diff --git a/new/features.html b/new/features.html index 65a0662..a5278df 100644 --- a/new/features.html +++ b/new/features.html @@ -248,7 +248,7 @@ -
+

Command line interface @@ -473,7 +473,7 @@

On-Demand TLS

- Serving domains that aren't yours? Or have lots of them? No problem! With just a few lines of config, On-Demand TLS gets certificates dynamically during TLS handshakes, scaling your deployments to tens of thousands of certs. This functionality is a Caddy exclusive. + Serving domains that aren't yours? Or have lots of them? No problem! With just a few lines of config, On-Demand TLS gets certificates dynamically during TLS handshakes, scaling your deployments to tens of thousands of certs. This functionality is exclusive to Caddy.
@@ -514,6 +514,9 @@
By default, HTTP requests will be redirected to HTTPS.
+
+ Automatic redirects +

OCSP

@@ -530,6 +533,12 @@ Caddy can obtain certificates that force OCSP stapling if the CA supports it. This may grant a higher degree of security in the case of revocation.

+
+

Revocation handling

+
+ Revoked certificates automatically get replaced. Because Caddy staples and refreshes OCSP responses, it can detect if your certificate has been revoked, and if so, it will replace i +
+

Session ticket hardening

@@ -641,10 +650,16 @@
  • TLS-ALPN (default 443)
    • +
    +

    Smart challenge selection

    +
    + Caddy learns what challenge types are most likely to succeed and tries those first. For example, if port 80 is blocked, it will learn to prefer the TLS-ALPN challenge which does not use port 80. +
    +

    DNS challenge integrations

    - Solve the DNS challenge with integrations for dozens of DNS providers. This list is incomplete; see the full list of DNS providers. + The DNS challenge is the only one that does not require the CA being able to access your server. Solve the DNS challenge with integrations for dozens of DNS providers via libdns. This list is incomplete; see the full list of DNS providers.
    +
    +

    Trusted CA certificates

    +
    + Optionally configure root certificates you trust when interacting with your CA of choice; this is helpful for internal PKI where trust is established without public CAs. +
    +
    +
    +

    Preferred chains

    +
    + When the CA offers multiple certificate chains, Caddy gives you the ability to customize which one to download and use. +
    +
      +
    • Smallest
      • +
    • CommonName of root
      • +
    • CommonName of any
      • +
    +
    -
    @@ -685,7 +716,7 @@ -
    +

    HTTP server @@ -697,7 +728,7 @@

    HTTP versions

    - Caddy's HTTP server supports all major versions of HTTP and enables them by default. You can customize exacttly which versions you want to serve. + Caddy's HTTP server supports all major versions of HTTP and enables them by default (except H2C which is insecure, but available). You can customize exactly which versions you want to serve.
    • HTTP/1.1
      • @@ -718,7 +749,7 @@

      Listen interfaces

      - Each HTTP server can listen on one or more sockets and network interfaces. For ports, you can specify specific host interface or all interfaces with just a port. All varieties of unix sockets are also supported. + Each HTTP server can bind to one or more sockets and network interfaces. For ports, you can specify specific host interface or all interfaces with just a port. All varieties of unix sockets are also supported.
      • TCP
        • @@ -777,7 +808,7 @@
        • TLS 1.2
        • TLS 1.3
          • -
        • Client authentication (TLS mutual auth)
          • +
        • Client authentication (TLS mutual auth; mTLS)
        • Client auth modes: request, require, verify if given, require and verify
        • Cipher suites
        • Curves
          • @@ -818,13 +849,270 @@ Prometheus metrics, open telemetry
    +
    +

    Request handling

    +
    + The HTTP server handles requests using custom routes consisting of specific handlers in the order you define. A separate error route can be defined for custom error handling. You have a high degree of flexibility with HTTP handling. See below for available HTTP handler modules. +
    +
    + Composable routes (and separate error handling routes) +
    +
    +
    +

    Request filters

    +
    + Apply handlers to only certain requests using matchers, which classify requests based on various properties. Matchers are also used for filtering. They are extensible and pluggable, so there's no limit to how specific and custom your routes can be! Some matchers support regular expressions. All are quite fast. And matchers can be combined in sets so they can be joined with AND, OR, and NOT logic. +
    +
      +
    • Host
      • +
    • Path
      • +
    • Method
      • +
    • Headers
      • +
    • Protocol
      • +
    • Remote IP
      • +
    • Arbitrary CEL expression
      • +
    • File (existence, size, modify date)
      • +
    • HTTP route variable
      • +
    • Logical NOT
      • +
    • Geolocation
      • +
    • Remote host
      • +
    +
    +

    + +

    HTTP handlers

    + +

    + Handlers are modules that can be composed together to handle incoming requests precisely the way you want. Handler modules are, like the rest of Caddy, extensible and pluggable. It is not really feasible for us to list all the handlers here. +

    +

    + In practice, handlers are paired with matchers which filter or classify requests based on various properties such as their path, headers, query string, method, and more. This allows you to selectively apply any and all of these handlers to certain requests. +

