├── LICENSE ├── README.md ├── basicauthproxy ├── Caddyfile └── README.md ├── chevereto ├── Caddyfile └── README.md ├── cmsmadesimple ├── Caddyfile ├── README.md └── caddy@.service ├── collabora ├── Caddyfile └── README.md ├── concrete5 ├── Caddyfile ├── README.md └── caddy@.service ├── directus ├── Caddyfile └── README.md ├── discourse ├── Caddyfile └── README.md ├── django ├── Caddyfile └── README.md ├── dokuwiki ├── Caddyfile_root ├── Caddyfile_subdir └── README.md ├── drone ├── Caddyfile └── README.md ├── drupal ├── Caddyfile └── README.md ├── flask-fcgi ├── Caddyfile ├── README.md ├── app.py └── requirements.txt ├── flask ├── Caddyfile └── README.md ├── friendica ├── Caddyfile └── README.md ├── ghost ├── Caddyfile └── README.md ├── gitea ├── Caddyfile └── README.md ├── gitlab ├── Caddyfile ├── Caddyfile-socket └── README.md ├── gnusocial ├── Caddyfile └── README.md ├── gogs ├── Caddyfile └── README.md ├── grav ├── Caddyfile └── readme.md ├── headphones ├── Caddyfile └── README.md ├── hhvm ├── Caddyfile ├── README.md └── index.php ├── httpsproxy ├── Caddyfile └── readme.md ├── isso └── README.md ├── jira ├── Caddyfile └── Readme.md ├── jupyter ├── Caddyfile └── Readme.md ├── kanboard ├── Caddyfile └── README.md ├── kirby ├── Caddyfile_root ├── Caddyfile_subdir └── README.md ├── laravel └── Caddyfile ├── lumen ├── Caddyfile └── readme.md ├── markdown ├── Caddyfile ├── README.md ├── hello-world.md ├── index.md ├── styles │ └── main.css └── templates │ ├── blog.html │ └── index.html ├── minio ├── Caddyfile └── README.md ├── monit ├── Caddyfile └── README.md ├── nextcloud ├── Caddyfile ├── README.md └── caddy-reverseproxy-nginx-backend-nextcloud │ ├── Caddyfile │ ├── README.MD │ └── nginx.conf ├── pasthis ├── Caddyfile └── README.md ├── phabricator ├── Caddyfile └── README.md ├── picocms ├── Caddyfile └── README.md ├── processwire ├── Caddyfile └── README.md ├── radicale ├── Caddyfile └── README.md ├── rails ├── Caddyfile └── README.md ├── seafile ├── Caddyfile └── README.md ├── security-header ├── Caddyfile └── README.md ├── sendy └── Caddyfile ├── shopware └── Caddyfile ├── smokeping ├── Caddyfile └── README.md ├── symfony ├── Caddyfile └── README.md ├── systemd └── README.md ├── thinkjs ├── Caddyfile └── README.md ├── vanilla ├── Caddyfile └── README.md ├── web2py ├── Caddyfile └── README.md ├── winphp ├── Caddyfile ├── php_cgi.bat ├── php_cgi2.bat └── readme.md ├── woltlab ├── Caddyfile └── README.md ├── wordpress ├── Caddyfile └── README.md ├── youtrack ├── Caddyfile └── README.md └── zabbix ├── Caddyfile └── README.md /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2015 Caddy 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | 23 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # This repository is deprecated and no longer maintained. 2 | 3 | The examples in this repo are for Caddy v1, which has been obsoleted by Caddy 2. **Please [upgrade to Caddy 2](https://caddyserver.com/docs/v2-upgrade).** 4 | 5 | 6 | ## Examples for v2 7 | 8 | Check out **[the wiki category in our forums](https://caddy.community/c/wiki/13)** for v2 examples, guides, and tutorials. Anyone can post or edit a wiki topic. 9 | -------------------------------------------------------------------------------- /basicauthproxy/Caddyfile: -------------------------------------------------------------------------------- 1 | # Example explains how to setup a basicauth proxy to a webserver 2 | 3 | your.public.com 4 | 5 | # If you want to use more than one user, just append more rows with the next user 6 | # basicauth / username1 password1 7 | # basicauth / username2 password2 8 | 9 | basicauth / username password 10 | 11 | # Proxy to localhost port 8080 12 | # If multiple backends are used, just specify them separated by space 13 | # proxy / localhost:8080 localhost:8081 192.168.99.100:8083 14 | 15 | proxy / localhost:8080 16 | -------------------------------------------------------------------------------- /basicauthproxy/README.md: -------------------------------------------------------------------------------- 1 | # Basic Auth HTTP proxy with Caddy 2 | 3 | In this document you will learn on how to set up Caddy as a basicauth proxy in front of a http server. 4 | For more information, see the [http.basicauth](https://caddyserver.com/docs/basicauth) and [http.proxy](https://caddyserver.com/docs/proxy) of the documentation. 5 | 6 | #### Prerequisites 7 | 8 | * You have a http server running on localhost or an external resource 9 | * You have Caddy installed, if not follow [Getting Started with Caddy](https://caddyserver.com/docs/getting-started) 10 | 11 | #### Start Caddy 12 | 13 | ``` 14 | $ ./caddy 15 | Activating privacy features... done. 16 | your.public.com:443 17 | your.public.com:80 18 | ``` -------------------------------------------------------------------------------- /chevereto/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | root /var/www/chevereto 3 | fastcgi / /var/run/php/php7.0-fpm.sock php 4 | 5 | rewrite { 6 | to {path} {path}/ /index.php?{query} 7 | } 8 | } -------------------------------------------------------------------------------- /chevereto/README.md: -------------------------------------------------------------------------------- 1 | # Chevereto 2 | 3 | This is an example configuration on how to use [Chevereto](https://chevereto.com/) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. You install Chevereto in the directory `/var/www/chevereto`. 8 | 4. You use domain name `example.com`. 9 | 10 | Please be sure to change with your actual values. 11 | -------------------------------------------------------------------------------- /cmsmadesimple/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | 3 | root /home/username/caddy/example.com/public 4 | 5 | fastcgi / /var/run/php/php7.0-fpm.sock php 6 | 7 | rewrite { 8 | to {path} {path}/ /index.php?page={uri_escaped} 9 | } 10 | 11 | } 12 | -------------------------------------------------------------------------------- /cmsmadesimple/README.md: -------------------------------------------------------------------------------- 1 | # CMS Made Simple 2 | 3 | This is an example configuration on how to use [CMS Made Simple](https://www.cmsmadesimple.org/) with Caddy. 4 | 5 | CMS Made Simple has [minimum requirements listed at website](https://docs.cmsmadesimple.org/installation/requirements). 6 | 7 | This example uses 8 | 9 | - Ubuntu 16.04 Server 10 | - PHP version 7.0 11 | - MariaDB 12 | 13 | ## Install Caddy 14 | 15 | Install Caddy, change username 16 | 17 | Create directory for Caddy 18 | ```` 19 | mkdir ~/caddy 20 | ```` 21 | 22 | Download Caddyfile and change it to your domain. 23 | 24 | Download caddy@.service, change it to your username where PHP files will be, and email address to yours, 25 | and add it to /etc/systemd/system/caddy@.service . 26 | 27 | Install Caddy. There are also other extensions like hugo and git if you'd like to use them. 28 | Change username to your user where ~/caddy directory is. 29 | 30 | ```` 31 | curl https://getcaddy.com | bash -s ipfilter,ratelimit 32 | sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddy 33 | sudo systemctl daemon-reload 34 | sudo systemctl stop caddy@username 35 | sudo systemctl start caddy@username 36 | sudo systemctl enable caddy@username 37 | ```` 38 | 39 | ## Install PHP and MariaDB 40 | 41 | On Ubuntu Linux, we can install them using the following commands: 42 | ```` 43 | sudo apt update 44 | 45 | sudo apt install php7.0-common php7.0-cli php7.0-curl php7.0-fpm php7.0-gd \ 46 | php7.0-gd php7.0-json php7.0-mbstring php7.0-mysql php7.0-mysql \ 47 | php7.0-opcache php7.0-readline php7.0-xml mariadb-server 48 | ```` 49 | 50 | Secure MariaDB installation and create database. 51 | ```` 52 | # 1) sudo to root 53 | sudo su 54 | 55 | # 2) Go through steps securing your database. Add root password for your database. 56 | mysql_secure_installation 57 | 58 | # 3) Start MariaDB database CLI, use root password you created at previous step 59 | mysql -hlocalhost -uroot -p 60 | 61 | # 4) Set your whole database to use UTF-8. 62 | SET character_set_server = 'utf8'; 63 | 64 | # 5) Set database result ordering. Yours could be different. 65 | SET collation_server = 'utf8_swedish_ci'; 66 | 67 | # 6) Create database for CMS Made Simple. You could name differently. 68 | CREATE DATABASE simple; 69 | 70 | # 7) Create user for that database, and add password. Change to your own. 71 | CREATE USER 'simple'@'localhost' IDENTIFIED BY 'password'; 72 | 73 | # 8) Give previously created user access to datatabase 74 | GRANT ALL PRIVILEGES ON simple.* to 'simple'@'localhost'; 75 | 76 | # 9) Take these new settings to be used immediately, and exit. 77 | FLUSH PRIVILEGES; 78 | exit 79 | ```` 80 | 81 | Change settings at /etc/php/7.0/fpm/php.ini to your preferred ones: 82 | ```` 83 | ; Maximum upload filesize 84 | upload_max_filesize = 2G 85 | ; Maximum post size, may contain multiple files 86 | post_max_size = 4G 87 | max_file_uploads = 20 88 | max_execution_time = 120 89 | max_input_time = 60 90 | memory_limit = 128M 91 | ; Disable showing errors 92 | error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED 93 | ```` 94 | 95 | In that php.ini file is also disabled pnctl functions, they are disabled in default Ubuntu config 96 | for security reasons so I did not enable them yet, although some extensions may require them. 97 | ```` 98 | disable_functions = pcntl... 99 | ```` 100 | 101 | Change /etc/php/7.0/fpm/pool.d/www.conf to have username where your CMS Made Simple files are: 102 | ```` 103 | user = username 104 | group = username 105 | listen.owner = username 106 | listen.group = username 107 | ```` 108 | 109 | ## Install CMS Made Simple 110 | 111 | [Download newest CMS Made Simple installer PHP file](http://www.cmsmadesimple.org/downloads/) 112 | 113 | Add it to ~/caddy/example.com/public/cmsms-[VERSION]-install.php 114 | 115 | Use installation wizard at https://example.com/cmsms-[VERSION]-install.php to install it. 116 | 117 | Add URL rewriting to config: 118 | ```` 119 | cd ~/caddy/example.com/public/ 120 | sudo nano config.php 121 | # Add this line to bottom: 122 | $config['url_rewriting'] = 'mod_rewrite'; 123 | ```` 124 | 125 | You can save this reload-caddy.sh script to textfile, change domain to your domain, and caddy@username to your username where PHP files are: 126 | ```` 127 | #!