HTTP handler chain and closing the connection. Any concurrent, active HTTP streams on the same connection are interrupted.
+
+
+## Syntax
+
+```caddy-d
+abort [<matcher>]
+```
+
+## Examples
+
+Abort all requests for paths starting with `/foo`:
+
+```caddy-d
+abort /foo*
+```

src/docs/markdown/caddyfile/directives/acme_server.md

@@ -11,11 +11,16 @@ When enabled, requests matching the path `/acme/*` will be handled by the ACME s
 
 ## Client configuration
 
-Using ACME server defaults, ACME clients should simply be configured to use `https://localhost/acme/local/directory` as their ACME endpoint. (`local` is the name of Caddy's default CA.)
+Using ACME server defaults, ACME clients should simply be configured to use `https://localhost/acme/local/directory` as their ACME endpoint. (`local` is the ID of Caddy's default CA.)
 
 
 ## Syntax
 
 ```caddy-d
-acme_server [<matcher>]
+acme_server [<matcher>] {
+	ca <id>
+}
 ```
+
+- **ca** specifies the ID of the certificate authority with which to sign certificates. The default is `local`, which is Caddy's default CA, intended for locally-used, self-signed certificates, which is most common in dev environments. For broader use, it is recommended to specify a different CA to avoid confusion. If the CA with the given ID does not already exist, it will be created.
+

src/docs/markdown/caddyfile/directives/tls.md

@@ -107,6 +107,7 @@ Obtains certificates using the ACME protocol.
 	test_dir <test_directory_url>
 	email    <email>
 	timeout  <duration>
+	key_type ed25519|p256|p384|rsa2048|rsa4096
 	disable_http_challenge
 	disable_tlsalpn_challenge
 	alt_http_port    <port>
@@ -122,6 +123,7 @@ Obtains certificates using the ACME protocol.
 - **test_dir** is an optional fallback directory to use when retrying challenges; if all challenges fail, this endpoint will be used during retries; useful if a CA has a staging endpoint where you want to avoid rate limits on their production endpoint. Default: `https://acme-staging-v02.api.letsencrypt.org/directory`
 - **email** is the ACME account contact email address.
 - **timeout** is how long to wait before timing out an ACME operation.
+- **key_type** is the type of key to use when generating CSRs. Only set this if you have a specific requirement.
 - **disable_http_challenge** will disable the HTTP challenge.
 - **disable_tlsalpn_challenge** will disable the TLS-ALPN challenge.
 - **alt_http_port** is an alternate port on which to serve the HTTP challenge; it has to happen on port 80 so you must forward packets to this alternate port.

src/docs/markdown/caddyfile/options.md

@@ -41,7 +41,7 @@ Possible options are:
 	acme_ca <directory_url>
 	acme_ca_root <pem_file>
 	acme_eab <key_id> <mac_key>
-	acme_dns <provider>
+	acme_dns <provider> ...
 	on_demand_tls {
 		ask      <endpoint>
 		interval <duration>
@@ -121,7 +121,7 @@ Specifies a PEM file that contains a trusted root certificate for ACME CA endpoi
 Specifies an External Account Binding to use for all ACME transactions.
 
 ##### `acme_dns`
-Configures the DNS challenge to use for all ACME transactions.
+Configures the ACME DNS challenge provider to use for all ACME transactions. The tokens following the name of the provider set up the provider the same as if specified in the [`tls` directive's `acme` issuer](/docs/caddyfile/directives/tls#acme).
 
 ##### `on_demand_tls`
 Configures [On-Demand TLS](/docs/automatic-https#on-demand-tls) where it is enabled, but does not enable it (to enable it, use the [on_demand `tls` subdirective](/docs/caddyfile/directives/tls#syntax)). Highly recommended if using in production environments, to prevent abuse.
@@ -134,7 +134,7 @@ Configures [On-Demand TLS](/docs/automatic-https#on-demand-tls) where it is enab
 Specifies the type of key to generate for TLS certificates; only change this if you have a specific need to customize it.
 
 ##### `cert_issuer`
-Defines the issuer (or source) of TLS certificates.
+Defines the issuer (or source) of TLS certificates. The tokens following the name of the issuer set up the issuer the same as if specified in the [`tls` directive](/docs/caddyfile/directives/tls#issuer).
 
 
 

src/docs/markdown/command-line.md

@@ -119,6 +119,13 @@ To adapt a Caddyfile to JSON that you can easily read and tweak manually:
 
 
 
+### `caddy build-info`
+
+<pre><code class="cmd bash">caddy build-info</code></pre>
+
+Prints information provided by Go about the build (main module path, package versions, replacements).
+
+
 
 ### `caddy environ`
 
@@ -201,6 +208,7 @@ Prints CLI help text, optionally for a specific subcommand, then exits.
 ### `caddy list-modules`
 
 <pre><code class="cmd bash">caddy list-modules
+	[--packages]
 	[--versions]</code></pre>
 
 Prints the Caddy modules that are installed, optionally with package and/or version information from their associated Go modules, then exits.
@@ -337,6 +345,17 @@ Untrusts a root certificate from the local trust store(s). Intended for developm
 
 
 
+### `caddy upgrade`
+
+<pre><code class="cmd bash">caddy upgrade</code></pre>
+
+Replaces the current Caddy binary with the latest version from [our download page](https://caddyserver.com/download) with the same modules installed, including all third-party plugins that are registered on the Caddy website.
+
+Upgrades do not interrupt running servers; currently, the command only replaces the binary on disk. This might change in the future if we can figure out a good way to do it.
+
+The upgrade process is fault tolerant; the current binary is backed up first and automatically restored if anything goes wrong.
+
+This command may require elevated privileges if your user does not have permission to write to the executable file.
 
 
 ### `caddy validate`

src/docs/markdown/install.md

@@ -25,6 +25,7 @@ This page describes various methods for installing Caddy on your system.
 - [Homebrew](#homebrew)
 - [Webi](#webi)
 - [Chocolatey](#chocolatey)
+- [Ansible](#ansible)
 
 
 ## Static binaries
@@ -183,3 +184,12 @@ _Note: This is a community-maintained installation method._
 <pre><code class="cmd">choco install caddy</code></pre>
 
 [**View the Chocolatey package**](https://chocolatey.org/packages/caddy)
+
+
+## Ansible
+
+_Note: This is a community-maintained installation method._
+
+<pre><code class="cmd bash">ansible-galaxy install nvjacobo.caddy</code></pre>
+
+[**View the Ansible role repository**](https://github.com/nvjacobo/caddy)

src/download.html

@@ -42,7 +42,8 @@
 							<option value="linux-ppc64">Linux ppc64</option>
 							<option value="linux-ppc64le">Linux ppc64le</option>
 							<option value="linux-s390x">Linux s390x</option>
-							<option value="darwin-amd64">macOS amd64</option>
+							<option value="darwin-amd64">macOS amd64 (Intel)</option>
+							<option value="darwin-arm64">macOS arm64 (M1)</option>
 							<option value="openbsd-amd64">OpenBSD amd64</option>
 							<option value="openbsd-arm-6">OpenBSD arm 6</option>
 							<option value="openbsd-arm-7">OpenBSD arm 7</option>