Caddy安装和使用
Caddy安装
on docker
docker run --name caddy -d -p 80:80 -p 443:443 -p 127.0.0.1:2019:2019\ -e TZ=Asia/Shanghai -e DNS=223.5.5.5,8.8.8.8 \ -v /data/web/:/usr/share/caddy/ \ -v /data/caddy/config:/config \ -v /data/caddy/Caddyfile:/etc/caddy/Caddyfile \ -v /data/caddy/data:/data \ caddy:2.9.1-alpine
curl 127.0.0.1:2019/config/ -v|jq
on ubuntu/debian
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curlcurl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpgcurl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.listsudo apt updatesudo apt install caddy
on centos
#centos8dnf install 'dnf-command(copr)'dnf copr enable @caddy/caddydnf install caddy
#centos7yum install yum-plugin-copryum copr enable @caddy/caddyyum install caddy
使用
反向代理
https://gaojinbo.com { reverse_proxy /path http://localhost:54321 { header_up Host 101.2.2.2 #header_up Host {host} header_up X-Real-IP {remote} header_up X-Forwarded-For {remote} header_up X-Forwarded-Port {server_port} header_up X-Forwarded-Proto "http" }}
跨域
https://gaojinbo.com { reverse_proxy /path http://localhost:54321 { header_up Host {http.reverse_proxy.upstream.hostport} header_down Access-Control-Allow-Headers * header_down Access-Control-Allow-Origin * }}
代理websocket
bsc-rpc.gaojinbo.com { reverse_proxy http://127.0.0.1:8545}
重定向
#1www.gaojinbo.com { redir https://gaojinbo.com{uri} permanent}
#2gaojinbo.com { redir /about-us /about reverse_proxy localhost:9000}
#3http://gaojinbo.com { redir https://{host}{uri}}
文件列表
gaojinbo.com { # Set this path to your site's directory. root * /usr/share/caddy
# Enable the static file server. file_server browse}
缓存头控制
http://idm.gaojinbo.com { header /static* { Cache-Control "public, max-age=3600, must-revalidate" } # no cache for sitemaps header / { Cache-Control "no-cache, no-store, must-revalidate" } reverse_proxy http://localhost:8080 { header_up Host {host} header_up X-Real-IP {remote} header_up X-Forwarded-For {remote} }
}
去掉Server头信息
(headerz) { header { -server -Link -X-Powered-By }}
gaojinbo.com { reverse_proxy http://localhost:19997 { header_up Host 182.254.244.86 } http_cache { # 针对各个站点的cdn配置 #cache_type file #path /tmp/cache cache_type in_memory default_max_age 15m match_path / match_header Content-Type text/css text/javascript application/javascript image/jpg image/png "text/plain; charset=utf-8" } import headerz}
自定义SSL
casdoor.gaojinbo.com {tls /opt/ssl/gaojinbo.crt /opt/ssl/gaojinbo.key reverse_proxy http://localhost:8000 { }}
自定义404
gaojinbo.com { root * /web/gaojinbo.com/ file_server handle_errors { rewrite * /{err.status_code}.html file_server }}
监控metrics
{ supervisor { php-fpm --nodaemonize { env DEBUG false redirect_stdout stdout redirect_stderr stdout restart_policy on_failure } } servers { metrics }}
:80 { respond "Hi!"}
http://tt.gaojinbo.com { root * /app/public/wp6/wordpress/ php_fastcgi localhost:9000 file_server}
限速
#编译插件xcaddy build --with github.com/mholt/caddy-ratelimit
gaojinbo.com { rate_limit 5 1h { jitter 1s }}#每小时内最多处理 5 个请求#jitter 1s 表示每次计算重试时间时,会在基础上增加最多 1 秒的随机时间,以分散重试请求