/bin/bash 128 | sudo systemctl daemon-reload 129 | sudo systemctl stop caddy@username 130 | sudo systemctl stop php7.0-fpm 131 | sudo systemctl start php7.0-fpm 132 | sudo systemctl start caddy@username 133 | # Delete CMS Made Simple cache files 134 | rm ~/caddy/example.com/public/tmp/cache/* 135 | rm ~/caddy/example.com/public/tmp/templates_c/* 136 | ```` 137 | 138 | And make it executeable: 139 | ```` 140 | chmod +x ./reload-caddy.sh 141 | ```` 142 | 143 | Then you can run it as needed 144 | ```` 145 | ./reload-caddy.sh 146 | ```` 147 | -------------------------------------------------------------------------------- /cmsmadesimple/caddy@.service: -------------------------------------------------------------------------------- 1 | ; see `man systemd.unit` for configuration details 2 | ; the man section also explains *specifiers* `%x` 3 | 4 | [Unit] 5 | Description=Caddy HTTP/2 web server %I 6 | Documentation=https://caddyserver.com/docs 7 | After=network-online.target 8 | Wants=network-online.target 9 | Wants=systemd-networkd-wait-online.service 10 | 11 | [Service] 12 | ; run user and group for caddy 13 | User=username 14 | Group=username 15 | ExecStart=/usr/local/bin/caddy -conf=/home/username/caddy/Caddyfile -agree -email="firstname.lastname@example.com" 16 | Restart=on-failure 17 | StartLimitInterval=86400 18 | StartLimitBurst=5 19 | RestartSec=10 20 | ExecReload=/bin/kill -USR1 $MAINPID 21 | ; limit the number of file descriptors, see `man systemd.exec` for more limit settings 22 | LimitNOFILE=1048576 23 | LimitNPROC=64 24 | ; create a private temp folder that is not shared with other processes 25 | PrivateTmp=true 26 | PrivateDevices=true 27 | ProtectSystem=full 28 | CapabilityBoundingSet=CAP_NET_BIND_SERVICE 29 | AmbientCapabilities=CAP_NET_BIND_SERVICE 30 | NoNewPrivileges=true 31 | 32 | [Install] 33 | WantedBy=multi-user.target 34 | 35 | -------------------------------------------------------------------------------- /collabora/Caddyfile: -------------------------------------------------------------------------------- 1 | collabora.example.com { 2 | # Static html, js, images, etc. served from loolwsd 3 | # Loleaflet is the client part of LibreOffice Online 4 | proxy /loleaflet https://collabora:9980 { 5 | insecure_skip_verify 6 | transparent 7 | } 8 | 9 | # WOPI discovery URL 10 | proxy /hosting/discovery https://collabora:9980 { 11 | insecure_skip_verify 12 | transparent 13 | } 14 | 15 | # Main websocket 16 | proxy /lool https://collabora:9980 { 17 | insecure_skip_verify 18 | transparent 19 | websocket 20 | } 21 | 22 | ## Admin console websocket 23 | #proxy /lool/adminws https://collabora:9980 { 24 | # insecure_skip_verify 25 | # transparent 26 | # websocket 27 | #} 28 | 29 | # Show capabilities as json 30 | proxy /hosting/capabilities https://collabora:9980 { 31 | insecure_skip_verify 32 | transparent 33 | } 34 | 35 | # Download as, fullscreen presentation and image upload operations 36 | proxy /lool https://collabora:9980 { 37 | insecure_skip_verify 38 | transparent 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /collabora/README.md: -------------------------------------------------------------------------------- 1 | # Collabora CODE 2 | 3 | This is an example configuration of how to use [Collabora CODE](https://www.collaboraoffice.com/code/) with caddy. 4 | 5 | Collabora can then be used with, for exmaple, [Nextcloud](https://nextcloud.com/). 6 | 7 | Note: In this example file Collabora CODE is started using its [official docker container](https://hub.docker.com/r/collabora/code/) and reachable in the internal network using https://collabora:9980. 8 | -------------------------------------------------------------------------------- /concrete5/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | 3 | root /home/username/caddy/example.com/public 4 | 5 | fastcgi / /var/run/php/php7.0-fpm.sock php 6 | 7 | rewrite { 8 | to {path} {path}/index.html {path}/index.php /index.php/{uri_escaped} 9 | } 10 | 11 | } 12 | -------------------------------------------------------------------------------- /concrete5/README.md: -------------------------------------------------------------------------------- 1 | # Concrete5 2 | 3 | This is an example configuration on how to use [Concrete5](http://www.concrete5.org/) with Caddy. 4 | 5 | This example uses 6 | 7 | - Ubuntu 16.04 Server 8 | - PHP version 7.0 9 | - MariaDB 10 | 11 | ## Install Caddy 12 | 13 | Install Caddy, change username 14 | 15 | Create directory for Caddy 16 | ```` 17 | mkdir ~/caddy 18 | ```` 19 | 20 | Download Caddyfile and change it to your domain. 21 | 22 | Download caddy@.service, change it to your username where PHP files will be, and email address to yours, 23 | and add it to /etc/systemd/system/caddy@.service . 24 | 25 | Install Caddy. Change username to your user where ~/caddy directory is. 26 | ```` 27 | curl https://getcaddy.com | bash -s ipfilter,ratelimit 28 | sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddy 29 | sudo systemctl daemon-reload 30 | sudo systemctl stop caddy@username 31 | sudo systemctl start caddy@username 32 | sudo systemctl enable caddy@username 33 | ```` 34 | 35 | For restarting Caddy when needed, you can save this reload-caddy.sh script 36 | to textfile, change domain to your domain, and caddy@username to your username 37 | where 38 | PHP files are: 39 | ```` 40 | #!/bin/bash 41 | sudo systemctl daemon-reload 42 | sudo systemctl stop caddy@username 43 | sudo systemctl stop php7.0-fpm 44 | sudo systemctl start php7.0-fpm 45 | sudo systemctl start caddy@username 46 | ```` 47 | 48 | And make it executeable: 49 | ```` 50 | chmod +x ./reload-caddy.sh 51 | ```` 52 | 53 | Then you can run it as needed 54 | ```` 55 | ./reload-caddy.sh 56 | ```` 57 | 58 | ## Install PHP and MariaDB 59 | 60 | On Ubuntu Linux, we can install them using the following commands: 61 | ```` 62 | sudo apt update 63 | 64 | sudo apt install php7.0-common php7.0-cli php7.0-curl php7.0-fpm php7.0-gd \ 65 | php7.0-gd php7.0-json php7.0-mbstring php7.0-mysql php7.0-mysql \ 66 | php7.0-opcache php7.0-readline php7.0-xml mariadb-server curl zip unzip 67 | ```` 68 | 69 | Secure MariaDB installation and create database. 70 | ```` 71 | # 1) sudo to root 72 | sudo su 73 | 74 | # 2) Go through steps securing your database. Add root password for your database. 75 | mysql_secure_installation 76 | 77 | # 3) Start MariaDB database CLI, use root password you created at previous step 78 | mysql -hlocalhost -uroot -p 79 | 80 | # 4) Set your whole database to use UTF-8. 81 | SET character_set_server = 'utf8'; 82 | 83 | # 5) Set database result ordering. Yours could be different. 84 | SET collation_server = 'utf8_swedish_ci'; 85 | 86 | # 6) Create database for Concrete5. You could name differently. 87 | CREATE DATABASE concrete5; 88 | 89 | # 7) Create user for that database, and add password. Change to your own. 90 | CREATE USER 'concrete5'@'localhost' IDENTIFIED BY 'password'; 91 | 92 | # 8) Give previously created user access to datatabase 93 | GRANT ALL PRIVILEGES ON concrete5.* to 'concrete5'@'localhost'; 94 | 95 | # 9) Take these new settings to be used immediately, and exit. 96 | FLUSH PRIVILEGES; 97 | exit 98 | ```` 99 | 100 | Change settings at /etc/php/7.0/fpm/php.ini to your preferred ones: 101 | ```` 102 | ; Maximum upload filesize 103 | upload_max_filesize = 2G 104 | ; Maximum post size, may contain multiple files 105 | post_max_size = 4G 106 | max_file_uploads = 20 107 | max_execution_time = 120 108 | max_input_time = 60 109 | memory_limit = 128M 110 | ; Disable showing errors 111 | error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED 112 | ```` 113 | 114 | Change /etc/php/7.0/fpm/pool.d/www.conf to have username where your Concrete5 files are: 115 | ```` 116 | user = username 117 | group = username 118 | listen.owner = username 119 | listen.group = username 120 | ```` 121 | 122 | [Download release version of Concrete5. I used version 8.x](http://www.concrete5.org/download) 123 | 124 | For development, you can also clone repo, instructions below. 125 | 126 | [Download admin interface translation for your language. 127 | I downloaded for version Development (8.x)](http://www.concrete5.org/developers/translate/) 128 | 129 | ## Install Concrete5 130 | 131 | ```` 132 | # 1) Create directory for your domain 133 | mkdir -p ~/caddy/example.com 134 | 135 | # 2) Go to that directory 136 | cd ~/caddy/example.com 137 | 138 | # 3a) Unzip you Concrete5 release version 139 | unzip ~/concrete[VERSION].zip 140 | # Rename directory to public 141 | mv concrete[VERSION] public 142 | 143 | # 3b) For development version, clone repo 144 | git clone https://github.com/concrete5/concrete5.git public 145 | 146 | # 4) Go to public directory's concrete subdirectory 147 | cd public/concrete 148 | 149 | # 5) Unzip your language file 150 | unzip ~/core-dev-[VERSION-LANGUAGE].zip 151 | ```` 152 | 153 | 6) Go to https://example.com and use wizard to install. 154 | 155 | 7) On first step of install, you can select your admin interface 156 | language. It can also be changed later in System & Settings/Basics/Languages, 157 | if you want to first to select English and make required changes below 158 | for Pretty URLs etc. 159 | 160 | 8) After install, login at https://example.com/index.php/login 161 | (or later at https://example.com/login). Admin username by default is admin . 162 | 163 | 9) Go to System & Settings/SEO & Statistics/URLs and Redirection. 164 | 165 | 10) On Pretty URLs, check "[X] Remove index.php from URLS" and click Save. 166 | 167 | 11) Go to System & Settings/Optimization/Clear Cache. Click "Clear Cache". 168 | 169 | 12) Logout. Now URLs on website should all be without index.php in URLs. 170 | There is still index.php in URLs on admin interface, but that's not visible 171 | to normal website visitors. 172 | -------------------------------------------------------------------------------- /concrete5/caddy@.service: -------------------------------------------------------------------------------- 1 | ; see `man systemd.unit` for configuration details 2 | ; the man section also explains *specifiers* `%x` 3 | 4 | [Unit] 5 | Description=Caddy HTTP/2 web server %I 6 | Documentation=https://caddyserver.com/docs 7 | After=network-online.target 8 | Wants=network-online.target 9 | Wants=systemd-networkd-wait-online.service 10 | 11 | [Service] 12 | ; run user and group for caddy 13 | User=username 14 | Group=username 15 | ExecStart=/usr/local/bin/caddy -conf=/home/username/caddy/Caddyfile -agree -email="firstname.lastname@example.com" 16 | Restart=on-failure 17 | StartLimitInterval=86400 18 | StartLimitBurst=5 19 | RestartSec=10 20 | ExecReload=/bin/kill -USR1 $MAINPID 21 | ; limit the number of file descriptors, see `man systemd.exec` for more limit settings 22 | LimitNOFILE=1048576 23 | LimitNPROC=64 24 | ; create a private temp folder that is not shared with other processes 25 | PrivateTmp=true 26 | PrivateDevices=true 27 | ProtectSystem=full 28 | CapabilityBoundingSet=CAP_NET_BIND_SERVICE 29 | AmbientCapabilities=CAP_NET_BIND_SERVICE 30 | NoNewPrivileges=true 31 | 32 | [Install] 33 | WantedBy=multi-user.target 34 | -------------------------------------------------------------------------------- /directus/Caddyfile: -------------------------------------------------------------------------------- 1 | # Change to the hostname (or URL) you want to bind to 2 | localhost:3000 { 3 | 4 | # Change this to the path where you cloned Directus to 5 | root /var/www/directus 6 | 7 | # Change the PHP FPM host and port if you use the non-default 8 | fastcgi / 127.0.0.1:9000 php 9 | 10 | rewrite /admin { 11 | to {path} /admin/index.html 12 | } 13 | 14 | rewrite /thumbnail { 15 | to {path} /thumbnail/index.php?{query} 16 | } 17 | 18 | rewrite / { 19 | if {path} not_starts_with /admin 20 | if {path} not_starts_with /storage 21 | if {path} not_starts_with /extensions 22 | if {path} not_starts_with /thumbnail 23 | to {path} /index.php?{query} 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /directus/README.md: -------------------------------------------------------------------------------- 1 | # Directus 2 | 3 | This is an example configuration on how to use [Directus](https://directus.io) with Caddy. 4 | 5 | ## Prerequisites 6 | 7 | Directus has the following [requirements](https://docs.directus.io/getting-started/installation.html#requirements): 8 | 9 | - PHP version 5.6 or greater 10 | - MySQL version 5.5 or greater 11 | 12 | On Ubuntu Linux, we can install them using the following commands: 13 | 14 | ``` 15 | sudo apt-get update 16 | sudo apt-get install mysql-server php5-mysql php5-fpm 17 | ``` 18 | 19 | During the installation, MySQL will ask you to set a root password. 20 | 21 | To finish the installation, we need to activate MySQL and secure the installation: 22 | 23 | ``` 24 | sudo mysql_install_db 25 | sudo /usr/bin/mysql_secure_installation 26 | ``` 27 | 28 | ## Create Directus Database 29 | 30 | With all the prerequisites in place, we can go ahead and create a new MySQL database and user for Directus. 31 | 32 | First, log into the MySQL Shell: 33 | 34 | ```` 35 | mysql -u root -p 36 | ```` 37 | 38 | Now, create the database and user: 39 | 40 | ```` 41 | CREATE DATABASE directus; 42 | CREATE USER directususer@localhost; 43 | SET PASSWORD FOR directususer@localhost= PASSWORD("password"); 44 | GRANT ALL PRIVILEGES ON directus.* TO directususer@localhost IDENTIFIED BY 'password'; 45 | FLUSH PRIVILEGES; 46 | exit 47 | ```` 48 | 49 | A couple of things are going on here: 50 | 1. Create the actual `directus` database. 51 | 2. Create the user `directususer`. 