Angie Versions Save

Feature: Basic support for automatically obtaining and updating certificates using the ACME protocol, configurable with the acme_client and acme directives, as well as variables of the form $acme_cert_* and $acme_cert_key_*.

Feature: Configuration of automatic redirection, which adds trailing slashes to request URIs, with the auto_redirect directive.

Feature: Output statistics metrics with dates in Epoch format instead of ISO 8601 for use in Prometheus and optionally in the JSON API with the ?date=epoch request argument.

Feature: New recovering state for upstream peers in the statistics API, indicating that a peer is slowly starting up after a failure, as suggested by the slow_start option.

Feature: Now the -V switch also shows the relevant version of nginx, which is useful for compatibility with third-party utilities, certbot in particular. Thanks to AdvTechnoKing.

Bugfix: If the SSL session reuse mechanism proxy_ssl_session_reuse was used and the list of proxied servers was dynamically updated, a leak could occur in the shared memory zone configured for the corresponding upstream block.

• Security: When using HTTP/3, a segmentation error may have occured in a worker process while processing a specially crafted QUIC session (CVE-2024-24989); note that Angie as of 1.4.0 is already not vulnerable to CVE-2024-24990.

Feature: Support for establishing HTTP/3 connections to upstream servers in the HTTP proxy module while allowing clients to use arbitrary HTTP versions. Configuration is done with the proxy_http_version directive and a set of proxy_quic_ and proxy_http3_ directives.

Feature: A mechanism for smoothly bringing the proxied server online after a failure using the slow_start option of the server directive in the upstream block.

Feature: mqtt_preread directive in the stream module, which allows extracting the username and client ID from the CONNECT packet of the MQTT protocol into the $mqtt_preread_username and $mqtt_preread_clientid variables.

Feature: Limiting the response rate of MP4 files transmission to the client proportionally to the bitrate using the mp4_limit_rate and mp4_limit_rate_after directives, which reduces the bandwidth load.

Feature: All functionality of nginx 1.25.3.

Bugfix: If a proxied server was the only one in a group, it could be incorrectly reported as unavailable in the metrics API even after recovery.

• Bugfix: possible incorrect values of metrics in Prometheus output that used variables other than $p8s_value for their values; in practice the issue could occur with angie_http_upstreams_peers_state and angie_stream_upstreams_peers_state from the standard prometheus_all.conf template.
• Bugfix: some connection attempts to upstream servers might not have been properly accounted for in the statistics API if they failed immediately; the bug had appeared in 1.3.0.

• Security: Added extra limitations to HTTP/2 stream handling for better protection against the DoS attack known as “HTTP/2 Rapid Reset” (CVE-2023-44487).

• Security: Added extra limitations to HTTP/2 stream handling for better protection against the DoS attack known as “HTTP/2 Rapid Reset” (CVE-2023-44487).

• Feature: ability to specify multiple match patterns in the location directive, which allows to combine several location blocks with similar settings and therefore simplify configuration by reducing duplication.
• Feature: export of varied statistics metrics in Prometheus format with flexible template configuration using the new prometheus and prometheus_template directives.
• Feature: detailed information and metrics for groups of stream upstream servers in the statistics interface provided by the api directive.
• Feature: the resolve option of the server directive in the stream module’s upstream block that allows to monitor changes to the list of IP addresses corresponding to a domain name, and automatically update it without the need of reloading configuration.
• Feature: the service option of the server directive in the stream module’s upstream block that allows to retrieve lists of addresses from DNS SRV records, with basic priority support.
• Feature: access to the contents of configuration files used by the current generation of worker processes via the interface provided by the api directive with the api_config_files directive enabled.
• Feature: display of the configuration generation number in process titles, which allows to monitor the success of configuration reloads and the number of previous worker process generations using the ps utility.
• Feature: all functionality of nginx 1.25.0.
• Bugfix: compilation failed when ./configure options --without-http_upstream_zone_module or --without-stream_upstream_zone_module were used; the bug had appeared in 1.2.0.
• Change: now appname angie is used when loading the OpenSSL configuration.

• Feature: ability to specify multiple match patterns in the location directive, which allows to combine several location blocks with similar settings and therefore simplify configuration by reducing duplication.
• Feature: export of varied statistics metrics in Prometheus format with flexible template configuration using the new prometheus and prometheus_template directives.
• Feature: detailed information and metrics for groups of stream upstream servers in the statistics interface provided by the api directive.
• Feature: the resolve option of the server directive in the stream module’s upstream block that allows to monitor changes to the list of IP addresses corresponding to a domain name, and automatically update it without the need of reloading configuration.
• Feature: the service option of the server directive in the stream module’s upstream block that allows to retrieve lists of addresses from DNS SRV records, with basic priority support.
• Feature: access to the contents of configuration files used by the current generation of worker processes via the interface provided by the api directive with the api_config_files directive enabled.
• Feature: display of the configuration generation number in process titles, which allows to monitor the success of configuration reloads and the number of previous worker process generations using the ps utility.
• Feature: all functionality of nginx 1.25.0.
• Bugfix: compilation failed when ./configure options --without-http_upstream_zone_module or --without-stream_upstream_zone_module were used; the bug had appeared in 1.2.0.
• Change: now appname angie is used when loading the OpenSSL configuration.

• Feature: the sticky directive and related options in the HTTP module upstream block, that allows to configure sticky sessions mode, where all requests of the session are routed to the same server.
• Feature: the $upstream_sticky_status variable, that takes either "NEW", "HIT" or "MISS" values depending on success of requesting related upstream server with sticky sessions enabled.
• Feature: support for NTLS in the HTTP and stream modules using TongSuo TLS library, that can be enabled via the ‑‑with‑ntls build time option and configured with the http ssl_ntls / stream ssl_ntls and http proxy_ssl_ntls / stream proxy_ssl_ntls corresponding directives.
• Feature: in HTTP ans stream proxy modules ability to specify multiple certificates with different types (RSA and ECDSA) and corresponding keys, using the proxy_ssl_certificate / proxy_ssl_certificate and proxy_ssl_certificate_key / proxy_ssl_certificate_key directives.
• Feature: display of version and build name in the master process title, which allows to get this information about a running server instance using the ps utility.
• Feature: ability to compress of “207 Multi-Status” responses by the gzip module. Thanks to DBotThePony
• Feature: all functionality of nginx 1.25.0, including HTTP/3 support.

• Feature: the sticky directive and related options in the HTTP module upstream block, that allows to configure sticky sessions mode, where all requests of the session are routed to the same server.
• Feature: the $upstream_sticky_status variable, that takes either "NEW", "HIT" or "MISS" values depending on success of requesting related upstream server with sticky sessions enabled.
• Feature: support for NTLS in the HTTP and stream modules using TongSuo TLS library, that can be enabled via the ‑‑with‑ntls build time option and configured with the http ssl_ntls / stream ssl_ntls and http proxy_ssl_ntls / stream proxy_ssl_ntls corresponding directives.
• Feature: in HTTP ans stream proxy modules ability to specify multiple certificates with different types (RSA and ECDSA) and corresponding keys, using the proxy_ssl_certificate / proxy_ssl_certificate and proxy_ssl_certificate_key / proxy_ssl_certificate_key directives.
• Feature: display of version and build name in the master process title, which allows to get this information about a running server instance using the ps utility.
• Feature: ability to compress of “207 Multi-Status” responses by the gzip module. Thanks to DBotThePony
• Feature: all functionality of nginx 1.25.0, including HTTP/3 support.