hypershunt v1.0.0-rc14
Pre-release
Pre-release
What's new in 1.0.0-rc14
Maintenance release.
Features
- Serving --- static files (range, ETag,
try-files), redirects,
inline responses, custom error pages. - Routing --- virtual hosts (literal + regex), request matchers,
URL rewrites with regex captures. - Reverse proxy --- HTTP/1, HTTP/2, HTTP/3 upstreams; load
balancing, health checks, retries; FastCGI, SCGI, CGI. - Layer-4 proxy --- TCP, UDP, and Unix-socket forwarders with
optional TLS termination. - TLS --- ACME (HTTP-01, DNS-01, TLS-ALPN-01), file-based PEM,
self-signed; OCSP stapling; mTLS with CRLs. - Auth & access control --- HTTP Basic (PAM, LDAP, htpasswd),
JWT sessions, OIDC SSO, firewall-style policy blocks. - Operations --- compression, structured access logs, status page,
health endpoints, hot reload, seamless binary upgrade,.deb/
.rpm/ OCI image.
…and more --- see the configuration reference.
Standards
| HTTP/1.1, HTTP/2, HTTP/3 | RFC 9112, RFC 9113, RFC 9114 |
| WebSocket; extended CONNECT | RFC 6455, RFC 8441 |
| TLS 1.2 / 1.3 | RFC 5246, RFC 8446 |
| ACME (HTTP-01, DNS-01, TLS-ALPN-01) | RFC 8555, RFC 8737 |
| OCSP stapling | RFC 6066 §8 |
| JWT (ES256) / JWS / JWK / JWK thumbprint | RFC 7519, RFC 7515, RFC 7517, RFC 7638 |
OAuth 2.0 PKCE, token revocation, resource indicators, iss param |
RFC 7636, RFC 7009, RFC 8707, RFC 9207 |
| OpenID Connect 1.0 + back-channel logout | OIDC Core, OIDC Back-Channel Logout |
| HAProxy PROXY protocol v1 / v2 | HAProxy spec |
| CGI / FastCGI / SCGI | RFC 3875, FastCGI 1.0, SCGI 1.0 |
| KDL configuration | KDL v2 |