52 | 3. Set a password for this user. 53 | 4. Grant all privileges of the `directus` database to this user. 54 | 5. Reload the new user settings. 55 | 56 | Feel free to name you database or user differently. 57 | 58 | ## Download & install Directus 59 | 60 | We can get the latest version of Directus directly from GitHub: 61 | 62 | ``` 63 | git clone https://github.com/directus/directus 64 | ``` 65 | 66 | Use the Caddyfile in this example and make sure that fastcgi is listening on port 9000. 67 | 68 | Now, we can finally run `caddy`. If everything went right, you'll be greeted by Directus once you visit `http://localhost:4000/admin`. From here on, Directus will guide you through the rest of the setup. 69 | 70 | -------------------------------------------------------------------------------- /discourse/Caddyfile: -------------------------------------------------------------------------------- 1 | discourse.yoursite.com 2 | 3 | proxy / localhost:8080 { 4 | transparent 5 | } 6 | -------------------------------------------------------------------------------- /discourse/README.md: -------------------------------------------------------------------------------- 1 | # Discourse 2 | 3 | Running [Discourse](https://www.discourse.org/) with Caddy is very easy. After you've installed Discourse, you need to adjust the container's configuration slightly. 4 | 5 | `cd /var/discourse` 6 | 7 | `sudo nano containers/app.yml` 8 | 9 | Find the line that says `expose:` and change that section to: 10 | 11 | ```yaml 12 | expose: 13 | - "8080:80" # http 14 | # - "443:443" # https 15 | ``` 16 | 17 | These lines map host ports to container ports. So, we set the 'real' port 8080 to map to the container's port 80. You can change `8080` to be any high port number you want. Then we disable the 443 mapping since Caddy terminates the TLS for us. 18 | 19 | Also comment the lines dealing with certificates, as now Caddy will take care of that. 20 | 21 | ``` 22 | # - "templates/web.ssl.template.yml" 23 | # - "templates/web.letsencrypt.ssl.template.yml" 24 | ``` 25 | 26 | See enclosed Caddyfile for how to reverse-proxy into Discourse. Very simple, as you would expect. 27 | 28 | After you've changed app.yml and started Caddy, restart your container: 29 | 30 | `sudo ./launcher rebuild app` 31 | 32 | After a few minutes your Discourse installation should be online with Caddy. 33 | -------------------------------------------------------------------------------- /django/Caddyfile: -------------------------------------------------------------------------------- 1 | domain.tld { 2 | root /var/www/project/folder 3 | proxy / localhost:8000 { 4 | transparent 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /django/README.md: -------------------------------------------------------------------------------- 1 | # Django 2 | 3 | This is an example configuration for a django project, running with gunicorn. 4 | At the moment, caddy doesn't support uwsgi protocol, and the best option, 5 | is to proxy the requests to the app server. 6 | 7 | 1. Install gunicorn in your app environment: `pip install gunicorn` 8 | 2. Launch gunicorn: `gunicorn -b "127.0.0.1:8000" project.wsgi` 9 | Usually, you will have your gunicorn script on a supervisor, or 10 | something else 11 | 12 | 13 | 3. Proxy requests from caddy to gunicorn. 14 | 4. Take care of your statics and medias 15 | -------------------------------------------------------------------------------- /dokuwiki/Caddyfile_root: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | root 3 | gzip 4 | 5 | fastcgi / /var/run/php-fpm/php-fpm.sock php { 6 | index doku.php 7 | } 8 | 9 | internal /forbidden 10 | 11 | rewrite { 12 | r /(data/|conf/|bin/|inc/|install.php) 13 | to /forbidden 14 | } 15 | rewrite /_media { 16 | r (.*) 17 | to /lib/exe/fetch.php?media={1} 18 | } 19 | rewrite /_detail { 20 | r (.*) 21 | to /lib/exe/detail.php?media={1} 22 | } 23 | rewrite /_export { 24 | r /([^/]+)/(.*) 25 | to /doku.php?do=export_{1}&id={2} 26 | } 27 | rewrite { 28 | if {path} not_match /lib/.* 29 | if {path} not_match /forbidden 30 | r /(.*) 31 | to {uri} /doku.php?id={1}&{query} 32 | } 33 | -------------------------------------------------------------------------------- /dokuwiki/Caddyfile_subdir: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | root 3 | gzip 4 | 5 | # Subdirectory of dokuwiki is "wiki" in this example 6 | fastcgi /wiki/ /var/run/php-fpm/php-fpm.sock php { 7 | index doku.php 8 | } 9 | 10 | internal /wiki/forbidden 11 | 12 | rewrite /wiki { 13 | r /(data/|conf/|bin/|inc/|install.php) 14 | to /wiki/forbidden 15 | } 16 | rewrite /wiki/_media { 17 | r (.*) 18 | to /wiki/lib/exe/fetch.php?media={1} 19 | } 20 | rewrite /wiki/_detail { 21 | r (.*) 22 | to /wiki/lib/exe/detail.php?media={1} 23 | } 24 | rewrite /wiki/_export { 25 | r /([^/]+)/(.*) 26 | to /wiki/doku.php?do=export_{1}&id={2} 27 | } 28 | rewrite /wiki { 29 | if {path} not_match /lib/.* 30 | if {path} not_match /forbidden 31 | r /(.*) 32 | to {uri} /wiki/doku.php?id={1}&{query} 33 | } 34 | -------------------------------------------------------------------------------- /dokuwiki/README.md: -------------------------------------------------------------------------------- 1 | # DokuWiki 2 | 3 | This is an example configuration on how to use [Dokuwiki](https://www.dokuwiki.org/) with Caddy. 4 | 5 | * __Caddyfile_root__ - caddy file when the location of dokuwiki is in the root directory 6 | * __Caddyfile_subdir__ - caddy file when the location of dokuwiki is in a subdirectory 7 | 8 | ## Prerequisites 9 | 10 | Dokuwiki has the following [requirements](https://www.dokuwiki.org/requirements/): 11 | 12 | ## Troubleshooting 13 | 14 | -------------------------------------------------------------------------------- /drone/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | gzip { 3 | not /api/ 4 | } 5 | proxy / localhost:8000 { 6 | websocket 7 | transparent 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /drone/README.md: -------------------------------------------------------------------------------- 1 | # Drone 2 | 3 | This is an example configuration on how to use [Drone](https://github.com/drone/drone) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. Drone listens on port `8000`. 8 | 2. You use domain name `example.com`. 9 | 10 | Please be sure to change with your actual values. 11 | -------------------------------------------------------------------------------- /drupal/Caddyfile: -------------------------------------------------------------------------------- 1 | # Change this to your web site URL. 2 | https://localhost:8080 3 | 4 | # Set the document root of the site. 5 | # e.g. /var/www/example.com for UNIX/Mac systems. 6 | root W:\localhost\d7 7 | 8 | # Set the path to the php-fpm process. 9 | fastcgi / 127.0.0.1:9000 php 10 | 11 | # This rewrite is to prevent access to dot files and folders such 12 | # as .htaccess, .git, etc. 13 | rewrite { 14 | if {path} starts_with . 15 | if {path} not_starts_with .well-known 16 | to error/index.html 17 | } 18 | 19 | # This rewrite is to prevent access to raw files with certain extensions. 20 | rewrite { 21 | if {path} match .(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist|engine|inc|info|install|make|module|profile|test|po|sh|sql|theme|tpl|tpl.php|xtmpl|sw|bak|orig|save)$ 22 | to error/index.html 23 | } 24 | status 404 error/index.html 25 | 26 | # Main rewrite to route non-existent files to index.php file. 27 | rewrite { 28 | if {file} not favicon.ico 29 | to {path} {path}/ /index.php?{path}&{query} 30 | } 31 | 32 | # Security-HTTP-Header to reduce exposure to drive-by downloads 33 | # and the risks of clever-named user uploaded content that could be 34 | # treated as a different content-type (e.g. as executable). 35 | header / { 36 | X-Content-Type-Options nosniff 37 | } 38 | 39 | # Compress the transmitted data 40 | gzip 41 | -------------------------------------------------------------------------------- /drupal/README.md: -------------------------------------------------------------------------------- 1 | 2 | Run a Drupal site on Caddy 3 | --------------------------- 4 | Drupal ♥️ Caddy 5 | 6 | Example Caddy configuration file to get started with Caddy and Drupal 7. 7 | There are rewrites to block access module files, SQL files, and several other extensions that should not be accessible via the web server. It also blocks access to dot files. 8 | 9 | You will need to change the site URL, root, and php-fpm information for this to work. 10 | 11 | -------------------------------------------------------------------------------- /flask-fcgi/Caddyfile: -------------------------------------------------------------------------------- 1 | localhost:9000 2 | fastcgi / unix:hello-world.sock 3 | -------------------------------------------------------------------------------- /flask-fcgi/README.md: -------------------------------------------------------------------------------- 1 | 2 | Run a Flask site on Caddy using FastCGI adapter 3 | --------------------------- 4 | Flask ♥️ Caddy 5 | 6 | Example Caddy configuration file to get started with Caddy and Flask via the FastCGI directive. 7 | 8 | ## How to run 9 | 10 | 1. Install the requirements: 11 | 12 | ``` 13 | pip3 install -r requirements.txt 14 | ``` 15 | 16 | 2. Run the minimal Flask server 17 | 18 | ``` 19 | python3 app.py 20 | ``` 21 | 22 | 3. Navigate to localhost:9000 for a greeting! 23 | -------------------------------------------------------------------------------- /flask-fcgi/app.py: -------------------------------------------------------------------------------- 1 | import sys 2 | import os 3 | import logging 4 | import traceback 5 | 6 | from flup.server.fcgi import WSGIServer 7 | from flask import Flask 8 | app = Flask(__name__) 9 | 10 | @app.route('/') 11 | def hello_world(): 12 | return 'Hello, World!' 13 | 14 | def main(app): 15 | try: 16 | WSGIServer(app, bindAddress='./hello-world.sock', umask=0000).run() 17 | except (KeyboardInterrupt, SystemExit, SystemError): 18 | logging.info("Shutdown requested...exiting") 19 | except Exception: 20 | traceback.print_exc(file=sys.stdout) 21 | 22 | 23 | if __name__ == '__main__': 24 | main(app) 25 | -------------------------------------------------------------------------------- /flask-fcgi/requirements.txt: -------------------------------------------------------------------------------- 1 | Flask==1.0.2 2 | flup-py3==1.0.3 3 | -------------------------------------------------------------------------------- /flask/Caddyfile: -------------------------------------------------------------------------------- 1 | domain.tld { 2 | root /var/www/project/folder 3 | proxy / localhost:8000 { 4 | transparent 5 | } 6 | } 7 | -------------------------------------------------------------------------------- /flask/README.md: -------------------------------------------------------------------------------- 1 | # Flask 2 | 3 | This is an example configuration for a Flask project, running with [Gunicorn](http://gunicorn.org/). 4 | At the moment, Caddy doesn't support the uwsgi protocol, however check [this issue](https://github.com/mholt/caddy/issues/176) for updates. Presently the best option is to proxy the requests to the app server. 5 | 6 | 1. Install Gunicorn in your app environment: 7 | 8 | `pip install gunicorn` 9 | 10 | 2. Launch Gunicorn: 11 | 12 | `gunicorn -b "127.0.0.1:8000" MODULE_NAME:app` 13 | 14 | Usually, you will have your Gunicorn script on a supervisor, or 15 | something else 16 | 17 | 3. Proxy requests from Caddy to Gunicorn. 18 | -------------------------------------------------------------------------------- /friendica/Caddyfile: -------------------------------------------------------------------------------- 1 | server_name { 2 | root /home/friendica/public 3 | log /home/friendica/log/access.log 4 | errors /home/friendica/log/errors.log 5 | 6 | fastcgi / 127.0.0.1:2000 php { 7 | env PATH /bin 8 | } 9 | 10 | rewrite { 11 | r .* 12 | to /{uri} /index.php?q={path}&{query} 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /friendica/README.md: -------------------------------------------------------------------------------- 1 | # Friendica 2 | 3 | This Caddyfile is tested to be working with Friendica 3.5.2. 4 | 5 | It also should work with Friendica 3.x versions and **maybe** lower. 6 | 7 | ## Replaceable things 8 | 9 | To get this configuration working you should only replace ``server_name`` 10 | in the beginning of Caddyfile, path (or IP) to PHP socket and root/*_log 11 | parameters. 12 | 13 | For FastCGI it is recommended to use network socket instead of 14 | filesystem one, PHP can be unpredictable about filesystem socket. 15 | See [documentation](https://caddyserver.com/docs/fastcgi) on how to 16 | specify FastCGI socket. 17 | -------------------------------------------------------------------------------- /ghost/Caddyfile: -------------------------------------------------------------------------------- 1 | www.mycoolghostblog.com { 2 | gzip 3 | proxy / localhost:2368 { 4 | transparent 5 | } 6 | } -------------------------------------------------------------------------------- /ghost/README.md: -------------------------------------------------------------------------------- 1 | # Ghost 2 | 3 | This is an example configuration on how to use [Ghost](https://ghost.org/) with Caddy. 4 | 5 | ## Prerequisites 6 | 7 | The [officially recommended stack](https://docs.ghost.org/v1.0.0/docs/hosting#section-recommended-stack) for Ghost is: 8 | - Ubuntu 16.04 9 | - MySQL 10 | - Systemd 11 | - Node v6 installed via NodeSource 12 | 13 | Every step in the installation bellow must be run as a non-root, sudoer user. 14 | 15 | On Ubuntu, we can install the required dependencies using the following commands: 16 | ```` 17 | sudo apt-get update 18 | sudo apt-get upgrade 19 | sudo apt-get install nginx 20 | sudo apt-get install mysql-server 21 | ```` 22 | 23 | The Ghost-CLI requires to set a root password for MySQL. Failling to do so will result in a [ER_NOT_SUPPORTED_AUTH_MODE](https://docs.ghost.org/docs/troubleshooting#section-error-with-mysql-er_not_supported_auth_mode) error. 24 | 25 | Running the hardening setup is the easiest way to install (and secure) MySQL: 26 | ```` 27 | sudo mysql_secure_installation 28 | ```` 29 | 30 | Next, we need to add the NodeSource APT repository for Node 6: 31 | ```` 32 | curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash 33 | ```` 34 | 35 | And install Node.js: 36 | ```` 37 | sudo apt-get install -y nodejs 38 | ```` 39 | 40 | Note that Node.js must be installed **system wide**. NVM is *not* recommended because it often result in a **local** installation of node, which doesn't work well (if at all) with Ghost. 41 | 42 | ## Install Ghost-CLI 43 | 44 | Ghost comes with a very handy CLI that we can install with the following command: 45 | ```` 46 | sudo npm i -g ghost-cli 47 | ```` 48 | 49 | You can check that the installation went through by typing `ghost help`. 50 | 51 | ## Install Ghost via the CLI 52 | 53 | Thanks to the Ghost-CLI, installing Ghost is just a three steps actions: 54 | 1. Create the folder for your site 55 | 2. Change permission 56 | 3. Install Ghost 57 | 58 | Let's create a new folder: 59 | ```` 60 | sudo mkdir -p /var/www/ghost 61 | ```` 62 | 63 | Be sure to own the directory and set the correct permissions: 64 | ```` 65 | sudo chown [user]:[user] /var/www/ghost 66 | sudo chmod 775 /var/www/ghost 67 | ```` 68 | 69 | (Replace [user] with your non-root, sudoer user name.) 70 | 71 | Then, navigate to the folder and install Ghost: 72 | ```` 73 | cd /var/www/ghost 74 | ghost install 75 | ```` 76 | 77 | Ghost will ask you [a series of questions](https://docs.ghost.org/docs/cli-install#section-prompts). For most of them, you can press enter to use default. Prompts that require your attention are detailled bellow. 78 | 1. Enter your blog Url: 79 | 2. Enter your MySQL hostname [localhost]: 80 | 3. Enter your MySQL username: 81 | * If you have not setup a MySQL user for Ghost, use `root`. Ghost-CLI will setup a MySQL user for Ghost later. 82 | 4. Enter your MySQL password: [hidden] 83 | 5. Ghost database name: 84 | 6. Do you wish to set up a ghost MySQL user? 85 | * Yes (y), this is recommended and Ghost-CLI takes care of the setup for you. 86 | 7. Do you wish to set up nginx? 87 | * No (n), we want to use Caddy, don't we? 88 | 8. Do you wish to set up ssl? 89 | * No (n), Caddy will take care of that. 90 | 10. Do you wish to set up systemd? 91 | 11. Do you want to start Ghost? 92 | 93 | Boom! Ghost is ready! Now we need to edit our Caddyfile. Use the one provided in this example for guidance. 94 | 95 | Updating Ghost is really easy: just run `ghost update` in your Ghost folder. 96 | 97 | ## Troubleshooting 98 | 99 | If for one reason or another, the installation stopped midway, you can use the command `ghost setup` to resume. 100 | 101 | If you don't know what seems to be the problem, running `ghost doctor` will make Ghost-CLI run tests to identify problems in your installation. With the error code, take a look at the [troubleshooting page](https://docs.ghost.org/v1.0.0/docs/troubleshooting) of Ghost official documentation. 102 | 103 | For fatal error, you will probably need to wipe out the folder (not just what's inside but the whole folder) and start again at the folder creation. 104 | 105 | Sometimes you will need to manually setup systemd. Run the following command to do so: 106 | ```` 107 | ghost setup systemd 108 | ```` 109 | 110 | Another common mistake is to mess up the file permission. As a non-root, sudoer user, run the following command to get back on track: 111 | ```` 112 | sudo find /var/www/ghost/* -type d -exec chmod 775 {} \; 113 | sudo find /var/www/ghost/* -type f -exec chmod 664 {} \; 114 | ```` 115 | 116 | For other troubleshooting, please refer to the well-documented, easy to understand [official Ghost Docs](https://docs.ghost.org/docs). -------------------------------------------------------------------------------- /gitea/Caddyfile: -------------------------------------------------------------------------------- 1 | mygitea.com { 2 | proxy / localhost:3000 3 | } 4 | -------------------------------------------------------------------------------- /gitea/README.md: -------------------------------------------------------------------------------- 1 | # Gitea 2 | 3 | This is an example configuration on how to use [Gitea](https://gitea.io) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. Gitea listens on port `3000`. 8 | 2. You use domain name `mygitea.com`. 9 | 10 | Please be sure to change with your actual values. 11 | -------------------------------------------------------------------------------- /gitlab/Caddyfile: -------------------------------------------------------------------------------- 1 | https://gitlab.example.com { 2 | log git.access.log 3 | errors git.errors.log { 4 | 404 /opt/gitlab/embedded/service/gitlab-rails/public/404.html 5 | 422 /opt/gitlab/embedded/service/gitlab-rails/public/422.html 6 | 500 /opt/gitlab/embedded/service/gitlab-rails/public/500.html 7 | 502 /opt/gitlab/embedded/service/gitlab-rails/public/502.html 8 | } 9 | 10 | proxy / http://127.0.0.1:8181 { 11 | fail_timeout 300s 12 | transparent 13 | header_upstream X-Forwarded-Ssl on 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /gitlab/Caddyfile-socket: -------------------------------------------------------------------------------- 1 | https://gitlab.domain.tld { 2 | 3 | errors { 4 | 404 /opt/gitlab/embedded/service/gitlab-rails/public/404.html 5 | 422 /opt/gitlab/embedded/service/gitlab-rails/public/422.html 6 | 500 /opt/gitlab/embedded/service/gitlab-rails/public/500.html 7 | 502 /opt/gitlab/embedded/service/gitlab-rails/public/502.html 8 | } 9 | 10 | proxy / unix:/home/git/gitlab/tmp/sockets/gitlab.socket { 11 | fail_timeout 300s 12 | 13 | transparent 14 | } 15 | } 16 | -------------------------------------------------------------------------------- /gitlab/README.md: -------------------------------------------------------------------------------- 1 | # GitLab 2 | 3 | This is an example configuration of how to use [GitLab](https://gitlab.com) with caddy. 4 | 5 | ### Updating GitLab Configuration 6 | 7 | Open `/etc/gitlab/gitlab.rb` using your favourite text editor and update the following values. 8 | 9 | * Change `external_url` to the https protocol 10 | * Change `gitlab_workhorse['listen_network']` from `"unix"` to `"tcp"` 11 | * Change `gitlab_workhorse['listen_addr']` from `"000"` to `"127.0.0.1:8181"` 12 | * Add whatever user caddy runs under to `web_server['external_users']` unless root 13 | * Change `nginx['enable'] = "true"` to `nginx['enable'] = "false"` 14 | * Save and exit the configuration file and run `gitlab-ctl reconfigure` to update gitlabs configuration 15 | 16 | ### Updating the Caddyfile 17 | 18 | Simply change gitlab.example.com to point to your FQDN. 19 | -------------------------------------------------------------------------------- /gnusocial/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com www.example.com 2 | 3 | # Your fastcgi for php-fpm will be different if you are listening on a socket 4 | # or port. Here Are examples for both methods. 5 | # Uncomment the one you need. 6 | # fastcgi / 127.0.0.1:9000 php 7 | # fastcgi / /var/run/php-fpm/php-fpm.sock php 8 | 9 | rewrite { 10 | to {path} {path}/ /index.php?p={path} 11 | } 12 | 13 | root /var/www/html/gnusocial 14 | -------------------------------------------------------------------------------- /gnusocial/README.md: -------------------------------------------------------------------------------- 1 | ## GNU Social 2 | 3 | This Caddyfile should work with any branch of [GNU Social][gs]. For prerequisites and installation information, see the included README file. 4 | 5 | To get the latest version, enter the following where you want your [gs][GNU Social] installation located: 6 | git clone https://git.gnu.io/gnu/gnu-social.git 7 | If you are feeling adventurous, you can obtain the bleeding edge version with: 8 | 9 | git checkout nightly 10 | 11 | while in your gnusocial directory. 12 | 13 | [gs]: https://git.gnu.io/gnu/gnu-social 14 | -------------------------------------------------------------------------------- /gogs/Caddyfile: -------------------------------------------------------------------------------- 1 | mygogs.com { 2 | proxy / localhost:3000 { 3 | except /css /fonts /js /img 4 | } 5 | root /home/git/gogs/public 6 | } 7 | -------------------------------------------------------------------------------- /gogs/README.md: -------------------------------------------------------------------------------- 1 | # Gogs 2 | 3 | This is an example configuration on how to use [Gogs](https://gogs.io) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. You install Gogs under user `git` with home directory `/home/git`. 8 | 2. The Gogs installation path is `/home/git/gogs`. 9 | 3. Gogs listens on port `3000`. 10 | 4. You use domain name `mygogs.com`. 11 | 12 | Please be sure to change with your actual values. 13 | -------------------------------------------------------------------------------- /grav/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | root /path/to/site 3 | fastcgi / 127.0.0.1:9000 php 4 | 5 | status 403 /forbidden 6 | 7 | # Begin - Security 8 | # deny all direct access for these folders 9 | rewrite { 10 | if {path} match /(.git|cache|bin|logs|backups|tests)/.*$ 11 | to /forbidden 12 | } 13 | # deny running scripts inside core system folders 14 | rewrite { 15 | if {path} match /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ 16 | to /forbidden 17 | } 18 | # deny running scripts inside user folder 19 | rewrite { 20 | if {path} match /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ 21 | to /forbidden 22 | } 23 | # deny access to specific files in the root folder 24 | rewrite { 25 | if {path} match /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) 26 | to /forbidden 27 | } 28 | ## End - Security 29 | 30 | # global rewrite should come last. 31 | rewrite { 32 | to {path} {path}/ /index.php?