    + +
    +
    +

    ACME server

    +
    + Right out of the box, Caddy ships with a production-ready ACME server, perfect for your internal PKI. Automate mTLS certificates inside your infrastructure with ease. Powered by Smallstep libraries. +
    +
    +
    +

    Authelia

    +
    + Secure routes with authentication using Authelia. +
    +
    +
    +

    Authentication

    +
    + Authenticate users with an extensible authentication module. Extended by auth providers, this handler returns an error if the user cannot be authenticated by any configured providers. HTTP basicauth is included standard, and unlike other servers, passwords are hashed when setting up basicauth (since it's essentially a password database), enhancing security. +
    +
      +
    • HTTP Basic authentication
      • +
    • JWT
      • +
    • Discord
      • +
    • Forms
      • +
    • SAML
      • +
    +
    +
    +

    Advanced auth

    +
    + With a full suite of authentication and authorization features, the caddy-security module provides a variety of robust auth solutions. +
    +
      +
    • Form-based
      • +
    • Local
      • +
    • Basic
      • +
    • LDAP
      • +
    • OpenID Connect
      • +
    • OAuth 2
      • +
    • SAML
      • +
    +
    +
    +

    Cache

    +
    + Easily enable caching to serve more clients and increase performance. This cache module is compliant with RFC 7234 and supports tag-based cache purge, distributed and local storage, key generation tweaking, and more. Multiple backends are supported! +
    +
      +
    • Badger
      • +
    • Etcd
      • +
    • NutsDB
      • +
    • Olric
      • +
    • Redis
      • +
    +
    +
    +

    Encode

    +
    + Compress, encode, or otherwise transform HTTP responses on-the-fly with pluggable encoding modules. Compressing responses is as easy as a single line of configuration, and encodings won't be applied to responses that are already in a compressed format or are too small to be worthwhile. +
    +
      +
    • Gzip
      • +
    • Zstandard (zstd)
      • +
    • Brotli
      • +
    +
    +
    +

    File server

    +
    + A powerful, flexible, and efficient static file server that is described in detail below. +
    +
    +
    +

    Go package vanity paths

    +
    + A simple handler that implements vanity import paths for Go packages. +
    +
    +
    +

    gRPC-Web bridging

    +
    + Bridge/convert gRPC-Web requests to gRPC for your backend app. +
    +
    +
    +

    Header manipulation

    +
    + Modify HTTP request and response headers. Adding, setting, deleting, and replacing substrings in header fields is fast, but regular expressions are also supported for advanced use. Response header manipulations can be deferred until the very end when the response starts to be written, and can even be made conditional on response status code or header values. +
    +
      +
    • Add
      • +
    • Set (overwrite)
      • +
    • Delete
      • +
    • Substring replace
      • +
    +
    +
    +

    Image filtering

    +
    + Perform adjustments on images on-the-fly. +
    +
      +
    • Crop
      • +
    • Fit
      • +
    • Flip
      • +
    • Resize
      • +
    • Rotate
      • +
    • Sharpen
      • +
    +
    +
    +

    Map

    +
    + Assign variable/placeholder values based on input values; similar to a lookup table. +
    +
    +
    +

    Mercure

    +
    + Make your Caddy instance a Mercure hub: an open, easy, fast, reliable and battery-efficient solution for real-time communications. +
    +
    +
    +

    Mercure

    +
    + Make your Caddy instance a Mercure hub: an open, easy, fast, reliable and battery-efficient solution for real-time communications. +
    +
    +
    +

    Metrics

    +
    + Expose a /metrics endpoint for use with Prometheus-compatible systems and other monitoring tools. +
    +
    +
    +

    HTTP/2 server push

    +
    + Proactively push resources to clients before they request it when HTTP/2 is used. (May be deprecated by browsers, but Caddy still has a valid implementation that is useful in certain applications.) +
    +
    +
    +

    Rate limiting

    +
    + Advanced, enterprise-grade rate limiter implemented using a ring buffer and sliding window algorithm that scales massively based on zone keys. Configure a cluster of Caddy instances with the same storage to distribute rate limiting across your fleet. No memory bound required like with other enterprise servers. +
    +
      +
    • Local or distributed
      • +
    • Multiple zones
      • +
    • Buffer pooling
      • +
    • Only 1 goroutine
      • +
    • Configurable O(Kn) memory management
      • +
    • State persisted through reloads
      • +
    • Sets Retry-After header
      • +
    • Optional jitter
      • +
    • Highly programmable
      • +
    +
    +
    +

    Request body controls

    +
    + Restrict the size of the request body by rejecting requests that are too large. +
    +
    +
    +

    Reverse proxy

    +
    + Caddy has a world-class reverse proxy, described in detail in a section below. +
    +
    +
    +

    Rewrite requests

    +
    + Make internal changes to requests before continuing to process them. This is useful to accept requests that need to be changed to conform to an expectation later on. Various aspects of the request can be changed such as method and URI. +
    +
      +
    • Method
      • +
    • URI (path, query string)
      • +
    • Strip path prefix or suffix
      • +
    • Regular expression support
      • +
    • Intelligent URL-encoding and forward-slash handling
      • +
    +
    +
    +

