CaddyV1升级到V2版本

本文最后更新于 1034 天前, 如有失效请评论区留言.

主要讲述caddy v1升级到v2版本的过程

背景

想升级到v2版本踩踩坑

升级踩坑

目前caddy v1版本的安装和使用方式和v2版本相同,但是v2版本使用方式有所不同。

之前也写过Caddy2的使用, 这里不详细了,直接跳过了。

systemd

  • v1
[Service]
Restart=on-abnormal
User=www-data
Group=www-data
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
PrivateDevices=false
ProtectHome=true
ProtectSystem=full
ReadWritePaths=/etc/ssl/caddy
ReadWriteDirectories=/etc/ssl/caddy
  • v2
[Service]
Type=notify
User=www-data
Group=www-data
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart=/usr/local/bin/caddy2 run --environ --watch  --config /etc/caddy2/Caddyfile
ExecReload=/usr/local/bin/caddy2 reload --config /etc/caddy2/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE

代理分流

  • v1
cao.buhuibaidu.me {
    gzip
    timeouts none
    proxy / https://www.baidu.com {
        except /bing
    }
    proxy /bing https://127.0.0.1:40000 {
        header_upstream Host {host}
        header_upstream X-Forwarded-Proto {scheme}
        insecure_skip_verify
    }
}
  • v2
cao.buhuibaidu.me {
    import GZIP
    @noproxy {
        not path "/bing"
    }
    reverse_proxy @noproxy https://www.baidu.com
    reverse_proxy /bing https://127.0.0.1:40000 {
        header_up Host {host}
        header_up X-Forwarded-Proto {scheme}
        transport http {
            tls_insecure_skip_verify
       }
    }
}

未填完的坑

之前v1版本部署过caddy和tailscale以及ergo的镜像代理,貌似v2不好使了

  • v1
debian.ysicing.me {
   gzip
   log stdout
   tls root@ysicing.net
   proxy / https://debian.cdn.ysicing.me/apt/
}

m.deb.ysicing.me {
   gzip
   log stdout
   tls root@ysicing.net
   proxy /tailscale/ https://pkgs.tailscale.com/ {
     without /tailscale
   }
   proxy /caddy/ https://dl.cloudsmith.io/public/caddy {
    without /caddy
  }
}

m.yum.ysicing.me {
   gzip
   log stdout
   tls root@ysicing.net
   proxy /tailscale/ https://pkgs.tailscale.com/ {
     without /tailscale
   }
}
  • v2

待续

Sponsor

Like this article? $1 reward

Comments