使用场景
源站和反代分开,即源站和反代各一台服务器
系统:Debian12
安装caddy
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curlcurl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpgcurl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.listchmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpgchmod o+r /etc/apt/sources.list.d/caddy-stable.listsudo apt updatesudo apt install caddy检测是否安装成功
caddy -v配置修改
nano /etc/caddy/Caddyfile我的配置如下
2345.com { redir https://www.2345.com{uri} permanent}www.2345.com { reverse_proxy 源站服务器ip:80 tls { protocols tls1.2 tls1.3 } header { Permissions-Policy interest-cohort=() Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options DENY Referrer-Policy no-referrer-when-downgrade -Via -Alt-Svc } log { output file /var/log/caddy/2345.com.log { roll_size 10mb roll_keep 5 } }}如果你的站点允许其他站点嵌入,例如播放器啥的,记得把以下配置注释掉
X-Frame-Options DENY最后重启生效
systemctl restart caddy将 Caddy 添加到开机自启
systemctl enable caddy查看Caddy2运行状态
systemctl status caddy多站点配置
修改配置
# 定义可复用的配置片段(common_config) { reverse_proxy 源站服务器ip:80 tls { protocols tls1.2 tls1.3 } header { Permissions-Policy interest-cohort=() Strict-Transport-Security max-age=31536000; X-Content-Type-Options nosniff X-Frame-Options DENY Referrer-Policy no-referrer-when-downgrade -Via -Alt-Svc }}2345.com { redir https://www.2345.com{uri} permanent}www.2345.com { import common_config log { output file /var/log/caddy/2345.com.log { roll_size 10mb roll_keep 5 } }}new.example.com { import common_config log { output file /var/log/caddy/new-example.log { roll_size 10mb roll_keep 5 } }}然后重启
systemctl restart caddy完结。
评论 (0)