1.caddy 一键脚本安装
caddy 官网:https://caddyserver.com/
手动下载:https://caddyserver.com/download
Github:https://github.com/mholt/caddy
官方脚本安装
curl https://getcaddy.com | bash -s personal
若需安装插件
curl https://getcaddy.com | bash -s personal tls.dns.cloudflare
2. 配置 caddy
创建配置文件放到 /etc/caddy 目录
sudo mkdir /etc/caddy
sudo touch /etc/caddy/Caddyfile
sudo chown -R root:www-data /etc/caddy
配置 ssl 证书目录
sudo mkdir /etc/ssl/caddy
sudo chown -R www-data:root /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy
配置网站目录
sudo mkdir /var/www
sudo chown www-data:www-data /var/www
配置 systemd
sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service
sudo systemctl daemon-reload
sudo systemctl enable caddy.service
sudo systemctl status caddy.service
创建 Caddfile 配置文件,修改 Caddfile 文件
touch /etc/caddy/Caddyfile
vi /etc/caddy/Caddyfile
一个简单的 websocket 加静态网站配置
example.com {
root /var/www/
tls {
protocols tls1.1 tls1.2
}
proxy /caressr 127.0.0.1:10000 {
websocket
header_upstream -Origin
}
log /var/log/caddy/access.log
}
创建一个简单的 HTML 页面
echo ‘<h1>Hello World!</h1>’ | sudo tee /var/www/index.html
给 log 路径赋权
sudo chown www-data:www-data /var/log/caddy
上例是一个简单的 websocket 加静态网站配置。第一行为自己的域名,tls 自动申请 let’sencrypt ssl 证书,后面可以不加邮箱会,protocols 为 tls 协议版本。Caddfile 更多配置详见官网。
3. 通过 systemd 管理 caddy
sudo systemctl start caddy.service
sudo systemctl stop caddy.service
sudo systemctl restart caddy.service
sudo systemctl reload caddy.service
4. 防火墙开启 http 和 https 端口
sudo firewall-cmd –permanent –zone=public –add-service=http
sudo firewall-cmd –permanent –zone=public –add-service=https
sudo firewall-cmd –reload