Caddy (web server)

From David's Wiki
Revision as of 00:08, 26 April 2022 by David (talk | contribs) (→‎HTTP3)
\( \newcommand{\P}[]{\unicode{xB6}} \newcommand{\AA}[]{\unicode{x212B}} \newcommand{\empty}[]{\emptyset} \newcommand{\O}[]{\emptyset} \newcommand{\Alpha}[]{Α} \newcommand{\Beta}[]{Β} \newcommand{\Epsilon}[]{Ε} \newcommand{\Iota}[]{Ι} \newcommand{\Kappa}[]{Κ} \newcommand{\Rho}[]{Ρ} \newcommand{\Tau}[]{Τ} \newcommand{\Zeta}[]{Ζ} \newcommand{\Mu}[]{\unicode{x039C}} \newcommand{\Chi}[]{Χ} \newcommand{\Eta}[]{\unicode{x0397}} \newcommand{\Nu}[]{\unicode{x039D}} \newcommand{\Omicron}[]{\unicode{x039F}} \DeclareMathOperator{\sgn}{sgn} \def\oiint{\mathop{\vcenter{\mathchoice{\huge\unicode{x222F}\,}{\unicode{x222F}}{\unicode{x222F}}{\unicode{x222F}}}\,}\nolimits} \def\oiiint{\mathop{\vcenter{\mathchoice{\huge\unicode{x2230}\,}{\unicode{x2230}}{\unicode{x2230}}{\unicode{x2230}}}\,}\nolimits} \)

Caddy is a webserver which is much simpler to configure than Apache and is supposedly just as fast as nginx. It handles HTTPS automatically and can be used as a reverse proxy or load balancer.

Advantages of Caddy:

  • Much simpler configuration with sane defaults (e.g. no directory listing).
  • Automatic HTTPS (redirect, public certificates, self-signed certificates)
  • Automatic HTTP/2

This article is about Caddy v2.

Note that caddy does not support .htaccess which is only supported in Apache.

Caddyfile

Reverse Proxy

Just use the reverse_proxy directive.
By default, this will automatically preserve headers.
Things like websockets will work automatically. 

gitlab.example.com {
  encode zstd gzip
  reverse_proxy localhost:8001
}


To HTTPS

If you are reverse proxying to another HTTPS, you may need to specify the SNI as follows: 

dev2.davidl.me {
  reverse_proxy https://192.168.1.41 {
    transport http {
      tls_server_name dev2.davidl.me
    }
  }
}
  • Try this if you get 502 errors.

Only Local

  @localnet remote_ip 127.0.0.1 192.168.0.0/16
  @notlocalnet not remote_ip 127.0.0.1 192.168.0.0/16

PHP

  1. Install php-fpm
  2. Modify /etc/php/7.4/fpm/pool.d/www.conf to listen on a socket (e.g. 9000)
example.com {
  root * /var/www/wordpress
  encode zstd gzip
  php_fastcgi unix//run/php/php-version-fpm.sock
  file_server
}

Notes

  • If you prefer to use a UNIX socket, you can use php_fastcgi unix//var/run/php/php7.4-fpm.sock

HTTP3

Experimental HTTP3 support can be enabled by adding the following to your Caddyfile.
Note that HTTP3/QUIC uses UDP which needs to be allowed in your firewall and port forwarded through any NATs.

{ 
  servers {
    protocol {
      experimental_http3
    }
  }
}
Retrieved from "https://wiki.davidl.me/index.php?title=Caddy_(web_server)&oldid=5874"