NotePublic/Software/Applications/Caddy/Caddy_的使用.md

# Caddy 的使用

从 Caddy 官网下载对应系统的 caddy 程序，配置需要使用的插件，也可以从官网获得更详细指导信息。

编写系统服务，内容如下

```sh
[Unit]
Description=Caddy
After=syslog.target
After=network.target
#After=mysqld.service
#After=postgresql.service
#After=memcached.service
#After=redis.service

[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=<UserName>
Group=<UserName>
WorkingDirectory=/home/<UserName>/bin/caddy
ExecStart=/home/<UserName>/bin/caddy/caddy -conf /home/<UserName>/bin/caddy/Caddyfile
Restart=always
Environment=USER=<UserName> HOME=/home/<UserName> GITEA_WORK_DIR=/home/<UserName>/bin/caddy
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target
```

然后使用 systemctl 进行使能和开启。  

Caddyfile 文件内容如下

```sh
10.20.0.33:2080/acrn/ {
    root  /home/autoai/Workspace/Caddy/repo/projectacrn.github.io
    index index.html
    git {
        repo      git@github.com:projectacrn/projectacrn.github.io.git
        path      /home/autoai/Workspace/Caddy/repo/projectacrn.github.io
        branch    master
        key       /home/autoai/.ssh/id_rsa
        interval  172800
    }
}

10.20.0.33:2080/sbl/ {
    root  /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io
    index index.html
    git {
        repo      git@github.com:slimbootloader/slimbootloader.github.io.git
        path      /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io
        branch    master
        key       /home/autoai/.ssh/id_rsa
        interval  172800
    }
}

10.20.0.33:2080/celadon/ {
    root  /home/autoai/Workspace/Caddy/repo/celadon-documentation/_build/html
    index index.html
    git {
        repo      git@github.com:projectceladon/celadon-documentation.git
        path      /home/autoai/Workspace/Caddy/repo/celadon-documentation
        branch    master
        key       /home/autoai/.ssh/id_rsa
        interval  172800
        then      make html
    }
}

10.20.0.33:2080/download.clearlinux/ {
    root  /home/autoai/Workspace/Caddy/repo/download.clearlinux.org
    index index.html
}
```

## HTTPS

TLS 必须满足以下要求才能保证 HTTPS 功能正常：  

* The hostname:
  * is not empty
  * is not localhost
  * is not an IP address
  * has no more than 1 wildcard (*)
  * wildcard must be left-most label
* The port is not explicitly 80
* The scheme is not explicitly http
* TLS is not turned off in site's definition
* Certificates and keys are not provided by you
* Caddy is able to bind to ports 80 and 443 (unless you use the DNS challenge)

## 修改 self signed 期限

修改如下代码：  

```go
selfsigned.go:47:notAfter = notBefore.Add(24 * time.Hour * 7)
```
新建文件 Software/Application/Caddy_的使用.md 2018-11-27 15:10:17 +08:00			`# Caddy 的使用`

			`从 Caddy 官网下载对应系统的 caddy 程序，配置需要使用的插件，也可以从官网获得更详细指导信息。`

			`编写系统服务，内容如下`

			```sh
			`[Unit]`
			`Description=Caddy`
			`After=syslog.target`
			`After=network.target`
			`#After=mysqld.service`
			`#After=postgresql.service`
			`#After=memcached.service`
			`#After=redis.service`

			`[Service]`
			`# Modify these two values and uncomment them if you have`
			`# repos with lots of files and get an HTTP error 500 because`
			`# of that`
			`###`
			`#LimitMEMLOCK=infinity`
			`#LimitNOFILE=65535`
			`RestartSec=2s`
			`Type=simple`
			`User=<UserName>`
			`Group=<UserName>`
			`WorkingDirectory=/home/<UserName>/bin/caddy`
			`ExecStart=/home/<UserName>/bin/caddy/caddy -conf /home/<UserName>/bin/caddy/Caddyfile`
			`Restart=always`
			`Environment=USER=<UserName> HOME=/home/<UserName> GITEA_WORK_DIR=/home/<UserName>/bin/caddy`
			`# If you want to bind Gitea to a port below 1024 uncomment`
			`# the two values below`
			`###`
			`#CapabilityBoundingSet=CAP_NET_BIND_SERVICE`
			`#AmbientCapabilities=CAP_NET_BIND_SERVICE`

			`[Install]`
			`WantedBy=multi-user.target`
			```

			`然后使用 systemctl 进行使能和开启。`

			`Caddyfile 文件内容如下`

			```sh
			`10.20.0.33:2080/acrn/ {`
			`root /home/autoai/Workspace/Caddy/repo/projectacrn.github.io`
			`index index.html`
			`git {`
			`repo git@github.com:projectacrn/projectacrn.github.io.git`
			`path /home/autoai/Workspace/Caddy/repo/projectacrn.github.io`
			`branch master`
			`key /home/autoai/.ssh/id_rsa`
			`interval 172800`
			`}`
			`}`

			`10.20.0.33:2080/sbl/ {`
			`root /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io`
			`index index.html`
			`git {`
			`repo git@github.com:slimbootloader/slimbootloader.github.io.git`
			`path /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io`
			`branch master`
			`key /home/autoai/.ssh/id_rsa`
			`interval 172800`
			`}`
			`}`

			`10.20.0.33:2080/celadon/ {`
			`root /home/autoai/Workspace/Caddy/repo/celadon-documentation/_build/html`
			`index index.html`
			`git {`
			`repo git@github.com:projectceladon/celadon-documentation.git`
			`path /home/autoai/Workspace/Caddy/repo/celadon-documentation`
			`branch master`
			`key /home/autoai/.ssh/id_rsa`
			`interval 172800`
			`then make html`
			`}`
			`}`

			`10.20.0.33:2080/download.clearlinux/ {`
			`root /home/autoai/Workspace/Caddy/repo/download.clearlinux.org`
			`index index.html`
			`}`
			```
补充关于 HTTPS 的说明 2019-07-16 14:24:36 +08:00
			`## HTTPS`

			`TLS 必须满足以下要求才能保证 HTTPS 功能正常：`

			`* The hostname:`
			`* is not empty`
			`* is not localhost`
			`* is not an IP address`
			`* has no more than 1 wildcard (*)`
			`* wildcard must be left-most label`
			`* The port is not explicitly 80`
			`* The scheme is not explicitly http`
			`* TLS is not turned off in site's definition`
			`* Certificates and keys are not provided by you`
			`* Caddy is able to bind to ports 80 and 443 (unless you use the DNS challenge)`
补充 self signed 期限 2019-07-16 16:33:49 +08:00
			`## 修改 self signed 期限`

			`修改如下代码：`

			```go
			`selfsigned.go:47:notAfter = notBefore.Add(24 * time.Hour * 7)`
			```