Caddy (web server): Difference between revisions

From David's Wiki
No edit summary
 
Line 1: Line 1:
* [https://caddyserver.com/ Website]
* [https://caddyserver.com/ Website]


Caddy is a webserver which is much simpler to configure than Apache and is supposedly just as fast as nginx.
Caddy is a webserver with automatic HTTPS and modern defaults (e.g. http2, websocket support).
It handles HTTPS automatically and can be used as a reverse proxy or load balancer.
 
Advantages of Caddy:
* Much simpler configuration with sane defaults (e.g. no directory listing).
* Automatic HTTPS (redirect, public certificates, self-signed certificates)
* Automatic HTTP/2
 
This article is about Caddy v2.
This article is about Caddy v2.
Note that caddy does not support <code>.htaccess</code> which is only supported in Apache.
Note that caddy does not support <code>.htaccess</code> which is only supported in Apache.


Line 49: Line 41:
==PHP==
==PHP==
# Install <code>php-fpm</code>
# Install <code>php-fpm</code>
# Modify <code>/etc/php/7.4/fpm/pool.d/www.conf</code> to listen on a socket (e.g. 9000)
# Modify <code>/etc/php/7.4/fpm/pool.d/www.conf</code> to listen on a socket or port (e.g. 9000)
<pre>
<pre>
example.com {
example.com {

Latest revision as of 15:25, 25 July 2022

Caddy is a webserver with automatic HTTPS and modern defaults (e.g. http2, websocket support). This article is about Caddy v2. Note that caddy does not support .htaccess which is only supported in Apache.

Caddyfile

Reverse Proxy

Just use the reverse_proxy directive.
By default, this will automatically preserve headers.
Things like websockets will work automatically.

gitlab.example.com {
  encode zstd gzip
  reverse_proxy localhost:8001
}


To HTTPS

If you are reverse proxying to another HTTPS, you may need to specify the SNI as follows:

dev2.davidl.me {
  reverse_proxy https://192.168.1.41 {
    transport http {
      tls_server_name dev2.davidl.me
    }
  }
}
  • Try this if you get 502 errors.

Only Local

  @localnet remote_ip 127.0.0.1 192.168.0.0/16
  @notlocalnet not remote_ip 127.0.0.1 192.168.0.0/16

PHP

  1. Install php-fpm
  2. Modify /etc/php/7.4/fpm/pool.d/www.conf to listen on a socket or port (e.g. 9000)
example.com {
  root * /var/www/wordpress
  encode zstd gzip
  php_fastcgi unix//run/php/php-version-fpm.sock
  file_server
}

Notes

  • If you prefer to use a UNIX socket, you can use php_fastcgi unix//var/run/php/php7.4-fpm.sock

HTTP3

Experimental HTTP3 support can be enabled by adding the following to your Caddyfile.
Note that HTTP3/QUIC uses UDP which needs to be allowed in your firewall and port forwarded through any NATs.

{ 
  servers {
    protocol {
      experimental_http3
    }
  }
}