前言
作为一个天天学习的好同学,我相信你也一定知道Caddy
如果还不知道,可以自挂东南枝了=。=
简单说一下优缺点吧
优点:备案过的域名可以自动签证,无需单独购买和配置https证书!配置简单!性能高!
缺点:底层是go语言,网上相关资料特别是Caddyfile的配置案例比较少。
好了,话不多说。
今天我要分享的是用Caddy2做代理,以及做图片服务器。
配置
首先,基于docker
第一步,在 /etc/caddy 目录下创建Caddyfile文件,并添加以下配置
www.aaaa.com {
log {
output stdout
}
file_server /images/* {
root /
}
reverse_proxy /aaa-api/* aaa-api:8081
reverse_proxy /bbb-admin/* bbb-admin:8080
tls aaa@163.com
}
创建容器
第二步,docker-compose创建caddy2容器以及你自己的项目容器
version: '2'
services:
#aaa-api
aaa-api:
container_name: aaa-api
image: aaa-api:v20211008001
restart: unless-stopped
networks:
- default
ports:
- "8081:8081"
volumes:
- "/data/www/market/images:/data/www/market/images"
environment:
spring_profiles_active: test
TZ: Asia/Shanghai
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
#bbb-admin
bbb-admin:
container_name: bbb-admin
image: bbb-admin:v20211008001
restart: unless-stopped
networks:
- default
volumes:
- "/data/www/market/images:/data/www/market/images"
ports:
- "8080:8080"
environment:
spring_profiles_active: test
TZ: Asia/Shanghai
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
# caddy
caddy:
container_name: caddy
image: caddy
restart: unless-stopped
networks:
- default
environment:
ACME_AGREE: "true"
ports:
- "80:80"
- "443:443"
volumes:
- "/etc/caddy/Caddyfile:/etc/caddy/Caddyfile"
- "/data/www/market/images:/images"
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
#mariadb
mariadb:
container_name: mariadb
image: mariadb
restart: unless-stopped
networks:
- default
ports:
- "3306:3306"
environment:
MYSQL_ROOT_PASSWORD: market@33223344
volumes:
- "/data/mysql/data:/var/lib/mysql"
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
#redis
redis:
container_name: redis
image: redis
restart: unless-stopped
networks:
- default
ports:
- "9987:6379"
volumes:
- "/data:/data/redis/data"
- "/data/redis/conf:/etc/redis"
logging:
driver: "json-file"
options:
max-size: "10m"
max-file: "3"
networks:
default:
driver: bridge
说明
重点说明一下caddy的配置:
1.关于代理,我的项目都有上下文路径的,所以 reverse_proxy 代理后面匹配的是上下文路径(注意一定要加/*),如:https://www.aaa.com/aaa-api/login.html,空格 后面接容器名和容器的启动端口
2.关于图片,我的访问方式是:https://www.aaa.com/images/20211009/asdfasdf.jpg,所以file_server 后面匹配 /images/*,root 则代表文件的根目录,注意,这是caddy容器内的路径,所以在添加caddy容器的时候需要映射你的图片文件夹路径到容器内,我的root / 是因为我把宿主机的图片映射到了caddy容器内的 /images
2022.02.09补充,如果代理存在多个且存在无匹配校验的代理,代理的逻辑是匹配最佳匹配项,在file_server匹配后,会继续匹配无匹配项的代理,导致文件无法访问404,所以需要使用@name标签和not path 指令
www.aaaa.com {
log {
output stdout
}
file_server /images/* {
root /
}
reverse_proxy /aaa/* aaa-api:8081
reverse_proxy /bbb/* bbb-admin:8080
@path not path /images/* /aaa/* /bbb/*
reverse_proxy @path ccc-name
tls aaa@163.com
}
记录:caddy的docker-compose
version: '2'
services:
caddy2:
container_name: caddy2
image: caddy
restart: on-failure
ports:
- "443:443"
- "443:443/udp"
- "80:80"
volumes:
- "/mnt/caddy2/config:/config"
- "/mnt/caddy2/Caddyfile:/etc/caddy/Caddyfile"
- "/mnt/caddy2/data:/data"
- "/data/www/cert:/cert"
networks:
- monitor
environment:
TZ: "Asia/Shanghai"
logging:
driver: "json-file"
options:
max-size: "100m"
max-file: "3"
networks:
monitor:
external:
name: myNetwork
总结
关于caddy2的简单使用,我就主要提到了file_server 和 reverse_proxy 两个指令。更多操作可以看看文档:https://caddyserver.com/docs/
额外增加了 @name not path三个指令。遇到问题还是多看官方文档吧!很有用
瑞思拜!