Reverse Proxy: Caddy

[hhstore]

📖 Abstract:

• ✅ Caddy 负载均衡/反向代理, 配置教程.

💯 Related:

• ✅ #427
• ✅ #267

反向代理 & 负载均衡:

• ✅ #31

域名解析:

• ✅ #333
• ✅ #409 : 二级域名解析 & 配置.

域名购买:

• ✅ #293

[hhstore]

Caddy - 负载均衡器 & 反向代理

Caddy 官方:

• https://caddyserver.com/
• go 项目
• 替代 nginx
• 配置简单 + 易用

文档:

英文:

• https://caddyserver.com/docs/getting-started

中文文档:

• https://caddy2.dengxiaolong.com/docs/quick-starts/caddyfile

安装 caddy:

• https://caddyserver.com/docs/install

Ubuntu 安装:

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

docker 镜像:

• https://hub.docker.com/_/caddy

docker pull caddy

### 示例: 

- v1 示例: https://github.com/caddyserver/examples
- v2 示例: https://caddy.community/c/wiki/13

[hhstore]

示例配置:

(common_headers) {
  encode gzip
}
(secure_headers) {
  header {
    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    X-Frame-Options SAMEORIGIN
    X-Content-Type-Options nosniff
  }
}

#
# ref: https://caddy2.dengxiaolong.com/docs/caddyfile/directives/reverse_proxy
#

:80 {
  import common_headers
  import secure_headers

  #
  # frp:
  #
  reverse_proxy / 127.0.0.1:8080 {
  }

  #
  # api:
  #
  #reverse_proxy /api/* 127.0.0.1:9999 {
  #}
  handle_path /api* {
    reverse_proxy 127.0.0.1:9999
  }

  #
  # admin: 匹配 / 后缀问题
  #
  handle_path /admin* {
    reverse_proxy 127.0.0.1:7500
  }
}

参考:

• https://mritd.com/2021/01/07/lets-start-using-caddy2/
• https://cloud.tencent.com/developer/article/2148186

[hhstore]

caddy:

配置示例:

• https://github.com/caddyserver/examples
  • 各种配置示例文件

ref:

• 中文文档: https://docs.getcaddy.cn/

• https://laravel-china.org/topics/5896/caddy-chinese-document-translation-bring-https-http2-install-as-long-as-10-seconds-artifact

• https://tonybai.com/2015/06/04/caddy-a-web-server-in-go/

• https://zhuanlan.zhihu.com/p/25850060

www.{$DOMAIN_NAME} {
    redir https://dax.btcc.com
}

{$DOMAIN_NAME} {
    proxy / django:5000 {
        header_upstream Host {host}
        header_upstream X-Real-IP {remote}
        header_upstream X-Forwarded-Proto {scheme}
    }
    log stdout
    errors stdout
    gzip
}

[hhstore]

caddy:

• 插件下载: https://caddyserver.com/download

插件:

限速:

• http.ratelimit
• 限速: https://caddyserver.com/docs/http.ratelimit

curl https://getcaddy.com | bash -s http.ratelimit

# 规则:

ratelimit methods rate burst unit {
    whitelist CIDR
    resources
}

// 限制客户端每秒最多对于 /r 资源发起两个请求，突发上限最多为 3 个
ratelimit /r 2 3 second

ratelimit rate burst unit {
    resources
}

// 限制对于资源文件的访问时长为 2 分钟
ratelimit 2 2 minute {
    /foo.html
    /dir
}

• 示例配置:

:2016 {

    root {$GOPATH}/src/github.com/xuqingfeng/caddy-rate-limit/test_site
    browse /
    ext .html
    log stdout
    errors stderr

    ratelimit * /s 1 2 second
    ratelimit get,post /m 2 3 minute
    ratelimit delete /i 2 3 infinite
    ratelimit get ^/m/u 1 1 minute

    ratelimit get 1 2 second {
        whitelist 127.0.0.1/32
        whitelist 10.10.2.15/32
        /static
    }

}

RPC支持:

• grpc:

curl https://getcaddy.com | bash -s http.grpc

[hhstore]

1

[hhstore]

1