_url={uri} 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /grav/readme.md: -------------------------------------------------------------------------------- 1 | Run a Grav site on Caddy 2 | --------- 3 | 4 | It is only neccesary to redirect all requests to index.php. 5 | -------------------------------------------------------------------------------- /headphones/Caddyfile: -------------------------------------------------------------------------------- 1 | myheadphones.com { 2 | proxy / localhost:8181 { 3 | transparent 4 | } 5 | } -------------------------------------------------------------------------------- /headphones/README.md: -------------------------------------------------------------------------------- 1 | # Headphones 2 | 3 | This is an example configuration on how to use [Headphones](https://github.com/rembo10/headphones) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. Headphones listens on port `8181`. 8 | 2. You use domain name `myheadphones.com`. 9 | 3. The Headphones http host under Settings -> Web Interface -> HTTP Host is set to `0.0.0.0` 10 | 11 | Please be sure to change with your actual values. 12 | -------------------------------------------------------------------------------- /hhvm/Caddyfile: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | fastcgi / unix:/var/run/hhvm/sock php 3 | -------------------------------------------------------------------------------- /hhvm/README.md: -------------------------------------------------------------------------------- 1 | # HHVM & Caddy # 2 | 3 | HHVM is an open-source virtual machine designed for executing programs written 4 | in Hack and PHP. HHVM uses a just-in-time (JIT) compilation approach to achieve 5 | superior performance while maintaining the development flexibility that PHP 6 | provides. 7 | 8 | This document is a step-by-step instructions to install [HHVM](http://hhvm.com/) 9 | and make it work with Caddy 10 | 11 | ## HHVM installation ## 12 | 13 | (Based on [this](https://www.digitalocean.com/community/tutorials/how-to-install-hhvm-with-nginx-on-ubuntu-14-04) article from DigitalOcean) 14 | 15 | ### Ubuntu 14.04 ### 16 | 17 | First of all, lets add an official repository with HHVM, these three commands will 18 | import the required GnuPG public keys, add the repository to the system and update 19 | the list of available packages to install. 20 | 21 | ``` 22 | sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0x5a16e7281be7a449 23 | sudo add-apt-repository "deb http://dl.hhvm.com/ubuntu $(lsb_release -sc) main" 24 | sudo apt-get update 25 | ``` 26 | 27 | After this, we will be able to install HHVM with this command: 28 | 29 | ``` 30 | sudo apt-get install hhvm 31 | ``` 32 | 33 | Then, to make it run when the system reboots, use this command: 34 | 35 | ``` 36 | sudo update-rc.d hhvm defaults 37 | ``` 38 | 39 | ## HHVM configuration ## 40 | 41 | Now we have HHVM running by default on localhost:9000, but we want it to run 42 | in an UNIX socket, because the performance is better this way. We can do it 43 | because we're running HHVM and Caddy in the same machine. 44 | 45 | Let's edit the HHVM configuration file with any text editor (nano for example): 46 | 47 | ``` 48 | sudo nano /etc/hhvm/server.ini 49 | ``` 50 | 51 | We'll see a line with `hhvm.server.port = 9000`, we must change this line with 52 | `hhvm.server.file_socket = /var/run/hhvm/sock`, so the configuration file should 53 | be something like this: 54 | 55 | ``` 56 | ; php options 57 | 58 | pid = /var/run/hhvm/pid 59 | 60 | ; hhvm specific 61 | 62 | hhvm.server.file_socket = /var/run/hhvm/sock 63 | hhvm.server.type = fastcgi 64 | hhvm.server.default_document = index.php 65 | hhvm.log.use_log_file = true 66 | hhvm.log.file = /var/log/hhvm/error.log 67 | hhvm.repo.central.path = /var/run/hhvm/hhvm.hhbc 68 | ``` 69 | 70 | After editing the file, restart HHVM: 71 | 72 | ``` 73 | sudo /etc/init.d/hhvm restart 74 | ``` 75 | 76 | And now we have HHVM working on an UNIX socket. 77 | 78 | ## Caddy configuration ## 79 | 80 | Let's create a typical Caddyfile for a webpage using PHP, something like this: 81 | 82 | ``` 83 | localhost:8080 84 | fastcgi / unix:/var/run/hhvm/sock php 85 | ``` 86 | 87 | And with this Caddyfile (in the same folder) create a file called `index.php` 88 | with this content: 89 | 90 | ```php 91 | 92 | ``` 93 | 94 | Run caddy in the folder, open `localhost:8080` in the web browser, and if 95 | you see something like this, you have HHVM running with Caddy. 96 | 97 | ![HHVM Working](http://i.imgur.com/E2MZVVL.png) 98 | 99 | # FAQ # 100 | 101 | #### I get a 'Bad Gateway' error #### 102 | Try running Caddy with sudo: `sudo caddy`. If the problem gets solved, probably 103 | it's because you are using a user without permission to access the HHVM socket, 104 | which by default is owned by www-data user/group, you can fix this using root 105 | user, running caddy with user www-data, or adding your user to the www-data 106 | group using this command: 107 | 108 | ``` 109 | sudo usermod -a -G www-data youruser 110 | ``` 111 | To see the changes of this command, you need to logout and login again. After 112 | that you should be able to run Caddy and access the HHVM socket without sudo. 113 | 114 | #### Just installed a CMS to use with HHVM and Caddy, but the page keeps loading forever #### 115 | If the page loads nicely when using just one or two .php files, maybe the 116 | problem is that HHVM is taking too much time to return a response. HHVM's JIT 117 | compilation can take some time to process all the PHP files that will receive 118 | from a CMS like Wordpress/Joomla/Drupal/etc. Keep reloading until the page 119 | finally loads, be patient. 120 | 121 | #### I get any other error and don't know why #### 122 | Remember to add an error log output file to your Caddyfile using the errors 123 | directive, this way you can check what exactly happened. 124 | 125 | ``` 126 | localhost:8080 127 | fastcgi / unix:/var/run/hhvm/sock php 128 | errors errors.log 129 | ``` 130 | 131 | If the file isn't updated with new errors, the error should be in the HHVM side, 132 | so, check the HHVM error log, which by default is in `/var/log/hhvm/error.log` 133 | -------------------------------------------------------------------------------- /hhvm/index.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /httpsproxy/Caddyfile: -------------------------------------------------------------------------------- 1 | mysite.example.com 2 | proxy / mysite.example.com:3333 3 | -------------------------------------------------------------------------------- /httpsproxy/readme.md: -------------------------------------------------------------------------------- 1 | Add HTTPS to an existing website 2 | ------------------------ 3 | 4 | Setting up a very simple proxy to serve your existing site over **HTTPS** without changing your existing installation 5 | *(other than the port its served on)*. 6 | 7 | The Caddyfile shows how you can use caddy to listen on ports 80 & 443 and sit in front of another webserver such as apache which is serving on a different port (3333 in this case; see Caddyfile). 8 | -------------------------------------------------------------------------------- /isso/README.md: -------------------------------------------------------------------------------- 1 | # Isso 2 | 3 | Assuming that you have [Isso](https://posativ.org/isso/) running on `127.0.0.1:8080` and want to host it on the same domain as your website. 4 | 5 | Add this lines to your sites Caddyfile: 6 | 7 | ``` 8 | # Isso Comments 9 | proxy /isso 127.0.0.1:8080 { 10 | without /isso 11 | transparent 12 | header_upstream X-Script-Name /isso 13 | } 14 | ``` 15 | -------------------------------------------------------------------------------- /jira/Caddyfile: -------------------------------------------------------------------------------- 1 | jira.hostname.tls { 2 | proxy / yourip:8080 { 3 | websocket 4 | transparent 5 | } 6 | } -------------------------------------------------------------------------------- /jira/Readme.md: -------------------------------------------------------------------------------- 1 | # Jira 2 | 3 | 1. Have an installed and configured Jira Application (Default HTTP-Port is 8080) 4 | 2. Read [this](https://confluence.atlassian.com/adminjiraserver071/integrating-jira-with-apache-using-ssl-802593043.html) carefully and only follow Step 1 and Step 3 (Step 2 is Apache specific) 5 | 3. Edit the Caddyfile to fit your hostname (host.yourdomain.tld) 6 | 4. Simply start Caddy with the Caddyfile 7 | -------------------------------------------------------------------------------- /jupyter/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com 2 | 3 | proxy / localhost:8888 { 4 | transparent 5 | websocket 6 | } 7 | -------------------------------------------------------------------------------- /jupyter/Readme.md: -------------------------------------------------------------------------------- 1 | # Jupyter 2 | 3 | This is an example Caddyfile configuration for Jupyter notebooks running on port 8888. 4 | -------------------------------------------------------------------------------- /kanboard/Caddyfile: -------------------------------------------------------------------------------- 1 | host.yourdomain.tld { 2 | root /var/www/html/kanboard 3 | fastcgi / unix:/run/php/php7.0-fpm.sock php 4 | } 5 | -------------------------------------------------------------------------------- /kanboard/README.md: -------------------------------------------------------------------------------- 1 | # Kanboard 2 | 3 | 1. Get Kanboard from https://github.com/kanboard/kanboard and follow the installation instructions using the defaults. 4 | 2. Stop any possible Webserver running on port 80, 443 5 | 3. Edit the Caddyfile to fit your hostname (host.yourdomain.tld) 6 | 4. Simply start Caddy with the Caddyfile 7 | -------------------------------------------------------------------------------- /kirby/Caddyfile_root: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | root 3 | gzip 4 | 5 | internal /forbidden 6 | 7 | # block content 8 | rewrite /content { 9 | r /(.*).(txt|md|mdown) 10 | to /error 11 | } 12 | 13 | # block all files in the site folder from being accessed directly 14 | rewrite /site { 15 | to /error 16 | } 17 | 18 | # block all files in the kirby folder 19 | rewrite /kirby { 20 | to /error 21 | } 22 | 23 | # site links 24 | rewrite { 25 | if {path} not_match /panel/.* 26 | to {uri} /index.php?{path}&{query} 27 | } 28 | 29 | # panel links 30 | rewrite /panel { 31 | if {path} not_match /panel/assets/.* 32 | to {uri} /panel/index.php?{path}&{query} 33 | } 34 | 35 | # deny access to .htaccess files 36 | rewrite { 37 | r /\.ht 38 | to /forbidden 39 | } 40 | 41 | fastcgi / /var/run/php-fpm/php-fpm.sock php -------------------------------------------------------------------------------- /kirby/Caddyfile_subdir: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | root 3 | gzip 4 | 5 | # Subdirectory of kirby is "kirby-test" in this example 6 | 7 | internal /kirby-test/forbidden 8 | 9 | # block content 10 | rewrite /kirby-test/content { 11 | r /(.*).(txt|md|mdown) 12 | to /kirby-test/error 13 | } 14 | 15 | # block all files in the site folder from being accessed directly 16 | rewrite /kirby-test/site { 17 | to /kirby-test/error 18 | } 19 | 20 | # block all files in the kirby folder 21 | rewrite /kirby-test/kirby { 22 | to /kirby-test/error 23 | } 24 | 25 | # site links 26 | rewrite /kirby-test { 27 | if {path} not_match /panel/.* 28 | to {uri} /kirby-test/index.php?{path}&{query} 29 | } 30 | 31 | # panel links 32 | rewrite /kirby-test/panel { 33 | if {path} not_match /panel/assets/.* 34 | to {uri} /kirby-test/panel/index.php?{path}&{query} 35 | } 36 | 37 | # deny access to .htaccess files 38 | rewrite { 39 | r /\.ht 40 | to /kirby-test/forbidden 41 | } 42 | 43 | fastcgi /kirby-test/ /var/run/php-fpm/php-fpm.sock php -------------------------------------------------------------------------------- /kirby/README.md: -------------------------------------------------------------------------------- 1 | # Kirby 2 | 3 | This is an example configuration on how to use [Kirby](https://getkirby.com/) with Caddy. 