It can take a few seconds...

use log instead of fmt to obey the -log flag

fixed data races in websockets

Also we're not messing with log flags anymore during parsing. Timestamps could come in handy, plus concurrent logging is going on now.

Previously, if a listener fails to bind (for example), there was a race in caddy.go between unblocking the startup waitgroup and returning the error and putting it into errChan. Now, an error is returned directly into errChan and the closing of the startup waitgroup is defered until after that return takes place.

Log file can also be stdout or stderr. Log output is disabled by default now, which makes it more feasible to add more log statements to trace program flow in debugging situations.

add helpful suggestion to identify problem

This is known to happen if another program spawns Caddy with a stdin pipe but does not close its write end of Caddy's stdin.

Lint pacification

pass all tests

respond to maintainer comments

reinstate assignment of t

correct typo

correct typo

pass linter some more

Fix regression: Ensure TLS defaults are added by LE handlers.

If the -host flag is used, we might still have to set up Let's Encrypt, so this change is necessary.

Fixed bug where manually specifying port 443 disabled TLS (whoops); otherHostHasScheme was the culprit, since it would return true even if it was the same config that had that scheme.

Also, an error at startup (if not a restart) is now fatal, rather than keeping a half-alive zombie server.

Let's Encrypt

Conflicts:
	caddy/parse/parse.go
	caddy/parse/parsing.go
	config/config.go
	config/setup/controller.go
	main.go
	server/server.go

By chaining in a middleware handler and using newly exposed hooks from the acme package, we're able to proxy ACME requests on port 443 to the ACME client listening on a different port.

This fixes a bug with the -agree flag

Before, we were activating Let's Encrypt after all the directives were executed. This means their setup functions had access to potentially erroneous information about the server's TLS setup, since the letsencrypt package makes changes to the port, etc. Now, we execute all directives up to and including tls, then activate letsencrypt, then finish with the rest of the directives. It's a bit ugly, but I do think it is more correct. It also fixes some bugs, for example: a host that only has a catch-all redirect.