    Static responses

    +
    + Hard-code a static response into your config, with the ability to set the status code, header fields, and body. (This is often used to respond with HTTP redirects.) The connection may then be gracefully closed, or forcefully aborted if needed. +
    +
    +
    +

    Subrouting

    +
    + Group handlers into a "subroute" to treat several handlers as one, making certain logic easier to reason about. +
    +
    +
    +

    Templates

    +
    + Responses can be evaluated as templates, which give you the ability to turn proxied or static content into rich, dynamic content with variables, if statements, markdown rendering (with front matter support), and more. +
    +
    +
    +

    Tracing

    +
    + Support for distributed tracing using OpenTelemetry. +
    +
    +
    +

    Variables

    +
    + Read and write variables that can be used internally as you process requests. +
    +
    +
    +

    WebDAV

    +
    + Become a WebDAV server with one or two lines of config. Compatible with most WebDAV clients. +
    +
    -
    +

    Reverse proxy @@ -931,7 +1219,7 @@

    Header manipulation

    - Headers can be modified in the request going up to the backend and the response coming back down from the backend. + Headers can be modified in the request going up to the backend and the response coming back down from the backend. This is similar to the general HTTP server's header handler, but this is applied while proxying.
    • Add
      • @@ -943,7 +1231,7 @@

      Buffering

      - The proxy can read the entire body before flushing it. This uses more memory but can be required by some backend applications or clients in some cases. + The proxy can optionally read the entire body before flushing it. This uses more memory but can be required by some backend applications or clients in some cases.
      • Requests
        • @@ -1190,21 +1478,236 @@ Static file server

    - Caddy's file server is the preferred way of serving static files for your website. + Caddy's file server is the premier way of serving static files for your website.

    - The way it works is simple: specify a root directory from which to serve the files, then request paths are automatically inferred as file paths relative to that root and the file is sent to the client. + It's simple: specify a root directory from which to serve the files, then each request path is automatically appended to the root to get the full path of the file to serve.

    -

    TODO...

    +

    Kernel acceleration

    - TODO... + Caddy bypasses user-space buffers whenever possible to speed up file downloads by a significant factor.
    - TODO... + sendfile
    +
    +

    Virtual file systems

    +
    + By default, Caddy serves files from a directory you specify on the local disk, but this file access is pluggable and can be replaced by any virtualized file system modules. This allows you to serve static files from any file store such as databases, cloud storage, or even assets embedded directly in the web server binary! +
    +
      +
    • Local disk
      • +
    • Embedded assets
      • +
    • Amazon AWS S3
      • +
    +
    +
    +

    Precompressed files

    +
    + If your deployment pipeline compresses site resources, Caddy can automatically detect them and serve them in their "precompressed" encoding for higher efficiency and greater throughput. +
    +
      +
    • Gzip
      • +
    • Brotli
      • +
    • Zstandard
      • +
    +
    +
    +

    Hide files and folders

    +
    + Increase your security posture by proactively hiding potentially-sensitive files and folders that do or could exist in your site root. You can specify individual file/folder paths, filenames regardless of their path, or glob matches to hide files/folders with a particular pattern. +
    +
    + Exact paths, filenames, globular matching +
    +
    +
    +

    Index filenames

    +
    + Index files are files that are served if a directory is requested by the client. The filenames of index files to look for are customizable. Directory browsing can optionally be enabled if an index file is not found in a requested directory. +
    +
    + index.html, index.txt (customizable) +
    +
    +
    +

    Conditional requests

    +
    + Etag, Last-Modified, and related headers are supported. +
    +
      +
    • Etag
      • +
    • Last-Modified
      • +
    • If-Match
      • +
    • If-None-Match
      • +
    • If-Modified-Since
      • +
    • If-Unmodified-Since
      • +
    • If-Range
      • +
    +
    +
    +

    Range requests

    +
    + Common for streaming large files and resuming downloads, clients requesting certain ranges of files will not be disappointed or surprised. Caddy properly handles HTTP requests with Range headers. +
    +
    +
    +

    Canonical paths

    +
    + In general, there are multiple URIs for a single file or directory. For example: /, /index.html, and /index.html/ represent the same resource. Caddy uses HTTP redirects to enforce path canonicalization (removing trailing slashes from files, and adding them for directories). +
    +
    +
    +

    Pass-thru mode

    +
    + Sometimes you only want to serve a file if it exists, otherwise continue with the next handler in the chain, rather than returning an error to the client. +
    +
    +
    + + + +
    +
    +

    File browser

    +

    + Caddy's file server comes alive through its modern file browser that looks attractive on mobile and desktop. It has more features and utility than any other standard HTTP file server! +

    +
    + + + + +
    + +
    +
    +

    Folder listings

    +
    + Show the list of files in a folder when no index file (below) exists in that folder. +
    +
    + Exact paths, filenames, globular matching +
    +
    +
    +

    Day and night themes

    +
    + The color scheme automatically adjusts to match the system theme, whether it be light or dark, to avoid blinding you or being hard to read. + + + + +
    +
      +
    • Light mode
      • +
    • Dark mode
      • +
    +
    +
    +

