This release tidied up the contribution by Teifun2 and added a new way to generate DNS challenge based certificate (e.g. wildcards) from Let's Encrypt without changing any environment variables. This also fixes a few previous ACME module EAB settings bug related to concurrent save.
You can find the DNS challenge settings under TLS / SSL > ACME snippet > Generate New Certificate > (Check the "Use a DNS Challenge" checkbox)
- Optimized DNS challenge implementation thanks to Teifun2 / Issues #49 #79
- Removed dependencies on environment variable write and keep all data contained
- Fixed panic on loading certificate generated by Zoraxy v2
- Added automatic form generator for DNS challenge / providers
- Added CA name default value
- Added code generator for acmedns module (storing the DNS challenge provider contents extracted from lego)
- Fixed ACME snippet "Obtain Certificate" concurrent issues in save EAB and DNS credentials
For users using SMTP with older versions, you might need to update the settings by moving the domains (the part after @ in the username and domain setup field) into the username field.
- Updated SMTP UI for non email login username #129
- Fixed ACME cert store reload after cert request #126
- Fixed default rule not applying to default site when default site is set to proxy target #130
- Fixed blacklist-ip not working with CIDR bug
- Fixed minor vdir bug in tailing slash detection and redirect logic
- Added custom mdns name support (-mdnsname flag)
- Added LAN tag in statistic #131
- Added alias for HTTP proxy host names #76
- Added separator support for create new proxy rules (use "," to add alias when creating new proxy rule)
- Added HTTP proxy host based access rules #69
- Added EAD Configuration for ACME (by yeungalan) #45
- Fixed bug for bypassGlobalTLS endpoint do not support basic-auth
- Fixed panic due to empty domain field in json config #120
- Removed dependencies on management panel css for online font files
- Added regex support for redirect (slow, don't use it unless you really needs it) #42
- Added new dpcore implementations for faster proxy speed
- Added support for CF-Connecting-IP to X-Real-IP auto rewrite #114
- Added enable / disable of HTTP proxy rules in runtime via slider #108
- Added better 404 page
- Added option to bypass websocket origin check #107
- Updated project homepage design
- Fixed recursive port detection logic
- Fixed UserAgent in resp bug
- Updated minimum required Go version to v1.22 (Notes: Windows 7 support is dropped) #112
IMPORTANT: V3 is a big rewrite and it is incompatible with V2! There is NO migration, if you want to stay on V2, please use V2 branch!
- Added comments for whitelist #97
- Added force-renew for certificates #92
- Added automatic cert pick for multi-host certs (SNI)
- Renamed .crt to .pem for cert store
- Added best-fit selection for wildcard matching rules
- Added x-proxy-by header / Added X-real-Ip header #93
- Added Development Mode (Cache-Control: no-store)
- Updated utm timeout to 10 seconds instead of 90
- Added "Add controller as member" feature to Global Area Network editor
- Added custom header
- Deprecated aroz subservice support
- Updated visuals, improving logical structure, less depressing colors #95
- Added virtual directory into host routing object (each host now got its own sets of virtual directories)
- Added support for wildcard host names (e.g. *.example.com)
- Added best-fit selection for wildcard matching rules (e.g. *.a.example.com > *.example.com in routing)
- Generalized root and hosts routing struct (no more conversion between runtime & save record object
- Added "Default Site" to replace "Proxy Root" interface
- Added Redirect & 404 page for "Default Site"
- Added opt-out for subdomains for global TLS settings: See release notes
- Optimized subdomain / vdir editing interface
- Added system-wide logger (Work in progress)
- Fixed issue for uptime monitor bug #77
- Changed default static web port to 5487 (prevent already in use)
- Added automatic HTTP/2 to TLS mode
- Bug fix for webserver autostart 67
- Added Static Web Server function #56
- Web Directory Manager (see static webserver tab)
- Added static web server and black / whitelist template #38
- Added default / preferred CA features for ACME #47
- Optimized TLS/SSL page and added dedicated section for ACME related features
- Bugfixes #61 #58
- Added basic auth editor custom exception rules
- Fixed redirection bug under another reverse proxy and Apache location headers #39
- Optimized memory usage (from 1.2GB to 61MB for low speed geoip lookup) #52
- Added unset subdomain custom redirection feature #46
- Fixed potential security issue in satori/go.uuid #55
- Added custom ACME feature in backend, thx @daluntw
- Added bypass TLS check for custom acme server, thx @daluntw
- Introduce new start parameter
-fastgeoip=true: see release notes
- Patch on memory leaking for Windows netstat module (do not effect any of the previous non Windows builds)
- Fixed potential memory leak in ACME handler logic
- Added "Do you want to get a TLS certificate for this subdomain?" dialogue when a new subdomain proxy rule is created
- Added Import / Export-Feature
- Moved configuration files to a separate folder #26
- Added auto-renew with ACME #6
- Fixed Whitelistbug #18
- Added Whois
- Added force TLS v1.2 above toggle
- Added trace route
- Added ICMP ping
- Added special routing rules module for up-coming ACME integration
- Fixed IPv6 check bug in black/whitelist
- Optimized UI for TCP Proxy
- Added X-Forwarded-Proto for automatic proxy detector
- Split blacklist and whitelist from geodb script file
- Optimized compile binary size
- Added access control to TCP proxy
- Added "invalid config detect" in up time monitor for issue #7
- Fixed minor bugs in advance stats panel
- Reduced file size of embedded materials
- Added advance stats operation tab
- Added statistic reset #13
- Added statistic export to csv and json (please use json)
- Make subdomain clickable (not vdir) #12
- Added TCP Proxy
- Updates SMTP setup UI to make it more straight forward to setup
- Added reverse proxy TLS skip verification
- Added basic auth
- Edit proxy settings
- Whitelist
- TCP Proxy (experimental)
- Info (Utilities page)
- Basic auth
- Support TLS verification skip (for self signed certs)
- Added trend analysis
- Added referrer and file type analysis
- Added cert expire day display
- Moved subdomain proxy logic to dpcore