Caddy

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

Caddy 2 is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go.

간편하게 Let's Encrypt 연결이 가능하고 리버스 프록시가 쉽다.

Install

Stable releases:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

근데 위 방법보단 그냥 docker 이미지 사용하자:

docker pull caddy

Caddyfile

파일 위치는 /etc/caddy/Caddyfile 확인.

Let's Encrypt 성공한 마지막 Caddyfile 셋팅

# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

#:80 {
#       # Set this path to your site's directory.
#       root * /usr/share/caddy
#
#       # Enable the static file server.
#       file_server
#
#       # Another common task is to set up a reverse proxy:
#       # reverse_proxy localhost:8080
#
#       # Or serve a PHP site through php-fpm:
#       # php_fastcgi localhost:9000
#}

# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile

{
    email [email protected]
}

api.domain.run {
    tls {
        alpn "h2" "http/1.1"
    }
    reverse_proxy * 192.168.100.100:8080
}

demo.domain.run {
    tls {
        alpn "h2" "http/1.1"
    }
    reverse_proxy * 192.168.100.101:8080
}

test0.domain.run {
    tls {
        alpn "h2" "http/1.1"
    }
    reverse_proxy * 192.168.100.102:8080
}

test1.domain.run {
    tls {
        alpn "h2" "http/1.1"
    }
    reverse_proxy * 192.168.100.103:8080
}

Directives

Caddyfile Directives — Caddy Documentation

forward_auth

forward_auth (Caddyfile directive) — Caddy Documentation

reverse_proxy

reverse_proxy (Caddyfile directive) — Caddy Documentation

Docker example

How To Set Up A Reverse Proxy With Free SSL Using Caddy

version: '3'
services:
  caddy:
    image: caddy
    ports: 
      - "80:80"
      - "443:443"
    networks:
      - caddy-net
    volumes:
      - ./caddy/data/:/data/
      - ./caddy/config/:/config/
      - ./caddy/Caddyfile:/etc/caddy/Caddyfile

  frontend:
    container_name: frontend
    image: ghcr.io/<username>/<image-name>:latest
    networks:
      - caddy-net

networks:
  caddy-net:

Caddyfile:

{
    email <[email protected]>
}

<domain.tld> {
    reverse_proxy http://frontend:8000
}