    Sort by columns

    +
    + Quickly distill information about each directory and find items faster with sticky column sorting. +
    +
      +
    • File/directory
      • +
    • Name
      • +
    • Size
      • +
    • Date modified
      • +
    +
    +
    +

    Filter

    +
    + Every page load automatically focuses the cursor on a search box, so you can start typing a filename and filter large listings instantly. + + + + +
    +
    +
    +

    Layout

    +
    + Files can be shown in different layouts depending on how you want to view the listing. For example, the grid view is great for galleries. + + + + +
    +
      +
    • List
      • +
    • Grid
      • +
    +
    +
    +

    Responsive design

    +
    + The page width fluidly adjusts to accommodate screens of all sizes. Links are sufficiently sized to be easily tappable on touchscreens while still being information-dense enough to be useful. +
    +
    +
    +

    JSON API

    +
    + Requests with an Accept-Encoding: application/json header will be replied to with a JSON payload for programmatic or scripted access to your file listing. +
    +
    +
    +

    Customizable listing template

    +
    + If the default template isn't a good fit or you want to spice things up, customize the browse template to look and act any way you want! +
    +
    +
    +

    File size visualization

    +
    + File sizes are indicated by the length of the bar behind them, making it quick and easy to find outlier large and small files or to compare relative sizes at a glance. + + + + +
    +
    +
    +

    File type icons

    +
    + The file server recognizes dozens of common file types and shows associated icons to make identification easier when scanning the page. + + + + +
    +
    +
    +
    +
    + +
    +
    +
    + {{$n := randInt 0 5}} + {{if eq $n 1}} + + + + {{else if eq $n 2}} + + + + {{else if eq $n 3}} + + {{else if eq $n 4}} + + {{else}} + + {{end}} +
    +

    + Caddy is a living project with a TON of features. This page is not yet a comprehensive list of all the features and benefits provided by Caddy because we're a bit behind with this page. We welcome contributions on GitHub! +

    @@ -1218,6 +1721,7 @@ - HTTP handlers - PKI facilities - + --> diff --git a/new/includes/footer.html b/new/includes/footer.html index e8919d4..8c3d66e 100644 --- a/new/includes/footer.html +++ b/new/includes/footer.html @@ -3,7 +3,7 @@

    - An awesome open source project + A free open source project that relies on sponsors.

    @@ -40,4 +40,16 @@ Email

    +
    +

    Caddy supports an open Web that promotes privacy, preserves data ownership, fosters innovation, freely allows varieties of client software technologies, and safeguards human sanctity.

    +
    + + + +
    + + +
    +
    +
    \ No newline at end of file diff --git a/new/index.html b/new/index.html index 88a5e0b..1b5a471 100644 --- a/new/index.html +++ b/new/index.html @@ -106,6 +106,9 @@ IQM + + Approximated + @@ -137,6 +140,12 @@
    +
    +

    HTTPS/TLS for custom domains

    +

    + The secret sauce of almost every white-label SaaS is Caddy's original On-Demand TLS feature. Grow your SaaS business by orders of magnitude with ease! +

    +

    Dynamically provision certificates

    @@ -144,41 +153,12 @@

    -

    Dynamically provision certificates

    +

    Massively scale your TLS

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. -

    -
    -
    -

    Dynamically provision certificates

    -

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Other web servers and scripted certificate tools fall over with hundreds of thousands of sites or thousands of instances. Caddy is designed to manage certificates reliably at this scale.

    -
    -

    software assurance

    -

    - Sponsorships aren't just donations. They provide your business with benefits -

    -     See sponsorships -
    - -
    @@ -191,23 +171,38 @@
    +
    -

    Dynamically provision certificates

    +

    All you need for TLS and PKI 🔐

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Caddy securely serves all sites with TLS by default. It can also manage your internal PKI for you across a fleet of servers and clients.

    -

    Dynamically provision certificates

    +

    On-line config API ⚡️

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Caddy's native configuration is a JSON document that you can export and manipulate with a RESTful config API.

    -

    Dynamically provision certificates

    +

    PCI, HIPAA, and NIST compliant ✅

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Caddy's TLS defaults are secure and pass PCI, HIPAA, and NIST compliance requirements. Yes, defaults: no hassle required. +

    +
    + +
    +

    HTTPS for localhost 🏠

    +

    + We mean it when we say Caddy serves every site on HTTPS. Even localhost and internal IPs are served with TLS using the intermediate of a fully-automated, self-managed CA that is automatically installed into most local trust stores. +

    +
    + +
    +

    Cluster coordination 🌐

    +

    + Simply configure multiple Caddy instances with the same storage, and they will automatically coordinate certificate management and share resources such as keys and OCSP staples!

    @@ -250,6 +245,14 @@

    + +
    +

    sponsored by users like you

    +

    + Caddy is free software and relies on sponsorships to survive. They aren't just donations: they ensure ongoing development and provide your business with tangible benefits! +

    + See sponsorships +
    @@ -259,27 +262,48 @@ A truly forward-thinking reverse proxy

    - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. + Caddy's proxy was designed to be as forward-compatible as possible and has major batteries included: load balancing, active and passive health checks, dynamic upstreams, retries, pluggable transports, and of course, best-in-class TLS security.