4 | 5 | Caddyfile_root - caddy file when the location of kirby is in the root directory 6 | Caddyfile_subdir - caddy file when the location of kirby is in a subdirectory 7 | 8 | ## Prerequisites 9 | 10 | Kirby has the following [requirements](https://getkirby.com/docs/installation/download/): 11 | 12 | ## Troubleshooting 13 | 14 | -------------------------------------------------------------------------------- /laravel/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | root ./public 3 | fastcgi / 127.0.0.1:9000 php 4 | rewrite { 5 | to {path} {path}/ /index.php?{query} 6 | } 7 | } 8 | -------------------------------------------------------------------------------- /lumen/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com 2 | 3 | #rewrite all for files and directories that do not exist to index.php 4 | rewrite { 5 | to {path} {path}/ /index.php 6 | } 7 | 8 | fastcgi / 127.0.0.1:9876 php 9 | root "C:\path\tolumen\public" 10 | -------------------------------------------------------------------------------- /lumen/readme.md: -------------------------------------------------------------------------------- 1 | Run a Lumen site on Caddy 2 | --------- 3 | 4 | It is simply neccesary to redirect all requests for files that do not exist to index.php 5 | -------------------------------------------------------------------------------- /markdown/Caddyfile: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | 3 | markdown / { 4 | template blog templates/blog.html 5 | template index templates/index.html 6 | } 7 | -------------------------------------------------------------------------------- /markdown/README.md: -------------------------------------------------------------------------------- 1 | # A simple blog using the markdown feature 2 | 3 | This is an example on how to use the [markdown](https://caddyserver.com/docs/markdown) feature of Caddy: 4 | 5 | > markdown serves Markdown files as HTML pages on demand 6 | 7 | ### Caddyfile 8 | 9 | In our *Caddyfile*, we're using the *markdown* directive with the basepath set to `/`. This instructs Caddy to look for `*.md` files in our root directory for every new request. 10 | 11 | Inside the markdown block, we define the custom templates we want to use. The syntax for this is `template name path`. Our templates are stored in the *templates* directory. 12 | 13 | ### Markdown files 14 | 15 | Each Markdown file starts with some Metadata, called *Front Matter*. In this metadata, we define which template to use, the title of the document and the name of our site. 16 | 17 | The file `index.md` has a special role as it holds no content, but acts as the landing page of our blog. Caddy will look for index files if there is no filename present in the URL. 18 | 19 | ## Running Caddy 20 | 21 | To start Caddy with this example, simply execute `caddy` from this folder. 22 | -------------------------------------------------------------------------------- /markdown/hello-world.md: -------------------------------------------------------------------------------- 1 | --- 2 | template: blog 3 | title: Hello World 4 | sitename: A Caddy site 5 | --- 6 | Lorem ipsum dolor sit amet, consectetur adipiscing elit. Donec a diam lectus. Sed sit amet ipsum mauris. Maecenas congue ligula ac quam viverra nec consectetur ante hendrerit. Donec et mollis dolor. Praesent et diam eget libero egestas mattis sit amet vitae augue. Nam tincidunt congue enim, ut porta lorem lacinia consectetur. Donec ut libero sed arcu vehicula ultricies a non tortor. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean ut gravida lorem. Ut turpis felis, pulvinar a semper sed, adipiscing id dolor. Pellentesque auctor nisi id magna consequat sagittis. Curabitur dapibus enim sit amet elit pharetra tincidunt feugiat nisl imperdiet. Ut convallis libero in urna ultrices accumsan. Donec sed odio eros. Donec viverra mi quis quam pulvinar at malesuada arcu rhoncus. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. In rutrum accumsan ultricies. Mauris vitae nisi at sem facilisis semper ac in est. 7 | 8 | Vivamus fermentum semper porta. Nunc diam velit, adipiscing ut tristique vitae, sagittis vel odio. Maecenas convallis ullamcorper ultricies. Curabitur ornare, ligula semper consectetur sagittis, nisi diam iaculis velit, id fringilla sem nunc vel mi. Nam dictum, odio nec pretium volutpat, arcu ante placerat erat, non tristique elit urna et turpis. Quisque mi metus, ornare sit amet fermentum et, tincidunt et orci. Fusce eget orci a orci congue vestibulum. Ut dolor diam, elementum et vestibulum eu, porttitor vel elit. Curabitur venenatis pulvinar tellus gravida ornare. Sed et erat faucibus nunc euismod ultricies ut id justo. Nullam cursus suscipit nisi, et ultrices justo sodales nec. Fusce venenatis facilisis lectus ac semper. Aliquam at massa ipsum. Quisque bibendum purus convallis nulla ultrices ultricies. Nullam aliquam, mi eu aliquam tincidunt, purus velit laoreet tortor, viverra pretium nisi quam vitae mi. Fusce vel volutpat elit. Nam sagittis nisi dui. 9 | 10 | Suspendisse lectus leo, consectetur in tempor sit amet, placerat quis neque. Etiam luctus porttitor lorem, sed suscipit est rutrum non. Curabitur lobortis nisl a enim congue semper. Aenean commodo ultrices imperdiet. Vestibulum ut justo vel sapien venenatis tincidunt. Phasellus eget dolor sit amet ipsum dapibus condimentum vitae quis lectus. Aliquam ut massa in turpis dapibus convallis. Praesent elit lacus, vestibulum at malesuada et, ornare et est. Ut augue nunc, sodales ut euismod non, adipiscing vitae orci. Mauris ut placerat justo. Mauris in ultricies enim. Quisque nec est eleifend nulla ultrices egestas quis ut quam. Donec sollicitudin lectus a mauris pulvinar id aliquam urna cursus. Cras quis ligula sem, vel elementum mi. Phasellus non ullamcorper urna. 11 | -------------------------------------------------------------------------------- /markdown/index.md: -------------------------------------------------------------------------------- 1 | --- 2 | template: index 3 | title: Index 4 | sitename: A Caddy site 5 | --- 6 | -------------------------------------------------------------------------------- /markdown/styles/main.css: -------------------------------------------------------------------------------- 1 | /* 2 | * What follows is the result of much research on cross-browser styling. 3 | * Credit left inline and big thanks to Nicolas Gallagher, Jonathan Neal, 4 | * Kroc Camen, and the H5BP dev community and team. 5 | */ 6 | 7 | /* ========================================================================== 8 | Base styles: opinionated defaults 9 | ========================================================================== */ 10 | 11 | html { 12 | color: #222; 13 | font-size: 1em; 14 | line-height: 1.4; 15 | } 16 | 17 | /* 18 | * Remove text-shadow in selection highlight: 19 | * https://twitter.com/miketaylr/status/12228805301 20 | * 21 | * These selection rule sets have to be separate. 22 | * Customize the background color to match your design. 23 | */ 24 | 25 | ::selection { 26 | background: #b3d4fc; 27 | text-shadow: none; 28 | } 29 | 30 | /* 31 | * A better looking default horizontal rule 32 | */ 33 | 34 | hr { 35 | display: block; 36 | height: 1px; 37 | border: 0; 38 | border-top: 1px solid #ccc; 39 | margin: 1em 0; 40 | padding: 0; 41 | } 42 | 43 | /* 44 | * Remove the gap between audio, canvas, iframes, 45 | * images, videos and the bottom of their containers: 46 | * https://github.com/h5bp/html5-boilerplate/issues/440 47 | */ 48 | 49 | audio, 50 | canvas, 51 | iframe, 52 | img, 53 | svg, 54 | video { 55 | vertical-align: middle; 56 | } 57 | 58 | /* ========================================================================== 59 | Author's custom styles 60 | ========================================================================== */ 61 | 62 | html { 63 | font-family: sans-serif; 64 | } 65 | 66 | p { 67 | margin: 0 0 1.75em 0; 68 | } 69 | 70 | article { 71 | position: relative; 72 | width: 80%; 73 | max-width: 710px; 74 | margin: 4rem auto; 75 | word-wrap: break-word; 76 | } 77 | 78 | header { 79 | width: 80%; 80 | max-width: 710px; 81 | margin: 0 auto; 82 | } 83 | 84 | header a { 85 | text-align: center; 86 | text-decoration: none; 87 | } 88 | 89 | /* ========================================================================== 90 | Print styles. 91 | Inlined to avoid the additional HTTP request: 92 | http://www.phpied.com/delay-loading-your-print-css/ 93 | ========================================================================== */ 94 | 95 | @media print { 96 | *, 97 | *:before, 98 | *:after, 99 | *:first-letter, 100 | *:first-line { 101 | background: transparent !important; 102 | color: #000 !important; /* Black prints faster: 103 | http://www.sanbeiji.com/archives/953 */ 104 | box-shadow: none !important; 105 | text-shadow: none !important; 106 | } 107 | 108 | a, 109 | a:visited { 110 | text-decoration: underline; 111 | } 112 | 113 | a[href]:after { 114 | content: " (" attr(href) ")"; 115 | } 116 | 117 | abbr[title]:after { 118 | content: " (" attr(title) ")"; 119 | } 120 | 121 | /* 122 | * Don't show links that are fragment identifiers, 123 | * or use the `javascript:` pseudo protocol 124 | */ 125 | 126 | a[href^="#"]:after, 127 | a[href^="javascript:"]:after { 128 | content: ""; 129 | } 130 | 131 | pre, 132 | blockquote { 133 | border: 1px solid #999; 134 | page-break-inside: avoid; 135 | } 136 | 137 | /* 138 | * Printing Tables: 139 | * http://css-discuss.incutio.com/wiki/Printing_Tables 140 | */ 141 | 142 | thead { 143 | display: table-header-group; 144 | } 145 | 146 | tr, 147 | img { 148 | page-break-inside: avoid; 149 | } 150 | 151 | img { 152 | max-width: 100% !important; 153 | } 154 | 155 | p, 156 | h2, 157 | h3 { 158 | orphans: 3; 159 | widows: 3; 160 | } 161 | 162 | h2, 163 | h3 { 164 | page-break-after: avoid; 165 | } 166 | } 167 | -------------------------------------------------------------------------------- /markdown/templates/blog.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | {{.Doc.title}} 7 | 8 | 9 | 10 | 11 |
12 |

{{.Doc.sitename}}

 13 |
14 | 15 |
16 |

{{.Doc.title}}

17 | {{.Doc.body}} 18 |
19 | 20 | 21 | -------------------------------------------------------------------------------- /markdown/templates/index.html: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | {{.Doc.title}} 7 | 8 | 9 | 10 | 11 |
12 |

{{.Doc.sitename}}

 13 |
14 | 15 |
16 | {{range .Files}} 17 | {{if ne .Name "index.md" }} 18 |
19 |

{{.Name}}

20 | {{if not .IsDir }} 21 | {{.Summarize 15}} 22 | {{end}} 23 |
24 | {{end}} 25 | {{end}} 26 |
