From f55b2d6c064ebc9ab77b877c76211578ea91bf4b Mon Sep 17 00:00:00 2001 From: Matthew Holt Date: Tue, 3 Oct 2023 17:56:18 -0600 Subject: [PATCH] More features WIP --- new/features.html | 200 ++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 192 insertions(+), 8 deletions(-) diff --git a/new/features.html b/new/features.html index 25cb34b..5f799d5 100644 --- a/new/features.html +++ b/new/features.html @@ -348,7 +348,6 @@ -

@@ -421,6 +420,78 @@

+
+
+

+ HTTP server +

+

+ Caddy's HTTP server is one-of-a-kind: powerful, extensible, efficient, and modern. +

+
+
+

HTTP versions

+
+ Caddy's HTTP server supports all major versions of HTTP and enables them by default. You can customize exacttly which versions you want to serve. +
+
    +
  • HTTP/1.1
    • +
  • HTTP/2
    • +
  • HTTP/2 over cleartext (H2C)
    • +
  • HTTP/3
    • +
+
+
+

Listen interfaces

+
+ Each HTTP server can listen on one or more sockets and network interfaces. For ports, you can specify specific host interface or all interfaces with just a port. All varieties of unix sockets are also supported. +
+
    +
  • TCP
    • +
  • UDP
    • +
  • Unix sockets
    • +
+
+
+

Listener wrappers

+
+ Listeners can be wrapped by modules that operate at the connection-accept level. +
+
    +
  • Redirect HTTP on HTTPS port
    • +
  • PROXY protocol
    • +
  • Tailscale
    • +
+
+
+

Timeouts

+
+ Setting timeouts is an important defensive measure for production environments, but must be tuned carefully to accommodate legitimate slow clients with large downloads or uploads. +
+
    +
  • Read timeout
    • +
  • Read HTTP header timeout
    • +
  • Write timeout
    • +
  • Idle timeout
    • +
  • TCP keepalive interval
    • +
+
+
+

Full duplex communication

+
+ Concurrent reading and writing of HTTP/1 is not supported by all clients, but can be enabled for certain clients and applications that require it. +
+
    +
  • Configurable for HTTP/1
    • +
  • Default for HTTP/2
    • +
+
+
+
+
+ + +

@@ -516,14 +587,8 @@

Trusted proxies

- HTTP headers can't be trusted from all clients, so you can specify a list of IP ranges of proxies + In order to use proxy-related headers like X-Forwarded-For, you can specify a list of IP ranges of proxies you trust. By default Caddy doesn't trust the clients.
-
    -
  • Static
    • -
  • Dynamic: A records
    • -
  • Dynamic: SRV records
    • -
  • Dynamic: Multiple sources combined
    • -

Header manipulation

@@ -537,6 +602,28 @@
  • Substring replace
    • +
    +

    Buffering

    +
    + The proxy can read the entire body before flushing it. This uses more memory but can be required by some backend applications or clients in some cases. +
    +
      +
    • Requests
      • +
    • Responses
      • +
    +
    +
    +

    Request rewriting

    +
    + Rewriting is a different concern from proxying and is normally handled separately, but sometimes you need to rewrite requests using information from the proxy like the chosen upstream. Caddy's proxy lets you do this. +
    +
    +
    +

    Response interception

    +
    + By default, Caddy's proxy simply writes responses to the client. However, you can intercept the upstream's response and handle it in other ways. This includes matching only certain responses and invoking a custom handler chain you specify. +
    +

    Active health checks

    @@ -608,6 +695,103 @@ + + +

    HTTP transport

    +

    + This is the default transport module. It crafts a proxied HTTP request to obtain an HTTP response from the backend. +

    + +
    +
    +

    DNS resolvers

    +
    + The system resolvers are used by default, but you can specify custom DNS resolvers per proxy handler. +
    +
    +
    +

    TLS

    +
    + Caddy can be configured to support TLS (formerly known as SSL) to the upstream. +
    +
      +
    • Custom root CA pool
      • +
    • Client authentication to backend
      • +
    • Custom handshake timeout
      • +
    • Server Name Indicator (SNI)
      • +
    • Renegotiation level
      • +
    • Exempt certain ports from TLS
      • +
    +
    +
    +

    Connection pooling

    +
    + Connections to backends are pooled for maximum efficiency and minimal latency. +
    +
      +
    • HTTP Keep-Alive
      • +
    • Custom probe interval
      • +
    • Maximum idle connections (total and per-host)
      • +
    • Idle connection timeout
      • +
    +
    +
    +

    Compression

    +
    + Caddy can compress requests for the roundtrip with the backend. +
    +
    + Gzip +
    +
    +
    +

    Connection limit

    +
    + You can limit the number of connections per host. +
    +
    +
    +

    PROXY Protocol

    +
    + The PROXY Protocol v1 and v2 are both supported when connecting to upstreams. +
    +
    +
    +

    Timeouts

    +
    + Various timeouts can be configured; some have sensible default values. +
    +
      +
    • Connection (dial)
      • +
    • RFC 6555 fallback
      • +
    • Reading response headers
      • +
    • Expect continue
      • +
    • Read
      • +
    • Write
      • +
    +
    +
    +

    Custom buffer sizes

    +
    + Tune the size of read/write buffers if you find that your application performs better with certain settings. +
    +
      +
    • Read buffers
      • +
    • Write buffers
      • +
    +
    +
    +

    HTTP versions

    +
    + Caddy's proxy supports multiple HTTP versions with the backend. By default, HTTP/1.1 and HTTP/2 are supported. +
    +
      +
    • HTTP/1.1
      • +
    • HTTP/2
      • +
    • H2C (HTTP/2 over cleartext)
      • +
    +
    +