    -

    Dynamically provision certificates

    +

    Proxy HTTP, FastCGI, WebSockets, and more

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Capable of proxying HTTP and HTTPS, but also WebSockets, gRPC, FastCGI (usually PHP), and more! The underlying transport module is extensible for any custom way to generate an HTTP response. +

    +

    Dynamic environment? No problem

    +

    + Provide Caddy with a static list of backends or enable a module to retrieve backends dynamically during each request: ideal for rapidly changing environments. Caddy flows with your infrastructure! +

    +

    High availability

    +

    + Caddy comes with a whole suite of high availability (HA) features: advanced health checking, graceful (hitless) config changes, circuit breaking, load limiting, on-line retries, and more. The best part? It's all free. No enterprise-level paywalls.

    -

    Dynamically provision certificates

    -

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. -

    +
    +

    software assurance

    +

    + Without sponsorships, Caddy could stop being developed at any time. + With sponsorships, you gain peace of mind knowing that the project will continue to be developed, along with tangible benefits like private support and training. +

    + See sponsorships +
    -
    -

    Dynamically provision certificates

    -

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. -

    + +
    @@ -288,26 +312,31 @@ Production-grade static file server

    - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. + Serving static files is a tried-and-true method of delivering sites to numerous clients efficiently. Caddy has a robust file server that can be combined with other middleware features for the ultimate effortless website.

    -

    Dynamically provision certificates

    +

    Compression

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Caddy can compress files on-the-fly or serve precompressed files for extra performance. Caddy is also the first web server to support Zstandard encoding.

    -

    Dynamically provision certificates

    +

    Virtual file systems

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Serve your static site from anything: the local file system, remote cloud storage, a database, or even embedded in the server binary!

    -

    Dynamically provision certificates

    +

    Range requests, Etags, and more

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Unlike many simpler file servers intended for temporary local development, Caddy fully supports Range requests, Etags, and a full production feature set. +

    +
    +
    +

    Directory file browser

    +

    + If a directory without an index file is requested, Caddy can show an elegant file browser with breadcrumb nav, file size visualizations, filetype icons, and a grid view.

    @@ -317,29 +346,28 @@

    - Flexible configuration for all production environments + Flexible configuration for all workflows

    - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. + Configure your server your way. Caddy's native configuration format is JSON, but with Caddy's config adapters, you can use any config format you prefer. All configuration is posted through a RESTful admin API, and Caddy's CLI helps you work with config files easily.

    -

    Dynamically provision certificates

    +

    Config adapters

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Use whatever config format you like, such as NGINX config, YAML, TOML, CUE, HCL, Dhall, or even a MySQL database!

    -

    Dynamically provision certificates

    +

    Human-friendly Caddyfile

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + The Caddyfile is most people's preferred format for hand-written configurations because it is simple to read and write.

    -

    Dynamically provision certificates

    +

    Admin API

    - With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains. + Caddy's config is managed through an administration API that is programmable and makes dynamic changes a breeze.

    @@ -360,8 +388,10 @@ Unparalleled extensibility

    - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. - Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet. + Caddy is the only server in the world with such a novel modular architecture. At its core, Caddy is a configuration manager that runs apps like an HTTP server, internal certificate authority, TLS certificate manager, process supervisor, and more. +

    +

    + And because of its unique design, all these features are freely available without bloating the software: only compile in what you need.

