Caddy替换Nginx
0. Caddy非常好用而且简洁的反向代理服务器
一个用 Go 写的 Web 服务器,它的配置简洁,同时能自动开启 HTTPS、支持 HTTP/2 && QUIC
备注:我们的环境 CentOS linux 7.2
1. 下载和安装Caddy
]# wget https://github.com/mholt/caddy/releases/download/v0.11.5/caddy_v0.11.5_linux_amd64.tar.gz
]# tar zxvf caddy_v0.11.5_linux_amd64.tar.gz
]# ./caddy -version
Caddy 0.11.5 (+80dfb8b Mon Mar 04 19:50:49 UTC 2019) (unofficial)
1file changed, 1 insertion(+), 1 deletion(-)
caddy/caddymain/run.go
]# sudo cp caddy /usr/local/bin/
]# sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/caddy
2. 注册服务
使用的是官方提供的脚本 caddy.service,直接在解压包中就可以找到
]# cp init/linux-systemd/caddy.service /etc/systemd/system
另外也可以从官方下载
https://github.com/mholt/caddy/blob/master/dist/init/linux-systemd/caddy.service
参考:https://github.com/mholt/caddy/blob/master/dist/init/linux-systemd/README.md
设置完成 /etc/caddy/Caddyfile 和 /etc/ssl/caddy 后再通过
]# systemctl daemon-reload
]# systemctl start caddy.service //启动
]# systemctl enable caddy.service //开机启动
]# systemctl stop caddy.service //停止
]# systemctl restart caddy.service //重启
]# systemctl status caddy.service -l //查看状态
3. 创建用户和建立目录
为了安全起见,我们创建www-data用户和用户组
]# groupadd www-data
]# useradd -M -g www-data www-data
上面创建了三个目录, /etc/caddy 用了存放 Caddy 的配置文件, /etc/ssl/caddy 存放证书, /var/www 是默认的网站目录。
]# sudo mkdir /etc/caddy
]# sudo chown -R root:www-data /etc/caddy
]# sudo touch /etc/caddy/Caddyfile
]# sudo mkdir /etc/ssl/caddy
]# sudo chown -R www-data:root /etc/ssl/caddy
]# sudo chmod 0755 /etc/ssl/caddy
]# sudo mkdir /var/www
]# sudo chown www-data:www-data /var/www
4. 配置 /etc/caddy/Caddyfile
比如本人博客域名到内部服务反向代理:
www.michaelapp.com {
proxy / 127.0.0.1:2000
tls <Your Email>
}
ftps.michaelapp.com {
proxy / 127.0.0.1:9000 {
header_upstream X-Forwarded-Proto {scheme}
header_upstream X-Forwarded-Host {host}
header_upstream Host {host}
health_check /minio/health/ready
}
tls <Your Email>
}
5. 运行
]# systemctl daemon-reload
]# systemctl enable caddy.service //开机启动
]# systemctl restart caddy.service //重启