Caddy服务器配置

安装Caddy

在两台服务器上分别执行以下命令安装Caddy：

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
chmod o+r /usr/share/keyrings/caddy-stable-archive-keyring.gpg
chmod o+r /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

✅验证安装

安装完成后，验证Caddy版本：

caddy -v

⚙️配置Caddyfile

编辑Caddy配置文件：

nano /etc/caddy/Caddyfile

源站服务器配置示例：

/etc/caddy/Caddyfile (源站)

# 源站服务器配置
https://origin.example.com {
    root * /var/www/html
    file_server
    encode gzip
    
    # 只允许来自反代服务器的访问
    @blocked not remote_ip 192.168.1.20
    respond @blocked 403
    
    log {
        output file /var/log/caddy/access.log
    }
}

反代服务器配置示例：

/etc/caddy/Caddyfile (反代)

# 反代服务器配置
https://www.example.com {
    reverse_proxy https://origin.example.com {
        header_up X-Real-IP {remote_host}
    }
    
    # 启用压缩
    encode gzip
    
    # TLS设置
    tls {
        ciphers TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    }
    
    log {
        output file /var/log/caddy/access.log
    }
}

🚀启动服务

配置完成后，启动Caddy服务：

sudo systemctl enable caddy
sudo systemctl start caddy
sudo systemctl status caddy