    diff --git a/new/resources/css/common.css b/new/resources/css/common.css index a8201a0..2443a63 100644 --- a/new/resources/css/common.css +++ b/new/resources/css/common.css @@ -516,6 +516,28 @@ button.primary .hover-splash, text-transform: capitalize; } +.construction-images { + display: flex; + align-items: center; + justify-content: center; + flex-wrap: wrap; + gap: 20px; +} + +.construction img { + margin-left: 20px; + margin-right: 20px; + max-width: 100%; +} + +.construction p { + width: 100%; + margin-left: auto; + margin-right: auto; + color: #e71414; +} + + @@ -545,6 +567,30 @@ footer .wrapper { gap: 75px; } +footer .nostalgia { + display: block; + text-align: center; + margin-top: 50px; +} + +footer .nostalgia-badges { + gap: 25px; + align-items: center; + justify-content: center; + width: 100%; + display: flex; +} + +footer .nostalgia p { + margin: 0 auto 15px; + color: #d2f7e7; +} + +footer .w3c { + width: 80px; + line-height: 0; +} + footer .logo { display: block; margin-bottom: 15px; @@ -587,9 +633,6 @@ footer .link-col a:hover { - - - @media (max-width: 1150px) { .dropdown { display: none; diff --git a/new/resources/css/features.css b/new/resources/css/features.css index 35feb61..f011558 100644 --- a/new/resources/css/features.css +++ b/new/resources/css/features.css @@ -93,6 +93,35 @@ } +.split { + display: flex; + flex-wrap: wrap; + justify-content: space-between; + margin-bottom: 75px; + align-items: center; +} + +.split > * { + flex: 1; + margin-right: 50px; + min-width: 0; + min-width: 300px; +} + +.split img { + max-width: 100%; +} + +.split img, +.benefits img { + margin: 2em 0 0; + max-width: 100%; + box-shadow: 0 6px 10px rgb(0 0 0 / .15); + border-radius: 8px; +} + + + /* TODO: Figure this out */ @media (max-width: 800px) { .feature-row { diff --git a/new/resources/css/home.css b/new/resources/css/home.css index d4df1b5..628ac92 100644 --- a/new/resources/css/home.css +++ b/new/resources/css/home.css @@ -295,7 +295,7 @@ div.ap-wrapper:fullscreen div.ap-player { background: white; max-width: 1600px; margin: -350px auto 0; - padding: 50px 50px 0; + padding: 100px 50px 0; border-radius: 20px; z-index: 0; position: relative; diff --git a/new/resources/css/marketing.css b/new/resources/css/marketing.css index 9c03586..da365ca 100644 --- a/new/resources/css/marketing.css +++ b/new/resources/css/marketing.css @@ -322,7 +322,10 @@ section.dark h3.blue { - +.sponsor-experience, +.sponsorship-primer { + max-width: 700px; /* TODO: TEMPORARY! */ +} @@ -332,7 +335,6 @@ section.dark h3.blue { color: #fff; display: flex; flex-wrap: wrap; - max-width: 700px; /* TODO: TEMPORARY! */ column-gap: 50px; } @@ -400,7 +402,8 @@ section.dark h3.blue { border-radius: 10px; background: linear-gradient(50deg, #670d7f, #531cc7); padding: 40px 50px; - color: #edb7e8; + margin: 50px auto; + color: #ffcffb; } .sponsorship-primer h3 { @@ -410,10 +413,12 @@ section.dark h3.blue { border: none; padding-left: 0; margin-left: 0; + margin-bottom: 0; + padding-bottom: 0; } .sponsorship-primer p { - margin: 1em 0; + margin: 1em 0 1.5em; font-weight: normal; } diff --git a/new/resources/images/file-browser/browse-corner-dark.png b/new/resources/images/file-browser/browse-corner-dark.png new file mode 100644 index 0000000..9f50d6e Binary files /dev/null and b/new/resources/images/file-browser/browse-corner-dark.png differ diff --git a/new/resources/images/file-browser/browse-corner-light.png b/new/resources/images/file-browser/browse-corner-light.png new file mode 100644 index 0000000..bdfb465 Binary files /dev/null and b/new/resources/images/file-browser/browse-corner-light.png differ diff --git a/new/resources/images/file-browser/browse-gallery-dark.png b/new/resources/images/file-browser/browse-gallery-dark.png new file mode 100644 index 0000000..c1f9c2b Binary files /dev/null and b/new/resources/images/file-browser/browse-gallery-dark.png differ diff --git a/new/resources/images/file-browser/browse-gallery-light.png b/new/resources/images/file-browser/browse-gallery-light.png new file mode 100644 index 0000000..542122c Binary files /dev/null and b/new/resources/images/file-browser/browse-gallery-light.png differ diff --git a/new/resources/images/file-browser/browse-grid-dark.png b/new/resources/images/file-browser/browse-grid-dark.png new file mode 100644 index 0000000..deb4e79 Binary files /dev/null and b/new/resources/images/file-browser/browse-grid-dark.png differ diff --git a/new/resources/images/file-browser/browse-grid-light.png b/new/resources/images/file-browser/browse-grid-light.png new file mode 100644 index 0000000..22bc229 Binary files /dev/null and b/new/resources/images/file-browser/browse-grid-light.png differ diff --git a/new/resources/images/file-browser/browse-search-dark.png b/new/resources/images/file-browser/browse-search-dark.png new file mode 100644 index 0000000..59989bf Binary files /dev/null and b/new/resources/images/file-browser/browse-search-dark.png differ diff --git a/new/resources/images/file-browser/browse-search-light.png b/new/resources/images/file-browser/browse-search-light.png new file mode 100644 index 0000000..2f6f965 Binary files /dev/null and b/new/resources/images/file-browser/browse-search-light.png differ diff --git a/new/resources/images/file-browser/browse-size-dark.png b/new/resources/images/file-browser/browse-size-dark.png new file mode 100644 index 0000000..0bf65ea Binary files /dev/null and b/new/resources/images/file-browser/browse-size-dark.png