Allow non-root process to bind to port 80 and 443
1
|
sudo setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/caddy
|
Redirect everything to a static HTTPS site
1
2
3
4
5
6
7
8
9
|
http://www.yannick.dev, http://yannick.dev, https://www.yannick.dev {
redir https://yannick.dev{uri} permanent
}
https://yannick.dev {
root * path_to_main_www
encode zstd gzip
file_server
}
|
Serve a path from a different folder
In Caddy v2 path matching is exact-match, so to serve the page /about/me
you would need to use /about/*
.
1
2
3
4
5
6
7
8
9
|
https://yannick.dev {
root * path_to_main_www
encode zstd gzip
file_server
handle_path /subpage/* {
root * path_to_subpage
}
}
|
Systemd Service for Caddy v2
/etc/systemd/system/caddy.service
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
[Unit]
Description=Caddy v2
Documentation=https://caddyserver.com/docs/
After=network-online.target
Wants=network-online.target systemd-networkd-wait-online.service
[Service]
ExecStart=/usr/local/bin/caddy run
WorkingDirectory=/home/ubuntu/www
User=ubuntu
Restart=always
RestartSec=30
StandardOutput=syslog
StandardError=syslog
Restart=on-failure
LimitNOFILE=1048576
LimitNPROC=64
[Install]
WantedBy=multi-user.target
|
Common systemd commands:
1
2
3
|
sudo systemctl enable caddy.service
sudo systemctl start caddy.service
journalctl -u caddy -f
|
Links