docs: Update for v2.2

src/docs/markdown/caddyfile/options.md

@@ -31,8 +31,13 @@ Possible options are:
 	}
 	acme_ca <directory_url>
 	acme_ca_root <pem_file>
+	acme_eab <key_id> <mac_key>
+	acme_dns <provider>
 	email   <yours>
-	admin   off|<addr>
+	admin   off|<addr> {
+		origins <origins...>
+		enforce_origin
+	}
 	on_demand_tls {
 		ask      <endpoint>
 		interval <duration>
@@ -41,6 +46,7 @@ Possible options are:
 	local_certs
 	key_type ed25519|p256|p384|rsa2048|rsa4096
 	auto_https off|disable_redirects
+	cert_issuer <name> ...
 }
 ```
 
@@ -53,11 +59,16 @@ Possible options are:
 - **storage** configures Caddy's storage mechanism. Default: `file_system`
 - **acme_ca** specifies the URL to the ACME CA's directory. It is strongly recommended to set this to Let's Encrypt's [staging endpoint](https://letsencrypt.org/docs/staging-environment/) for testing or development. Default: Let's Encrypt's production endpoint.
 - **acme_ca_root** specifies a PEM file that contains a trusted root certificate for ACME CA endpoints, if not in the system trust store.
+- **acme_eab** specifies an External Account Binding to use for all ACME transactions.
+- **acme_dns** configures the DNS challenge to use for all ACME transactions.
 - **email** is your email address. Mainly used when creating an ACME account with your CA, and is highly recommended in case there are problems with your certificates.
 - **admin** customizes the [admin API endpoint](/docs/api). If `off`, then the admin endpoint will be disabled. If disabled, config changes will be impossible without stopping and starting the server.
+	- **origins** configures the list of remotes/origins that are allowed to connect to the endpoint.
+	- **enforce_origin** enables enforcement of the Origin header. (This is different from enforcing origins generally, which is always done.)
 - **on_demand_tls** configures [On-Demand TLS](/docs/automatic-https#on-demand-tls) where it is enabled, but does not enable it (to enable it, use the [on_demand `tls` subdirective](/docs/caddyfile/directives/tls#syntax)). Highly recommended if using in production environments, to prevent abuse.
 	- **ask** will cause Caddy to make an HTTP request to the given URL with a query string of `?domain=` containing the value of the domain name. If the endpoint returns 200 OK, Caddy will be authorized to obtain a certificate for that name.
 	- **interval** and **burst** allows `<n>` certificate operations within `<duration>` interval.
 - **local_certs** causes all certificates to be issued internally by default, rather than through a (public) ACME CA such as Let's Encrypt. This is useful in development environments.
 - **key_type** specifies the type of key to generate for TLS certificates; only change this if you have a specific need to customize it.
 - **auto_https** configure automatic HTTPS. It can either disable it entirely (`off`) or disable only HTTP-to-HTTPS redirects (`disable_redirects`). See the [Automatic HTTPS](/docs/automatic-https) page for more details.
+- **cert_issuer** defines the issuer (or source) of TLS certificates.