1.caddy一键脚本安装
caddy官网 :https://caddyserver.com/
手动下载:https://caddyserver.com/download
Github:https://github.com/mholt/caddy
官方脚本安装
curl https://getcaddy.com | bash -s personal
若需安装插件
curl https://getcaddy.com | bash -s personal tls.dns.cloudflare
2.配置caddy
创建配置文件放到 /etc/caddy 目录
sudo mkdir /etc/caddy
sudo touch /etc/caddy/Caddyfile
sudo chown -R root:www-data /etc/caddy
配置ssl证书目录
sudo mkdir /etc/ssl/caddy
sudo chown -R www-data:root /etc/ssl/caddy
sudo chmod 0770 /etc/ssl/caddy
配置网站目录
sudo mkdir /var/www
sudo chown www-data:www-data /var/www
配置 systemd
sudo curl -s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service -o /etc/systemd/system/caddy.service
sudo systemctl daemon-reload
sudo systemctl enable caddy.service
sudo systemctl status caddy.service
创建Caddfile配置文件,修改Caddfile文件
touch /etc/caddy/Caddyfile
vi /etc/caddy/Caddyfile
一个简单的websocket加静态网站配置
example.com {
root /var/www/
tls {
protocols tls1.1 tls1.2
}
proxy /caressr 127.0.0.1:10000 {
websocket
header_upstream -Origin
}
log /var/log/caddy/access.log
}
创建一个简单的HTML页面
echo ‘<h1>Hello World!</h1>’ | sudo tee /var/www/index.html
给log路径赋权
sudo chown www-data:www-data /var/log/caddy
上例是一个简单的websocket加静态网站配置。第一行为自己的域名,tls自动申请let’sencrypt ssl证书,后面可以不加邮箱会,protocols为tls协议版本。Caddfile更多配置详见官网。
3. 通过systemd管理caddy
sudo systemctl start caddy.service
sudo systemctl stop caddy.service
sudo systemctl restart caddy.service
sudo systemctl reload caddy.service
4.防火墙开启http和https端口
sudo firewall-cmd –permanent –zone=public –add-service=http
sudo firewall-cmd –permanent –zone=public –add-service=https
sudo firewall-cmd –reload
