caddy反向代理优化和多站点配置分享
使用场景
源站和反代分开,即源站和反代各一台服务器
系统:Debian12
安装caddy
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
chmod o+r /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy检测是否安装成功
caddy -v配置修改
nano /etc/caddy/Caddyfile我的配置如下
2345.com {
redir https://www.2345.com{uri} permanent
}
www.2345.com {
reverse_proxy 源站服务器ip:80
tls {
protocols tls1.2 tls1.3
}
header {
Permissions-Policy interest-cohort=()
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
Referrer-Policy no-referrer-when-downgrade
-Via
-Alt-Svc
}
log {
output file /var/log/caddy/2345.com.log {
roll_size 10mb
roll_keep 5
}
}
}如果你的站点允许其他站点嵌入,例如播放器啥的,记得把以下配置注释掉
X-Frame-Options DENY最后重启生效
systemctl restart caddy将 Caddy 添加到开机自启
systemctl enable caddy查看Caddy2运行状态
systemctl status caddy多站点配置
修改配置
# 定义可复用的配置片段
(common_config) {
reverse_proxy 源站服务器ip:80
tls {
protocols tls1.2 tls1.3
}
header {
Permissions-Policy interest-cohort=()
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
Referrer-Policy no-referrer-when-downgrade
-Via
-Alt-Svc
}
}
2345.com {
redir https://www.2345.com{uri} permanent
}
www.2345.com {
import common_config
log {
output file /var/log/caddy/2345.com.log {
roll_size 10mb
roll_keep 5
}
}
}
new.example.com {
import common_config
log {
output file /var/log/caddy/new-example.log {
roll_size 10mb
roll_keep 5
}
}
}然后重启
systemctl restart caddy完结。
