- Move authentication/security settings to the main site model
- Add proteus permission string check
- Set a
timeoutandproxyTimeoutinSiteDispatcher#forwardRequest() - Do not retry connection on error
- Allow other Hohenheim proxies to be used as upstream
- Refactor the way sites are stored in memory
- Use
active_process_countto start the minimum amount of processes instead oftotal_proc_count - Fix using
hostheader instead of:authority - Make domain regex matches even more strict: limit amount of subdomains
- Automatically remove problematic domains from Greenlock (though it does not work)
- Keep track of IP reputations
- Optimize the
SiteDispatcher#forwardRequest()andProxySite#getAddress()methods - Add the
ignore_certificatesoption toProxySite - Don't allow subdomains inside the
projecturl regex match - Make the updating of node.js versions, users & ip addresses available as a task
- Add support for Proteus-based authentication per site, instead of basic-auth
- Add the
n_locationssetting, so more custom node versions can be used - Upgrade to alchemy v1.3.1
- Move database login to the local.js file
- Use distinct problem logger
- Upgrade to new Chimera version
- Make sure terminal streams are not buffered
- Fix
Proxysites breaking certainlocationresponse headers - Add
use_portsfield to Node sites - Add the
anyip option to listen-on
- Change the umask to 2 so child processes will leave created files & sockets readable by others in their group
- Allow unsetting headers
- Add support for socket files to the
Proxysite type - Domain names can now contain named capture groups, which can be used in the socket file
- The
HOMEenvironment variable will be unset if a node site runs as a different UID - Add
fallback_fileoption to static site settings - Fix issues with the Sitestat element in Chimera
- Upgrade to Alchemy v1.1.0
- Use socketfiles for node.js sites by default
- Add sticky routing (always route same client to the same instance)
- Node sites can now be "isolated", meaning they will only serve already seen clients
- Add a
handleRequestmethod to the Site class - Allow broadcasting messages to multiple node instances
- Upgrade to the latest Greenlock version (big changes for the Letsencrypt API)
- Remove spdy in favor of internal http2 module
- Switch to http2-proxy, because http-proxy is not compatible with http2
- Upgrade to Greenlock v4
- Add Redirect site class
- Allow using wildcards (* or ?) in domains
- Greenlock requires "ursa" on node versions lower than 10.
- Add
X-Forwarded-Hostheader - Rewrite
locationresponses coming from proxied servers - Throttle restarting node sites when they crash too often
- Add
Staticsite class, which usesecstaticto serve static files - Update node versions, users & ips every hour
- Some small fixes
- Dependency (security) updates
- Attempt to work around
spdy's timeout issues
- Upgrade to alchemy 1.0.5
- Dependency updates
- The
Procloglog array is limited to 500 lines - Throttle saving the
Proclogrecord
- Also set the node.js port to use on the child process PORT env variable
- Regular
Nodesites don't need to send a "ready" message anymore - Added
Alchemysite, which inherits fromNode - Log access to file (instead of database) at
/var/log/hohenheim/access.log - Log the URL when giving up on a request
- Node sites now have a
minimum_processesandmaximum_processesfield - Access Alchemy sites' Janeway interface thanks to xterm.js
- Upgrade alchemy to v1.0.0
- Add vhost to access log
- Add http/2 support using the
spdymodule - Add websocket support for http-only proxies
- Add
Domainmodel, needed for future wildcard support Site#registerHitwill now correctly see when a response ends, even with keep-alive enabled- Append to the
x-forwarded-forheader in case it's already set - Allow sites to force https mode, if it's not forced for the entire server
- Add Letsencrypt support using the
greenlockmodule - Added websocket proxy support
- Ports are tested before a node process starts
- Should a port still be in use when a new process starts hohenheim will try a new one
- Add
posixmodule, so we can increase the filelimit - Enable keep-alive
- Each configured site domain now requires you to assign an available ip address
- You can now define the uid a node site runs as
- Fix
Site#matchesso it also searches through definedhostnames Site#getAddresswill callback with an error when it fails to start- The callback provided to
Site#getAddresswill now accept error objects - Fix
NodeSitecwd not being set properly - Fix
NodeSite#readygoing under 0, which made it stop creating a new process - You can now set which node version a
NodeSiteuses (defaults towhich node, no more forking)
- Convert old codebase to new alchemy 0.3.x