利用Caddy替代nginx提供web服务

行云流水
2022-06-29 / 0 评论 / 809 阅读 / 正在检测是否收录...

前言

发现了一款新的web服务器Caddy,看介绍使用和配置都非常简单就尝试一下。

部署

系统基本配置

参考: docker和docker-compose一键安装脚本

docker-compose.yml

version: "3.8"

services:
  caddy:
    image: caddy:latest
    restart: always
    ports:
      - '80:80'
      - '443:443'
    environment:
      - 'SET_CONTAINER_TIMEZONE=true'
      - 'TZ=Asia/Shanghai'
    volumes:
      - ./conf:/etc/caddy
      - /opt/www/dl:/opt/www/dl
      - /var/log/caddy:/opt/logs
    networks:
      - caddy_net

networks:
  caddy_net:

Caddyfile配置

:801 {
  encode zstd gzip
  root * /opt/res
  file_server {
      browse
  }
}

webzhan.xyz {
  tls admin@webzhan.xyz
  encode gzip
  log {
      output file  /opt/logs/access.log
  }
  header / {
      Strict-Transport-Security "max-age=31536000;includeSubdomains;preload"
  }

  ## HTTP 代理配置
  reverse_proxy  fmail:3000
}

v.webzhan.xyz {
  tls admin@webzhan.xyz
  encode gzip
  log {
      output file  /opt/logs/v_access.log
  }

  reverse_proxy 172.23.0.1:81

  file_server

  handle_errors {
      root * /etc/caddy/error
      rewrite * /error.html
      templates
      file_server
  }
}

v.webzhan.xyz {
  root * /www/web/v/
  tls admin@webzhan.xyz
  encode gzip
  log {
      output file  /opt/logs/v_access.log
  }

  php_fastcgi php:9000 {
     split .php
     index index.php
  }

  file_server

  handle_errors {
      root * /opt/caddy/error
      rewrite * /error.html
      templates
      file_server
  }
}

使用场景

反向代理wordpress

w.webzhan.xyz:80 {
  #tls admin@webzhan.xyz
  #header / {
  #    Strict-Transport-Security "max-age=31536000;includeSubdomains;preload"
  #}

  encode gzip
  log {
      output file  /opt/logs/w.log
  }
  ## HTTP 代理配置, ttrss服务IP地址+端口
  reverse_proxy  web:81 {
    header_up Host {host}
        header_up X-Real-IP {remote}
        header_up X-Forwarded-For {remote}
    header_up X-Forwarded-Port {server_port}
        header_up X-Forwarded-Proto  {scheme}
  }
}

chrome浏览器清理https自动跳转

  • 浏览器地址栏输入 "chrome://net-internals/#hsts"
  • 通过 "Domain Security Policy"删除即可

直接使用caddy+php

w.webzhan.xyz {
  tls admin@webzhan.xyz
  encode gzip
  root * /www/web/wp
  log {
      output file  /opt/logs/w.log
  }
  php_fastcgi php:9000 {
     # some php_fastcgi-specific subdirectives
     split .php
     index index.php
  }
  file_server
}

特殊目录设置访问密码

docker exec -it vlive_caddy_1 sh
caddy hash-password
v.webzhan.xyz {
  tls admin@webzhan.xyz
  encode gzip
  root * /www/web/v
  log {
      output file  /opt/logs/v.log
  }
  #header / {
  #    Strict-Transport-Security "max-age=31536000;includeSubdomains;preload"
  #}

  ### HTTP 代理配置
  #reverse_proxy  web:80
  php_fastcgi php:9000 {
     # some php_fastcgi-specific subdirectives
     split .php
     index index.php
  }
  file_server

  #错误处理
  handle_errors {
      root * /www/web/err
      rewrite * /error.html
      templates
      file_server
  }

  #访问认证
  basicauth /p/* {
      vlive  $2a$14$DIjtbTxbUSZHfHJUrjuU9.45SlrcwICIXNVSwVxehsnHhTXBBNNsi
  }
}

评论 (0)

取消
只有登录/注册用户才可评论