Of Stack

Introduction to the use of simple and crude Caddy Server

  • 2020-05-27 07:45:38
  • OfStack

Caddy is a server software written by Go. The official slogan "The HTTP server with automatic HTTPS" and "Serve The Web Web Like s 2016" succinctly expresses the advantages and trends of this software. It has the basic apache or nginx web server modules, as well as some special functions, such as:

HTTP/2
Automatic HTTPS
Multi-core
Websockets
Markdown
IPv6
Git
... .
With Caddy, we can easily deploy 1 Markdown text as static website access, or its Git instruction to complete the automatic deployment of the code. Of course, its great feature is that its syntax is very concise, even simpler than nginx, and it is very convenient to configure and deploy. The following are just a few examples.

Add BasicAuth, username ryan, and password 12345 to the site

basicauth / ryan 12345

Solve cross-domain problems with CORS

cors / {
origin http://allowedSite.com
origin http://anotherSite.org https://anotherSite.org
methods POST,PUT
allow_credentials false
max_age 3600
allowed_headers X-Custom-Header,X-Foobar
exposed_headers X-Something-Special,SomethingElse
}

IP filter

ipfilter / {
rule block
ip 212.10.15.0-255 213.10.15.0-10 5.23.4.24
blockpage /local/data/default.html
}

HTTPS configuration
tls ../cert.pem ../key.pem
It's so easy to configure, and there are other instructions that are so simple that you can see the official User Guide, which is quickly finished.

Since Caddy automatically deploys https via Let's Encrypt, then practice 1. This blog is built with Ghost, Nginx proxy, now switch to Caddy and support https. The steps are as follows:

For certificate application, please move to Let's Encrypt
Caddy installation is very simple, direct download https: / / caddyserver com/docs/getting - started
Configure Caddyfile and the instructions look clear and concise 


https://www.yuansir-web.com, http://www.yuansir-web.com, http://yuansir-web.com {
 redir https://yuansir-web.com{uri}
 tls yuansir88@gmail.com
}

https://yuansir-web.com {
 gzip
 errors {
  log /var/log/caddy/yuansir-web.error.log {
    size 50
    age 30
    keep 5
  }
 }
 log /var/log/caddy/yuansir-web.access.log
 tls yuansir88@gmail.com
 proxy / http://127.0.0.1:2368 {
  proxy_header X-Real-IP {remote}
  proxy_header HOST {host}
  proxy_header X-Forwarded-Proto {scheme}
 }
}

supservisor is used to manage the Caddy run 


[program:caddy]
command=/usr/bin/caddy -conf="/var/www/Caddyfile"
directory=/var/www  ; directory to cwd to before exec (def no cwd)
autostart=true    ; start at supervisord start (default: true)
autorestart=unexpected  ; whether/when to restart (default: unexpected)
startsecs=1     ; number of secs prog must stay running (def. 1)
startretries=3    ; max # of serial start failures (default 3)
exitcodes=0,2     ; 'expected' exit codes for process (default 0,2)
stopsignal=QUIT    ; signal used to kill process (default TERM)
stopwaitsecs=10    ; max num secs to wait b4 SIGKILL (default 10)
stopasgroup=false    ; send stop signal to the UNIX process group (default false)
user=www    ; setuid to this UNIX account to run the program
redirect_stderr=true   ; redirect proc stderr to stdout (default false)
stdout_logfile=/var/log/caddy.log  ; stdout log path, NONE for none; default AUTO
stderr_logfile=/var/log/caddyerr.log  ; stderr log path, NONE for none; default AUTO

Replace the site's static resource CDN with CDN that supports https
Okay, that's it. Nginx is now Caddy and https is supported.

Related articles: