May 27, 2020

Introduction to the use of simple and crude Caddy Server

Caddy is a server software written by Go. The official slogan “The HTTP server with automatic HTTPS” and “Serve The Web Web Like s 2016” succinctly expresses the advantages and trends of this software. It has the basic apache or nginx web server modules, as well as some special functions, such as:

HTTP/2 Automatic HTTPS Multi-core Websockets Markdown IPv6 Git … . With Caddy, we can easily deploy 1 Markdown text as static website access, or its Git instruction to complete the automatic deployment of the code. Of course, its great feature is that its syntax is very concise, even simpler than nginx, and it is very convenient to configure and deploy. The following are just a few examples.

Add BasicAuth, username ryan, and password 12345 to the site

basicauth / ryan 12345

Solve cross-domain problems with CORS

cors / { origin http://allowedSite.com origin http://anotherSite.org https://anotherSite.org methods POST,PUT allow_credentials false max_age 3600 allowed_headers X-Custom-Header,X-Foobar exposed_headers X-Something-Special,SomethingElse }

IP filter

ipfilter / { rule block ip 212.10.15.0-255 213.10.15.0-10 5.23.4.24 blockpage /local/data/default.html }

HTTPS configuration tls ../cert.pem ../key.pem It’s so easy to configure, and there are other instructions that are so simple that you can see the official User Guide, which is quickly finished.

Since Caddy automatically deploys https via Let’s Encrypt, then practice 1. This blog is built with Ghost, Nginx proxy, now switch to Caddy and support https. The steps are as follows:

For certificate application, please move to Let’s Encrypt Caddy installation is very simple, direct download https: / / caddyserver com/docs/getting - started Configure Caddyfile and the instructions look clear and concise

https://www.yuansir-web.com, http://www.yuansir-web.com, http://yuansir-web.com {
 redir https://yuansir-web.com{uri}
 tls [email protected]
}

https://yuansir-web.com {
 gzip
 errors {
  log /var/log/caddy/yuansir-web.error.log {
    size 50
    age 30
    keep 5
  }
 }
 log /var/log/caddy/yuansir-web.access.log
 tls [email protected]
 proxy / http://127.0.0.1:2368 {
  proxy_header X-Real-IP {remote}
  proxy_header HOST {host}
  proxy_header X-Forwarded-Proto {scheme}
 }
}

supservisor is used to manage the Caddy run

[program:caddy]
command=/usr/bin/caddy -conf="/var/www/Caddyfile"
directory=/var/www  ; directory to cwd to before exec (def no cwd)
autostart=true    ; start at supervisord start (default: true)
autorestart=unexpected  ; whether/when to restart (default: unexpected)
startsecs=1     ; number of secs prog must stay running (def. 1)
startretries=3    ; max # of serial start failures (default 3)
exitcodes=0,2     ; 'expected' exit codes for process (default 0,2)
stopsignal=QUIT    ; signal used to kill process (default TERM)
stopwaitsecs=10    ; max num secs to wait b4 SIGKILL (default 10)
stopasgroup=false    ; send stop signal to the UNIX process group (default false)
user=www    ; setuid to this UNIX account to run the program
redirect_stderr=true   ; redirect proc stderr to stdout (default false)
stdout_logfile=/var/log/caddy.log  ; stdout log path, NONE for none; default AUTO
stderr_logfile=/var/log/caddyerr.log  ; stderr log path, NONE for none; default AUTO

Replace the site’s static resource CDN with CDN that supports https Okay, that’s it. Nginx is now Caddy and https is supported.