# Caddy 的使用 从 Caddy 官网下载对应系统的 caddy 程序,配置需要使用的插件,也可以从官网获得更详细指导信息。 编写系统服务,内容如下 ```ini [Unit] Description=Caddy After=syslog.target After=network.target #After=mysqld.service #After=postgresql.service #After=memcached.service #After=redis.service [Service] # Modify these two values and uncomment them if you have # repos with lots of files and get an HTTP error 500 because # of that ### #LimitMEMLOCK=infinity #LimitNOFILE=65535 RestartSec=2s Type=simple User= Group= WorkingDirectory=/home//bin/caddy ExecStart=/home//bin/caddy/caddy -conf /home//bin/caddy/Caddyfile Restart=always Environment=USER= HOME=/home/ GITEA_WORK_DIR=/home//bin/caddy # If you want to bind Gitea to a port below 1024 uncomment # the two values below ### #CapabilityBoundingSet=CAP_NET_BIND_SERVICE #AmbientCapabilities=CAP_NET_BIND_SERVICE [Install] WantedBy=multi-user.target ``` 然后使用 systemctl 进行使能和开启。 Caddyfile 文件内容如下 ```ini 10.20.0.33:2080/acrn/ { root /home/autoai/Workspace/Caddy/repo/projectacrn.github.io index index.html git { repo git@github.com:projectacrn/projectacrn.github.io.git path /home/autoai/Workspace/Caddy/repo/projectacrn.github.io branch master key /home/autoai/.ssh/id_rsa interval 172800 } } 10.20.0.33:2080/sbl/ { root /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io index index.html git { repo git@github.com:slimbootloader/slimbootloader.github.io.git path /home/autoai/Workspace/Caddy/repo/slimbootloader.github.io branch master key /home/autoai/.ssh/id_rsa interval 172800 } } 10.20.0.33:2080/celadon/ { root /home/autoai/Workspace/Caddy/repo/celadon-documentation/_build/html index index.html git { repo git@github.com:projectceladon/celadon-documentation.git path /home/autoai/Workspace/Caddy/repo/celadon-documentation branch master key /home/autoai/.ssh/id_rsa interval 172800 then make html } } 10.20.0.33:2080/download.clearlinux/ { root /home/autoai/Workspace/Caddy/repo/download.clearlinux.org index index.html } ``` ## HTTPS TLS 必须满足以下要求才能保证 HTTPS 功能正常: * The hostname: * is not empty * is not localhost * is not an IP address * has no more than 1 wildcard (*) * wildcard must be left-most label * The port is not explicitly 80 * The scheme is not explicitly http * TLS is not turned off in site's definition * Certificates and keys are not provided by you * Caddy is able to bind to ports 80 and 443 (unless you use the DNS challenge) ## 修改 self signed 期限 修改如下代码: ```go selfsigned.go:47:notAfter = notBefore.Add(24 * time.Hour * 7) ```