27 | 28 | 29 | -------------------------------------------------------------------------------- /minio/Caddyfile: -------------------------------------------------------------------------------- 1 | your.public.com 2 | 3 | proxy / localhost:9000 { 4 | transparent 5 | } 6 | 7 | 8 | -------------------------------------------------------------------------------- /minio/README.md: -------------------------------------------------------------------------------- 1 | # Minio Object storage with Caddy server 2 | 3 | [Minio](https://www.minio.io) is an Open Source object storage. If you want to inherit webserver features like load balancing, IP filtering and monitoring you can use Caddy in front of Minio. 4 | 5 | In this document you will learn on how to set up Caddy server as a proxy in front of Minio. 6 | 7 | #### Prerequisites 8 | 9 | * You have Minio Client installed, if not follow [Minio Client install instructions](https://docs.minio.io/docs/minio-client-quick-start-guide) 10 | * You have a Minio Server configured & running, if not follow [Minio Server install instructions](https://docs.minio.io/docs/minio) 11 | * You have Caddy server installed, if not follow [Getting Started with Caddy](https://caddyserver.com/docs/getting-started) 12 | 13 | #### Start Minio server 14 | 15 | ```sh 16 | $ ./minio --address localhost:9000 server 17 | ``` 18 | 19 | #### Start caddy server 20 | 21 | ```sh 22 | $ ./caddy 23 | Activating privacy features... done. 24 | your.public.com:443 25 | your.public.com:80 26 | ``` 27 | 28 | You'll need to have caddy 0.9 installed for this to work 29 | -------------------------------------------------------------------------------- /monit/Caddyfile: -------------------------------------------------------------------------------- 1 | test.com { 2 | redir 301 { 3 | if {>referer} is https://test.com/monit 4 | if {path} not_has monit/ 5 | / /monit/{path} 6 | } 7 | proxy /monit :8080 { 8 | without /monit 9 | } 10 | } 11 | -------------------------------------------------------------------------------- /monit/README.md: -------------------------------------------------------------------------------- 1 | # Monit 2 | 3 | This is an example configuration on how to use [Monit](https://mmonit.com/monit/) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. monit listens on port `8080`. 8 | 2. You use domain name `test.com`. 9 | 10 | Please be sure to change with your actual values. -------------------------------------------------------------------------------- /nextcloud/Caddyfile: -------------------------------------------------------------------------------- 1 | 2 | my-nextcloud-site.com { 3 | 4 | root /var/www/nextcloud 5 | log /var/log/nextcloud_access.log 6 | errors /var/log/nextcloud_errors.log 7 | 8 | fastcgi / 127.0.0.1:9000 php { 9 | env PATH /bin 10 | env modHeadersAvailable true 11 | env front_controller_active true 12 | connect_timeout 60s 13 | read_timeout 3600s 14 | send_timeout 300s 15 | } 16 | 17 | header / { 18 | Strict-Transport-Security "max-age=15768000;" 19 | X-Content-Type-Options "nosniff" 20 | X-XSS-Protection "1; mode=block" 21 | X-Robots-Tag "none" 22 | X-Download-Options "noopen" 23 | X-Permitted-Cross-Domain-Policies "none" 24 | Referrer-Policy "no-referrer" 25 | } 26 | 27 | header /core/fonts { 28 | Cache-Control "max-age=604800" 29 | } 30 | 31 | # checks for images 32 | rewrite { 33 | ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map 34 | r ^/index.php/.*$ 35 | to /{1} /index.php?{query} 36 | } 37 | 38 | rewrite { 39 | r ^/\.well-known/host-meta$ 40 | to /public.php?service=host-meta&{query} 41 | } 42 | rewrite { 43 | r ^/\.well-known/host-meta\.json$ 44 | to /public.php?service=host-meta-json&{query} 45 | } 46 | rewrite { 47 | r ^/\.well-known/webfinger$ 48 | to /public.php?service=webfinger&{query} 49 | } 50 | 51 | rewrite { 52 | r ^/index.php/.*$ 53 | to /index.php?{query} 54 | } 55 | 56 | rewrite / { 57 | if {path} not_starts_with /remote.php 58 | if {path} not_starts_with /public.php 59 | ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf 60 | r ^/(.*)$ 61 | to /{1} /index.php{uri} 62 | } 63 | 64 | rewrite / { 65 | if {path} not /core/img/favicon.ico 66 | if {path} not /core/img/manifest.json 67 | if {path} not_starts_with /remote.php 68 | if {path} not_starts_with /public.php 69 | if {path} not_starts_with /cron.php 70 | if {path} not_starts_with /core/ajax/update.php 71 | if {path} not_starts_with /status.php 72 | if {path} not_starts_with /ocs/v1.php 73 | if {path} not_starts_with /ocs/v2.php 74 | if {path} not /robots.txt 75 | if {path} not_starts_with /updater/ 76 | if {path} not_starts_with /ocs-provider/ 77 | if {path} not_starts_with /ocm-provider/ 78 | if {path} not_starts_with /.well-known/ 79 | to /index.php{uri} 80 | } 81 | 82 | # client support (e.g. os x calendar / contacts) 83 | redir /.well-known/carddav /remote.php/carddav 301 84 | redir /.well-known/caldav /remote.php/caldav 301 85 | 86 | # remove trailing / as it causes errors with php-fpm 87 | rewrite { 88 | r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$ 89 | to /remote.php/{1} 90 | } 91 | 92 | rewrite { 93 | r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$ 94 | to /remote.php/{1}/{2} 95 | } 96 | 97 | rewrite { 98 | r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$ 99 | to /public.php/{1} 100 | } 101 | 102 | rewrite { 103 | r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$ 104 | to /public.php/{1}/{2} 105 | } 106 | 107 | # .htaccess / data / config / ... shouldn't be accessible from outside 108 | status 404 { 109 | /.htaccess 110 | /data 111 | /config 112 | /db_structure 113 | /.xml 114 | /README 115 | /3rdparty 116 | /lib 117 | /templates 118 | /occ 119 | /console.php 120 | } 121 | 122 | } 123 | -------------------------------------------------------------------------------- /nextcloud/README.md: -------------------------------------------------------------------------------- 1 | # Nextcloud 2 | 3 | This is an example configuration of how to use [Nextcloud](https://nextcloud.com/) with caddy. 4 | 5 | The configuration is based on [this](https://caddyserver.com/blog/caddy_and_owncloud) blog post. 6 | 7 | ## Notes 8 | * PHP-FPM requests are accepted on a TCP sockets instead of a Unix socket for optimal integration with caddy. To achieve this replace `listen = /run/php/php7.0-fpm.soc` to `listen = 127.0.0.1:9000` in `/etc/php/7.0/fpm/pool.d/www.conf` on Ubuntu 14.04. -------------------------------------------------------------------------------- /nextcloud/caddy-reverseproxy-nginx-backend-nextcloud/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com, www.example.com { 2 | gzip { 3 | ext * 4 | level 4 5 | } 6 | proxy / localhost:81 { 7 | transparent 8 | websocket 9 | } 10 | header / { 11 | Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" 12 | X-XSS-Protection "1; mode=block;" 13 | X-Content-Type-Options "nosniff" 14 | X-Frame-Options "SAMEORIGIN" 15 | } 16 | limits { 17 | header 64kb 18 | body 8gb 19 | } 20 | ext .html .htm .php 21 | root /var/www/html 22 | log / /var/logs/caddy/access.log { 23 | rotate_size 10 24 | rotate_age 14 25 | rotate_keep 10 26 | rotate_compress 27 | } 28 | errors /var/logs/caddy/error.log 29 | timeouts { 30 | read 5s 31 | header 5s 32 | write 0 33 | idle 20s 34 | } 35 | } -------------------------------------------------------------------------------- /nextcloud/caddy-reverseproxy-nginx-backend-nextcloud/README.MD: -------------------------------------------------------------------------------- 1 | # Caddy as reverse-proxy for Nextcloud serving nginx as upstream-backend! 2 | 3 | - _Caddyfile:_ Config file for Caddy Web Server 4 | - _nginx.conf:_ Config file for nginx backend server 5 | 6 | ``` 7 | /var/www/html 8 | ├── nextcloud 9 | │   ├── 3rdparty 10 | │   ├── apps 11 | │   ├── config 12 | │   ├── core 13 | │   ├── data 14 | │   ├── lib 15 | │   ├── ocm-provider 16 | │   ├── ocs 17 | │   ├── ocs-provider 18 | │   ├── resources 19 | │   ├── settings 20 | │   ├── themes 21 | │   ├── updater 22 | │ ├── index.php 23 | │ └── ... 24 | ├── index.html 25 | └── info.php 26 | ``` 27 | 28 | These config examples are for the specific case, in that the user wants to put the nextcloud folder, containing all the files, into the root html directory, while still maintaining runability for PHP scripts put directly in the root html folder. 29 | 30 | Have fun! :-) -------------------------------------------------------------------------------- /nextcloud/caddy-reverseproxy-nginx-backend-nextcloud/nginx.conf: -------------------------------------------------------------------------------- 1 | user www-data; 2 | worker_processes 1; 3 | 4 | 5 | events { 6 | worker_connections 8192; 7 | multi_accept on; 8 | use epoll; 9 | } 10 | 11 | 12 | http { 13 | include mime.types; 14 | default_type application/octet-stream; 15 | 16 | sendfile off; 17 | tcp_nopush on; 18 | tcp_nodelay on; 19 | aio threads; 20 | 21 | keepalive_timeout 30; 22 | 23 | gzip on; 24 | gzip_http_version 1.1; 25 | gzip_vary on; 26 | gzip_comp_level 6; 27 | gzip_proxied any; 28 | gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js; 29 | gzip_buffers 16 8k; 30 | gzip_disable "MSIE [1-6]\.(?!.*SV1)"; 31 | 32 | upstream php { 33 | server unix:/run/php/php7.2-fpm.sock; 34 | } 35 | 36 | index index.html index.htm index.php; 37 | 38 | client_max_body_size 8192m; 39 | 40 | client_body_timeout 5s; 41 | client_header_timeout 5s; 42 | 43 | server_tokens off; 44 | 45 | server { 46 | listen 81; 47 | server_name localhost; 48 | 49 | location / { 50 | root /var/www/html; 51 | port_in_redirect off; 52 | location ^~ /nextcloud { 53 | location /nextcloud { 54 | rewrite ^ /nextcloud/index.php$request_uri; 55 | } 56 | location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)/ { 57 | deny all; 58 | } 59 | location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) { 60 | deny all; 61 | } 62 | location ~ ^/nextcloud/(?:index|remote|apps|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) { 63 | fastcgi_split_path_info ^(.+\.php)(/.*)$; 64 | include fastcgi_params; 65 | fastcgi_pass unix:/run/php/php7.2-fpm.sock; 66 | fastcgi_index index.php; 67 | fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name; 68 | fastcgi_param htaccessWorking true; 69 | fastcgi_read_timeout 300; 70 | } 71 | location ~ ^/nextcloud/(?:updater|ocs-provider)(?:$|/) { 72 | try_files $uri $uri/ =404; 73 | index index.php; 74 | } 75 | location ~ \.(?:png|html|ttf|ico|jpg|jpeg|css|js|woff2?|svg|gif)$ { 76 | try_files $uri /nextcloud/index.php$request_uri; 77 | } 78 | } 79 | } 80 | location ~* \.php$ { 81 | fastcgi_split_path_info ^(.+\.php)(/.+)$; 82 | include fastcgi_params; 83 | fastcgi_pass unix:/run/php/php7.2-fpm.sock; 84 | fastcgi_index index.php; 85 | fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name; 86 | fastcgi_param htaccessWorking true; 87 | fastcgi_read_timeout 300; 88 | fastcgi_intercept_errors on; 89 | fastcgi_param modHeadersAvailable true; 90 | fastcgi_param PATH_INFO $fastcgi_path_info; 91 | } 92 | } 93 | } -------------------------------------------------------------------------------- /pasthis/Caddyfile: -------------------------------------------------------------------------------- 1 | # Pasthis Caddy configuration 2 | # Requires no plugins 3 | # - https://caddyserver.com/download/linux/amd64 4 | # - https://caddyserver.com/download/linux/amd64/signature 5 | 6 | https://paste.yourdomain.net { 7 | 8 | fastcgi / unix:/var/run/php5-fpm.sock php 9 | 10 | root /var/www/pasthis 11 | 12 | rewrite / { 13 | regexp ([a-zA-Z0-9]{6}(@raw)?)$ 14 | to /index.php?p={1} 15 | } 16 | 17 | internal pasthis.db 18 | } 19 | -------------------------------------------------------------------------------- /pasthis/README.md: -------------------------------------------------------------------------------- 1 | # Pasthis 2 | 3 | This is an example configuration on how to use [Pasthis](https://github.com/moulecorp/pasthis) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. Pasthis is located in `/var/www/pasthis`, 8 | 2. You use the domain name `paste.yourdomain.net`, 9 | 3. Your email address to be used for Let's Encrypt support is `admin@paste.yourdomain.net`. 10 | 4. PHP-FPM socket is `/var/run/php5-fpm.sock` 11 | 12 | Follow the [additional simple instructions](https://github.com/moulecorp/pasthis/blob/master/README.md) on how to setup, maintain and update Pasthis. 13 | -------------------------------------------------------------------------------- /phabricator/Caddyfile: -------------------------------------------------------------------------------- 1 | https://domain.io { 2 | root /home/user/phabricator/webroot 3 | rewrite { 4 | if {path} is / 5 | to /index.php?__path__=/ 6 | } 7 | rewrite { 8 | to {path} {path}/ /index.php?__path__={path_escaped}&{query} 9 | } 10 | fastcgi / /var/run/php5-fpm.sock php 11 | } 12 | 13 | -------------------------------------------------------------------------------- /phabricator/README.md: -------------------------------------------------------------------------------- 1 | 2 | # Phabricator. 3 | 4 | For installing phabricator follow the guide found on their website: 5 | 6 | https://secure.phabricator.com/book/phabricator/article/installation_guide/ 7 | 8 | You can replace nginx config section with this Caddyfile. 