CaddyV1升级到V2版本
本文最后更新于 976 天前, 如有失效请评论区留言.
主要讲述caddy v1升级到v2版本的过程
背景
想升级到v2版本踩踩坑
升级踩坑
目前caddy v1版本的安装和使用方式和v2版本相同,但是v2版本使用方式有所不同。
之前也写过Caddy2的使用, 这里不详细了,直接跳过了。
systemd
- v1
[Service]
Restart=on-abnormal
User=www-data
Group=www-data
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart=/usr/local/bin/caddy -log stdout -agree=true -conf=/etc/caddy/Caddyfile -root=/var/tmp
ExecReload=/bin/kill -USR1 $MAINPID
KillMode=mixed
KillSignal=SIGQUIT
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
PrivateDevices=false
ProtectHome=true
ProtectSystem=full
ReadWritePaths=/etc/ssl/caddy
ReadWriteDirectories=/etc/ssl/caddy
- v2
[Service]
Type=notify
User=www-data
Group=www-data
Environment=CADDYPATH=/etc/ssl/caddy
ExecStart=/usr/local/bin/caddy2 run --environ --watch --config /etc/caddy2/Caddyfile
ExecReload=/usr/local/bin/caddy2 reload --config /etc/caddy2/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
代理分流
- v1
cao.buhuibaidu.me {
gzip
timeouts none
proxy / https://www.baidu.com {
except /bing
}
proxy /bing https://127.0.0.1:40000 {
header_upstream Host {host}
header_upstream X-Forwarded-Proto {scheme}
insecure_skip_verify
}
}
- v2
cao.buhuibaidu.me {
import GZIP
@noproxy {
not path "/bing"
}
reverse_proxy @noproxy https://www.baidu.com
reverse_proxy /bing https://127.0.0.1:40000 {
header_up Host {host}
header_up X-Forwarded-Proto {scheme}
transport http {
tls_insecure_skip_verify
}
}
}
未填完的坑
之前v1版本部署过caddy和tailscale以及ergo的镜像代理,貌似v2不好使了
- v1
debian.ysicing.me {
gzip
log stdout
tls root@ysicing.net
proxy / https://debian.cdn.ysicing.me/apt/
}
m.deb.ysicing.me {
gzip
log stdout
tls root@ysicing.net
proxy /tailscale/ https://pkgs.tailscale.com/ {
without /tailscale
}
proxy /caddy/ https://dl.cloudsmith.io/public/caddy {
without /caddy
}
}
m.yum.ysicing.me {
gzip
log stdout
tls root@ysicing.net
proxy /tailscale/ https://pkgs.tailscale.com/ {
without /tailscale
}
}
- v2
待续