Shulou(Shulou.com)06/03 Report--

Recently, I discovered a HTTP server developed by golang, called Caddy, which is so easy to configure that it can even configure a server that supports http2 in 28 seconds, and supports a variety of new http features earlier (such as http2 and quic).

Installation

Anyone who has used golang should know that golang programs basically do not have all kinds of dependencies. They are all executable programs. Even if the installation of cp to / usr/local/bin is completed, so it is very easy to install caddy. I give three methods.

Script installs curl-s https://getcaddy.com | bash

Caddy officially gives an installation script, which can be installed with one click by executing the above command. When the execution is finished, using which caddy, you can see that caddy has been installed to / usr/local/bin/caddy.

Manual installation

Click the https://caddyserver.com/download link to go to the download interface of the caddy official website. On the left side of the page, you can select the platform and plug-ins. If you use it on the Linux server, platform can choose Linux 64-bit. If plugins is not needed for the time being, you can opt out. Then click the DOWNLOAD button below and download it to caddy. Similarly, after unzipping, use the cp command to put it in / usr/local/bin/caddy to complete the installation.

Source code installation go get github.com/mholt/caddy/caddy

For students who have installed the golang compiler, you only need to execute go get to get to $GOPATH/bin, and whether you cp to / usr/local/bin depends on your mood. Using source code installation, you can install to the latest version of caddy, which is generally up-to-date in functionality, and because it is locally compiled, the performance may be slightly higher, but there may be instability.

Configure a temporary file server

The configuration file of Caddy is called Caddyfile. Caddy does not force you to put the configuration file in a specific folder. By default, you can run by putting Caddyfile in the current directory, as follows:

Echo 'localhost:8888' > > Caddyfileecho' gzip' > > Caddyfileecho 'browse' > > Caddyfilecaddy

Execute the above code in any directory, then open http://localhost:8888 in the browser and find that caddy has started a file server. When a fileserver is temporarily needed (such as sharing files), it is convenient to use caddy.

Use in production environment

Of course, when you use it in a production environment, you can't put the configuration files in the current directory so hastily, usually in / etc/caddy.

Sudo mkdir / etc/caddysudo touch / etc/caddy/Caddyfilesudo chown-R root:www-data / etc/caddy

In addition to the configuration file, caddy automatically generates ssl certificates and requires a folder to place ssl certificates.

Sudo mkdir / etc/ssl/caddysudo chown-R www-data:root / etc/ssl/caddysudo chmod 0770 / etc/ssl/caddy

Because the private key is placed in the ssl folder, the permission is set to 770 to prevent other users from accessing it.

Finally, create the directory where you put the Web site files, and if you already have one, you don't need to create it.

Sudo mkdir / var/wwwsudo chown www-data:www-data / var/www

After creating these files and directories, we need to configure caddy as a service so that it can be booted and run automatically and is easy to manage. Since most distributions now use systemd, I'll only talk about how to configure systemd, but caddy also supports configuration to the original sysvinit service, as shown here.

Sudo curl-s https://raw.githubusercontent.com/mholt/caddy/master/dist/init/linux-systemd/caddy.service-o / etc/systemd/system/caddy.service # download systemd configuration file from github sudo systemctl daemon-reload # reload systemd configuration sudo systemctl enable caddy.service # set caddy service self-startup sudo systemctl status caddy.service # View caddy status Caddyfile

Once the basic installation configuration is in place, the most important thing is how to write Caddyfile. You can directly vim / etc/caddy/Caddyfile to modify the Caddyfile, or you can change it on your own computer and then rsync it to the server. If you modify the Caddyfile and find that it does not work, you need to execute sudo systemctl restart caddy.service to restart caddy.

Format of Caddyfile

The format of Caddfile is relatively simple. First of all, the first line must be the address of the website, for example:

Localhost:8080 or lengzzz.com

If the address can be marked with a port number, caddy will only open the http service on this port, not https. If you do not write the port number, caddy will bind ports 80 and 443 by default, and start http and https services at the same time.

The address can be followed by a bunch of instructions (directive). This is the basic format of Caddyfile, which consists of a website address and instructions. It is not very simple.

Instruction

The function of the directive is to turn on certain functions for the website. There are three formats of instructions. Let's start with the simplest instructions without parameters, such as:

Railgun.moe # Yes, the domain name with the moe suffix can also be gzip.

The gzip on the second line is a command that turns on gzip compression so that the site can reduce traffic when transmitting web pages.

The second instruction format is an instruction with simple parameters:

Railgun.moe gzip log/ var/log/caddy/access.log tls lengz@lengzzz.com root / var/www/

The third line, the log instruction will enable the log function for the website, and the parameters after the log instruction tell caddy log where the file is stored. The fourth line of the tls directive tells caddy to open https for the website and automatically apply for a certificate, followed by the email parameter informing the CA applicant's mailbox. (caddy will use let's encrypt to apply for a certificate and renew the contract by default, isn't it convenient?)

In addition, there may be more than one simple parameter, such as the redir instruction:

Railgun.moegziplog / var/log/caddy/access.logtls / etc/ssl/cert.pem / etc/ssl/key.pemroot / var/www/redir / https://lengzzz.com/archive/{uri} 301

The above redir directive takes three parameters, which means to redirect all requests to https://lengzzz.com/archive/xxx, which is useful when changing domain names for websites. In addition, the tls instruction has changed, not only passing a parameter email, but passing the path of the certificate and the private key respectively, so that caddy will not automatically apply for the certificate, but use the certificate given by the path.

Placeholders such as {uri} are also used in this example, and a detailed list can be found here: https://caddyserver.com/docs/placeholders.

The last instruction takes complex parameters, which may contain a lot of parameters, so you need to wrap them in a pair of curly braces, such as the header instruction:

Railgun.moegziplog / var/log/caddy/access.logtls lengz@lengzzz.comroot / var/www/header / api {Access-Control-Allow-Origin * Access-Control-Allow-Methods "GET, POST, OPTIONS"-Server} fastcgi / 127.0.0.1 api 9000 php {index index.php} rewrite {to {path} {path} / / index.php? {query}}

Lines 6-10 of the header instruction represent the addition of Access-Control-Allow-Origin and Access-Control-Allow-Methods to all / api/xxx requests to support javascript cross-domain access, and line 9 represents the deletion of Server header to prevent others from seeing the server type.

11-13 uses the fastcgi instruction, which means to send the request to back-end programs such as php,ruby through fastcgi.

Lines 14-15, using the rewrite directive, redirects the server internally to the following parameter to, followed by three more parameters, which are somewhat similar to nginx's try_files. Tell caddy to check if there are any files corresponding to {path} in the root directory / var/www of the URL, and if there is no such directory as {path}, then forward them to the index.php entry file. This feature is generally used on PHP's MVC framework.

With the improvement of this Caddyfile step by step, the current version of Caddyfaile can be used directly in the website.

Multi-HOST website

What I just said has always been the URL of a single domain name, what if a website with multiple domain names is deployed on the same server? Simply, you only need to expand the domain name with a curly bracket, as follows:

Railgun.moe {gziplog / var/log/caddy/railgun_moe.logtls lengz@lengzzz.comroot / var/www/header / api {Access-Control-Allow-Origin * Access-Control-Allow-Methods "GET, POST, OPTIONS"-Server} fastcgi / 127.0.0.1 9000 php {index index.php} rewrite {to {path} {path} / / index.php? {query}} lengzzz.com {tls lengz@lengzzz.comlog / var/log/caddy/lengzzz_com.logredir / Server 301}

All right, these are the basic caddy configurations. For details, you can read the documentation on the official website to learn.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.