NotePublic/Software/Applications/Caddy/Caddy_的使用.md

# Caddy 的使用

从 Caddy 官网下载对应系统的 caddy 程序，配置需要使用的插件，也可以从官网获得更详细指导信息。

编写系统服务，内容如下

```ini
[Unit]
Description=Caddy
After=syslog.target
After=network.target
#After=mysqld.service
#After=postgresql.service
#After=memcached.service
#After=redis.service

[Service]
# Modify these two values and uncomment them if you have
# repos with lots of files and get an HTTP error 500 because
# of that
###
#LimitMEMLOCK=infinity
#LimitNOFILE=65535
RestartSec=2s
Type=simple
User=<UserName>
Group=<UserName>
WorkingDirectory=/home/<UserName>/bin/caddy
ExecStart=/home/<UserName>/bin/caddy/caddy run -config /home/<UserName>/bin/caddy/Caddyfile
Restart=always
Environment=USER=<UserName> HOME=/home/<UserName> GITEA_WORK_DIR=/home/<UserName>/bin/caddy
# If you want to bind Gitea to a port below 1024 uncomment
# the two values below
###
#CapabilityBoundingSet=CAP_NET_BIND_SERVICE
#AmbientCapabilities=CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target
```

然后使用 systemctl 进行使能和开启。

Caddyfile 文件内容如下

```ini
# Hugo 博客,使用 /home/rick/WebSer/Hugo/public/index.html 文件
:8004 {
    root * /home/rick/WebSer/Hugo/public
    file_server
}
# 文件浏览
:6005 {
    root * ./
    file_server browse
}
```

其中：

* root：The root path of the site.
* file_server：A static file server. It works by appending the request's URI path to the site's root path.
  * browse：enables file listings for requests to directories that do not have an index file.

## HTTPS

TLS 必须满足以下要求才能保证 HTTPS 功能正常：

* The hostname:
  * is not empty
  * is not localhost
  * is not an IP address
  * has no more than 1 wildcard (*)
  * wildcard must be left-most label
* The port is not explicitly 80
* The scheme is not explicitly http
* TLS is not turned off in site's definition
* Certificates and keys are not provided by you
* Caddy is able to bind to ports 80 and 443 (unless you use the DNS challenge)

## 修改 self signed 期限

修改如下代码：

```go
selfsigned.go:47:notAfter = notBefore.Add(24 * time.Hour * 7)
```