differ diff --git a/new/resources/images/file-browser/browse-size-light.png b/new/resources/images/file-browser/browse-size-light.png new file mode 100644 index 0000000..31a81dc Binary files /dev/null and b/new/resources/images/file-browser/browse-size-light.png differ diff --git a/new/resources/images/file-browser/browse-themes-2.png b/new/resources/images/file-browser/browse-themes-2.png new file mode 100644 index 0000000..3bf05ab Binary files /dev/null and b/new/resources/images/file-browser/browse-themes-2.png differ diff --git a/new/resources/images/file-browser/browse-themes.png b/new/resources/images/file-browser/browse-themes.png new file mode 100644 index 0000000..e5fc70b Binary files /dev/null and b/new/resources/images/file-browser/browse-themes.png differ diff --git a/new/resources/images/file-browser/icons-all-dark.png b/new/resources/images/file-browser/icons-all-dark.png new file mode 100644 index 0000000..0c0bf8c Binary files /dev/null and b/new/resources/images/file-browser/icons-all-dark.png differ diff --git a/new/resources/images/file-browser/icons-all-light.png b/new/resources/images/file-browser/icons-all-light.png new file mode 100644 index 0000000..7d1c8ed Binary files /dev/null and b/new/resources/images/file-browser/icons-all-light.png differ diff --git a/new/resources/images/file-browser/icons1-dark.png b/new/resources/images/file-browser/icons1-dark.png new file mode 100644 index 0000000..1e09e52 Binary files /dev/null and b/new/resources/images/file-browser/icons1-dark.png differ diff --git a/new/resources/images/file-browser/icons1-light.png b/new/resources/images/file-browser/icons1-light.png new file mode 100644 index 0000000..255cd63 Binary files /dev/null and b/new/resources/images/file-browser/icons1-light.png differ diff --git a/new/resources/images/file-browser/icons2-dark.png b/new/resources/images/file-browser/icons2-dark.png new file mode 100644 index 0000000..95a814f Binary files /dev/null and b/new/resources/images/file-browser/icons2-dark.png differ diff --git a/new/resources/images/file-browser/icons2-light.png b/new/resources/images/file-browser/icons2-light.png new file mode 100644 index 0000000..6150532 Binary files /dev/null and b/new/resources/images/file-browser/icons2-light.png differ diff --git a/new/resources/images/file-browser/icons3-dark.png b/new/resources/images/file-browser/icons3-dark.png new file mode 100644 index 0000000..4e9979f Binary files /dev/null and b/new/resources/images/file-browser/icons3-dark.png differ diff --git a/new/resources/images/file-browser/icons3-light.png b/new/resources/images/file-browser/icons3-light.png new file mode 100644 index 0000000..cf2cdbe Binary files /dev/null and b/new/resources/images/file-browser/icons3-light.png differ diff --git a/new/resources/images/file-browser/icons4-dark.png b/new/resources/images/file-browser/icons4-dark.png new file mode 100644 index 0000000..601d9c7 Binary files /dev/null and b/new/resources/images/file-browser/icons4-dark.png differ diff --git a/new/resources/images/file-browser/icons4-light.png b/new/resources/images/file-browser/icons4-light.png new file mode 100644 index 0000000..f25d0b0 Binary files /dev/null and b/new/resources/images/file-browser/icons4-light.png differ diff --git a/new/resources/images/nostalgia/get.gif b/new/resources/images/nostalgia/get.gif new file mode 100644 index 0000000..9f832e8 Binary files /dev/null and b/new/resources/images/nostalgia/get.gif differ diff --git a/new/resources/images/nostalgia/microsoft-ie.gif b/new/resources/images/nostalgia/microsoft-ie.gif new file mode 100644 index 0000000..3c7cd36 Binary files /dev/null and b/new/resources/images/nostalgia/microsoft-ie.gif differ diff --git a/new/resources/images/nostalgia/now_anim.gif b/new/resources/images/nostalgia/now_anim.gif new file mode 100644 index 0000000..5d22554 Binary files /dev/null and b/new/resources/images/nostalgia/now_anim.gif differ diff --git a/new/resources/images/nostalgia/sorry-under-construction.gif b/new/resources/images/nostalgia/sorry-under-construction.gif new file mode 100644 index 0000000..93b8e90 Binary files /dev/null and b/new/resources/images/nostalgia/sorry-under-construction.gif differ diff --git a/new/resources/images/nostalgia/under-construction-barricade.gif b/new/resources/images/nostalgia/under-construction-barricade.gif new file mode 100644 index 0000000..57abe38 Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-barricade.gif differ diff --git a/new/resources/images/nostalgia/under-construction-blink.gif b/new/resources/images/nostalgia/under-construction-blink.gif new file mode 100644 index 0000000..5fdca93 Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-blink.gif differ diff --git a/new/resources/images/nostalgia/under-construction-caution-tape.gif b/new/resources/images/nostalgia/under-construction-caution-tape.gif new file mode 100644 index 0000000..58cc881 Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-caution-tape.gif differ diff --git a/new/resources/images/nostalgia/under-construction-cones.gif b/new/resources/images/nostalgia/under-construction-cones.gif new file mode 100644 index 0000000..f1495de Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-cones.gif differ diff --git a/new/resources/images/nostalgia/under-construction-flashing.gif b/new/resources/images/nostalgia/under-construction-flashing.gif new file mode 100644 index 0000000..45ded23 Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-flashing.gif differ diff --git a/new/resources/images/nostalgia/under-construction-sign.gif b/new/resources/images/nostalgia/under-construction-sign.gif new file mode 100644 index 0000000..20f0757 Binary files /dev/null and b/new/resources/images/nostalgia/under-construction-sign.gif differ diff --git a/new/resources/images/nostalgia/valid_css3_blue.png b/new/resources/images/nostalgia/valid_css3_blue.png new file mode 100644 index 0000000..c0a0bf4 Binary files /dev/null and b/new/resources/images/nostalgia/valid_css3_blue.png differ diff --git a/new/resources/images/nostalgia/valid_html5_yellow.png b/new/resources/images/nostalgia/valid_html5_yellow.png new file mode 100644 index 0000000..cb41c4e Binary files /dev/null and b/new/resources/images/nostalgia/valid_html5_yellow.png differ diff --git a/new/resources/images/nostalgia/white_1.gif b/new/resources/images/nostalgia/white_1.gif new file mode 100644 index 0000000..6c4d528 Binary files /dev/null and b/new/resources/images/nostalgia/white_1.gif differ diff --git a/new/resources/images/sponsors/approximated.svg b/new/resources/images/sponsors/approximated.svg new file mode 100644 index 0000000..6f72d97 --- /dev/null +++ b/new/resources/images/sponsors/approximated.svg @@ -0,0 +1,7 @@ + + + + + + + diff --git a/new/resources/js/home.js b/new/resources/js/home.js index 23e5638..13f5eda 100644 --- a/new/resources/js/home.js +++ b/new/resources/js/home.js @@ -8,8 +8,16 @@ const resp = fetch("/resources/testimonials.json").then(async resp => { const tpl = cloneTemplate('#tpl-testimonial'); $('.testimonial-picture', tpl).src = testimonial.picture || ""; $('.testimonial-quote', tpl).innerText = `"${testimonial.quote}"`; - $('.testimonial-name', tpl).innerText = testimonial.name || ""; + if (testimonial.username) { + $('.testimonial-name', tpl).innerText = ` @${testimonial.username}`; + } else { + $('.testimonial-name', tpl).innerText = testimonial.name || ""; + } $('.testimonial-role', tpl).innerText = testimonial.role || ""; + if (testimonial.org) { + $('.testimonial-role', tpl).appendChild(document.createElement("br")); + $('.testimonial-role', tpl).appendChild(document.createTextNode(testimonial.org)); + } $(`.testimonial-col:nth-child(${i%3 + 1})`).append(tpl); } }); diff --git a/new/resources/testimonials.json b/new/resources/testimonials.json index 319284d..8fe8fd1 100644 --- a/new/resources/testimonials.json +++ b/new/resources/testimonials.json @@ -2,7 +2,7 @@ { "name": "First last", "role": "9999x developer", - "company": "Bigcorp", + "org": "Bigcorp", "picture": "https://pbs.twimg.com/profile_images/1624497316366528512/fBMXDuiZ_400x400.jpg", "quote": "Caddy is cool.", "link": "https://..." @@ -10,7 +10,7 @@ { "name": "Brad Warren", "role": "Lead Engineer of Certbot", - "company": "Electronic Frontier Foundation (EFF)", + "org": "Electronic Frontier Foundation (EFF)", "picture": "https://sea1.discourse-cdn.com/letsencrypt/user_avatar/community.letsencrypt.org/bmw/144/7797_2.png", "quote": "I think we should consider making Caddy the default ACME client recommendation. … It allows for better integration between the TLS server and the ACME management of those certificates. … [ACME clients with] Apache and NGINX are inherently more error prone and brittle than having the TLS server manage its certificates itself. … Caddy is written in a memory-safe language. Adoption of memory-safe programming languages is something that both ISRG and the broader computer security community have been encouraging more and more lately.", "link": "https://community.letsencrypt.org/t/should-our-default-client-recommendation-be-caddy-if-not-why-not/199949?u=mholt" @@ -18,7 +18,7 @@ { "name": "Josh Aas", "role": "Executive Director", - "company": "Let's Encrypt", + "org": "Let's Encrypt", "picture": "https://sea1.discourse-cdn.com/letsencrypt/user_avatar/community.letsencrypt.org/josh/144/10641_2.png", "quote": "Caddy is impressive. This is what we want, setting up a secure website.", "link": "https://www.youtube.com/watch?v=OE5UhQGg_Fo" @@ -32,5 +32,10 @@ "name": "Robert Melton", "role": "Software Developer", "quote": "Our client was in deep trouble: they were about to fail PCI compliance. We tossed Caddy in front hours before the deadline and went from 40 to 0 security errors in just minutes. … We have put over 1,000 domains on Caddy so far." + }, + { + "username": "lost_RD", + "quote": "Every time I have a problem, google directs me to a \"mature\" Traefik-based solution that barely works, if at all. Then I come here and there's a Caddy solution that blows it out of the water. New plan for today then. ... It's a simple addition to an already-simple config. Traefik is complexity on complexity and a nightmare to debug.", + "link": "https://discord.com/channels/569842713239879680/569842713239879682/1161874875053527081" } ] \ No newline at end of file diff --git a/new/sponsor.html b/new/sponsor.html index 4e19765..de036f6 100644 --- a/new/sponsor.html +++ b/new/sponsor.html @@ -341,6 +341,9 @@

    We advise that all large companies and enterprise organizations using Caddy should have an active plan which can mitigate costly incidents, train relevant teams, and provide the assurance of ongoing project maintenance.

    +

    + Enterpise+ is the only plan that guarantees continued development without other sponsors. +

    ⚠️ Limited stock. These tiers can sell-out in order to preserve service quality for existing customers.