caddy官方脚本一键安装与使用

1.caddy一键脚本安装

caddy官网 :https://caddyserver.com/

手动下载:https://caddyserver.com/download

Github:https://github.com/mholt/caddy

官方脚本安装

curl https://getcaddy.com | bash -s personal

若需安装插件

curl https://getcaddy.com | bash -s personal tls.dns.cloudflare

2.配置caddy

创建配置文件放到 /etc/caddy 目录

sudo mkdir /etc/caddy

sudo touch /etc/caddy/Caddyfile

sudo chown -R root:www-data /etc/caddy

配置ssl证书目录

sudo mkdir /etc/ssl/caddy

sudo chown -R www-data:root /etc/ssl/caddy

sudo chmod 0770 /etc/ssl/caddy

配置网站目录

sudo mkdir /var/www

sudo chown www-data:www-data /var/www

配置 systemd

sudo curl -s  https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service  -o /etc/systemd/system/caddy.service

sudo systemctl daemon-reload

sudo systemctl enable caddy.service

sudo systemctl status caddy.service

创建Caddfile配置文件,修改Caddfile文件

touch /etc/caddy/Caddyfile

vi /etc/caddy/Caddyfile

一个简单的websocket加静态网站配置

example.com {

    root /var/www/

    tls {

        protocols tls1.1 tls1.2

    }

    proxy /caressr 127.0.0.1:10000 {

        websocket

        header_upstream -Origin

    }

    log /var/log/caddy/access.log

}

创建一个简单的HTML页面

echo '<h1>Hello World!</h1>' | sudo tee /var/www/index.html

给log路径赋权

sudo chown www-data:www-data /var/log/caddy

上例是一个简单的websocket加静态网站配置。第一行为自己的域名,tls自动申请let’sencrypt ssl证书,后面可以不加邮箱会,protocols为tls协议版本。Caddfile更多配置详见官网。

3. 通过systemd管理caddy

sudo systemctl start caddy.service

sudo systemctl stop caddy.service

sudo systemctl restart caddy.service

sudo systemctl reload caddy.service

4.防火墙开启http和https端口

sudo firewall-cmd --permanent --zone=public --add-service=http

sudo firewall-cmd --permanent --zone=public --add-service=https

sudo firewall-cmd --reload

推荐阅读更多精彩内容