9 | 10 | 11 | -------------------------------------------------------------------------------- /picocms/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | fastcgi / localhost:9000 php { 3 | index index.php 4 | env PICO_URL_REWRITING 1 5 | } 6 | rewrite { 7 | ext .yml .yaml .md .gitignore .svn .lock .json .phar 8 | if {path} match (config/|vendor/|content/) 9 | to /index.php?404 10 | } 11 | rewrite { 12 | to {path} /index.php?{path}&{query} 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /picocms/README.md: -------------------------------------------------------------------------------- 1 | # PicoCMS Caddyfile 2 | 3 | This example meets basic url rewriting for [PicoCMS](https://picocms.org) using PHP-FPM. 4 | 5 | ## Rewrite rules explained 6 | 7 | 1. If the client asks for unwanted files or directories, we send a 404 error response 8 | 2. Rewrite all others 9 | 10 | Note that I've enabled Pico's url rewriting awarness by adding the ENV variable. 11 | -------------------------------------------------------------------------------- /processwire/Caddyfile: -------------------------------------------------------------------------------- 1 | :80 { 2 | # Document root 3 | root /home/httpd/public_html 4 | 5 | # You need php-fpm installed to pass php requests to. 6 | # fastcgi / : php 7 | fastcgi / 127.0.0.1:9000 php 8 | 9 | # Converted htaccess rewrites 10 | internal /forbidden 11 | 12 | rewrite { 13 | r /\. 14 | to /forbidden 15 | } 16 | rewrite { 17 | r /(COPYRIGHT|LICENSE|README|htaccess)\.txt 18 | to /forbidden 19 | } 20 | rewrite { 21 | r ^/site(-[^/]+)?/assets/(.*\.php|backups|cache|config|install|logs|sessions) 22 | to /forbidden 23 | } 24 | rewrite { 25 | r ^/site(-[^/]+)?/install 26 | to /forbidden 27 | } 28 | rewrite { 29 | r ^/(site(-[^/]+)?|wire)/(config(-dev)?|index\.config)\.php 30 | to /forbidden 31 | } 32 | rewrite { 33 | r ^/((site(-[^/]+)?|wire)/modules|wire/core)/.*\.(inc|module|php|tpl) 34 | to /forbidden 35 | } 36 | rewrite { 37 | r ^/(site(-[^/]+)?|wire)/templates(-admin)?/.*\.(inc|html?|php|tpl) 38 | to /forbidden 39 | } 40 | 41 | # Global 42 | rewrite { 43 | to {path} {path}/ /index.php?it={path}&{query} 44 | } 45 | 46 | # Log Files 47 | # Log file path is relative to workdir (/home/httpd/). 48 | log logs/access.log { 49 | rotate { 50 | size 50 51 | age 7 52 | keep 5 53 | } 54 | } 55 | 56 | errors { 57 | log logs/error.log { 58 | size 50 59 | age 7 60 | keep 5 61 | } 62 | } 63 | } -------------------------------------------------------------------------------- /processwire/README.md: -------------------------------------------------------------------------------- 1 | # Processwire 2 | ProcessWire is a free PHP content management system and framework (open source CMS/CMF) built to save you time and work the way you do. Stop trying to bend other open source CMS platforms to your will – ProcessWire provides simpler and stronger control over your pages, fields, templates and markup at any scale. 3 | 4 | This is an example configuration on how to use [Processwire](https://processwire.com) with Caddy. This document is based on the Wordpress guide since both systems share similar requirements. 5 | 6 | ## Help 7 | 8 | If you need help with Caddy and Processwire visit the forums 9 | [Caddy and Processwire](https://processwire.com/talk/topic/11729-caddy-a-lightweight-http2-web-server/) 10 | 11 | ## Prerequisites 12 | 13 | Processwire has the following [requirements](https://processwire.com/docs/tutorials/installation-moving-and-troubleshooting/page2) 14 | 15 | - PHP version 5.3.8 or greater 16 | - MySQL version 5.0.15 or greater 17 | 18 | On Ubuntu Linux, we can install them using the following commands: 19 | 20 | ```` 21 | sudo apt-get update 22 | sudo apt-get install mysql-server php5-mysql php5-fpm 23 | ```` 24 | 25 | During the installation, MySQL will ask you to set a root password. 26 | 27 | To finish the installation, we need to activate MySQL and secure the installation: 28 | 29 | ```` 30 | sudo mysql_install_db 31 | sudo /usr/bin/mysql_secure_installation 32 | ```` 33 | 34 | ## Create Processwire Database 35 | 36 | With all the prerequisites in place, we can go ahead and create a new MySQL database and user for Processwire. 37 | 38 | First, log into the MySQL Shell: 39 | 40 | ```` 41 | mysql -u root -p 42 | ```` 43 | 44 | Now, create the database and user: 45 | 46 | ```` 47 | CREATE DATABASE processwire; 48 | CREATE USER pwuser@localhost; 49 | SET PASSWORD FOR pwuser@localhost= PASSWORD("password"); 50 | GRANT ALL PRIVILEGES ON processwire.* TO pwuser@localhost IDENTIFIED BY 'password'; 51 | FLUSH PRIVILEGES; 52 | exit 53 | ```` 54 | 55 | A couple of things are going on here: 56 | 57 | 1. Create the actual `processwire` database. 58 | 2. Create the user `pwuser`. 59 | 3. Set a password for this user. 60 | 4. Grant all privileges of the `processwire` database to this user. 61 | 5. Reload the new user settings. 62 | 63 | Feel free to name you database or user differently. 64 | 65 | ## Download & install Processwire 66 | 67 | We can get the latest version of Processwire from their official website: 68 | 69 | ```` 70 | curl -SL http://grab.pw > pw.zip && unzip pw.zip && rm pw.zip 71 | 72 | ```` 73 | 74 | Use the Caddyfile in this example and make sure that fastcgi is listening on port 9000 75 | 76 | Now, we can finally run `caddy`. If everything went right, you'll be greeted by Processwire once you visit `http://localhost`. From here on, Processwire will guide you through the rest of the setup. 77 | 78 | ## Troubleshooting 79 | 80 | The most common error you might encounter is `502 Bad Gateway`. In this case, proceed as following: 81 | 82 | - Check `/var/log/php5-fpm.log` for any errors. 83 | - Add `errors visible` to your `Caddyfile` 84 | - Often times, php-fpm doesn't work because of wrong permissions. Check the error logs and change the user in `/etc/php5/fpm/pool.d/www.conf` 85 | - Switching to a Unix socket might help. Change the listen directive in `/etc/php5/fpm/pool.d/www.conf` to `listen = unix:/var/run/php5-fpm.sock` and adjust your `Caddyfile` accordingly. 86 | - If using a unix socket, make sure Caddy has access to the socket file. 87 | 88 | Otherwise, search for guides on how to set up `fastcgi` for Nginx. The configuration for `fastcgi` is identical for Nginx and Caddy, but Nginx has a lot more tutorials online. -------------------------------------------------------------------------------- /radicale/Caddyfile: -------------------------------------------------------------------------------- 1 | https://dav.example.org { 2 | proxy / localhost:5232/ { 3 | transparent 4 | header_upstream X-Script-Name / 5 | # uncomment and adjust the following line if you want to serve radicale>2.0 in a path below "/" 6 | # without /path_below 7 | } 8 | } 9 | -------------------------------------------------------------------------------- /radicale/README.md: -------------------------------------------------------------------------------- 1 | # Radicale 2 | 3 | This is an example configuration on how to use 4 | [Radicale](https://radicale.org/) CalDav and CardDav server with 5 | Caddy. 6 | 7 | This example assumes that Radicale is running locally and is listening 8 | on port 5232 which is the default. The example also assumes that 9 | Radicale will be available directly at https://dav.example.org/. 10 | 11 | ## Other use-cases 12 | 13 | If you want Radicale to be served at a path below `/`, you need to 14 | adjust the [`X-Script-Name`](https://radicale.org/proxy/) header in 15 | the [CaddyFile](./Caddyfile) and since radicale V2.0 you need to 16 | adjust the `without` rule as well. 17 | -------------------------------------------------------------------------------- /rails/Caddyfile: -------------------------------------------------------------------------------- 1 | https://domain.tld { 2 | root /path/to/current/public 3 | 4 | # https://caddyserver.com/docs/proxy 5 | proxy / unix:///path/to/shared/tmp/sockets/puma.sock { 6 | except /assets # this is /public/assets directory 7 | transparent 8 | } 9 | } 10 | -------------------------------------------------------------------------------- /rails/README.md: -------------------------------------------------------------------------------- 1 | # Ruby on Rails 2 | 3 | This is an example `Caddyfile` for a default rails project which ships with [puma](http://puma.io/). 4 | 5 | -------------------------------------------------------------------------------- /seafile/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | proxy / localhost:8000 { 3 | transparent 4 | } 5 | gzip 6 | } 7 | example.com/seafhttp { 8 | proxy / localhost:8082 { 9 | without /seafhttp 10 | transparent 11 | } 12 | gzip 13 | } 14 | example.com/media { 15 | root /home/user/haiwen/seafile-server-latest/seahub/media 16 | gzip 17 | } 18 | -------------------------------------------------------------------------------- /seafile/README.md: -------------------------------------------------------------------------------- 1 | # Seafile 2 | 3 | This is an example configuration on how to use [Seafile](https://www.seafile.com/) with Caddy. 4 | 5 | To make Seafile work with Caddy ensure to have two separate sites configured in your Caddyfile for the host. 6 | Combining the two proxy directives under a single site entry will cause problems when uploading and downloading 7 | files in Seafile. 8 | 9 | Please be sure to change with your actual values. 10 | -------------------------------------------------------------------------------- /security-header/Caddyfile: -------------------------------------------------------------------------------- 1 | header / { 2 | Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" 3 | X-Xss-Protection "1; mode=block" 4 | X-Content-Type-Options "nosniff" 5 | X-Frame-Options "DENY" 6 | Content-Security-Policy "upgrade-insecure-requests" 7 | Referrer-Policy "strict-origin-when-cross-origin" 8 | Cache-Control "public, max-age=15, must-revalidate" 9 | Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'" 10 | } -------------------------------------------------------------------------------- /security-header/README.md: -------------------------------------------------------------------------------- 1 | # Security Header 2 | 3 | Get an **A+** on [security header](https://securityheaders.com/) out of the box. These settings are well tested on websites in PROD. 4 | 5 | Before using this setup, I was using CloudFlare worker (5$ per month) to get the same result. I asked myself, how can I configure security header on my own server instead. This is how. 6 | 7 | # Warning 8 | 9 | Test those default values locally as they could prevent your website functioning normally. 10 | 11 | - **Content Security Policy** is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. Analyse this policy in more detail. You can sign up for a free account on Report URI to collect reports about problems on your site. 12 | - **Feature Policy** is a new header that allows a site to control which features and APIs can be used in the browser. 13 | - **Referrer Policy** is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. 14 | - **HTTP Strict Transport Security** is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. ⚠️ Warning - it requires that the site is served over HTTPS for the duration specified in the header. Failing to do so will brick users out of the site. 15 | - **X-Content-Type-Options** stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". 16 | - **X-Frame-Options** tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. 17 | - **X-XSS-Protection** sets the configuration for the cross-site scripting filters built into most browsers. The best configuration is "X-XSS-Protection: 1; mode=block". 18 | - **Expect-CT** Expect-CT allows a site to determine if they are ready for the upcoming Chrome requirements and/or enforce their CT policy. 19 | - **Server** Typically you will see values like "Microsoft-IIS/8.0" or "nginx 1.7.2". 20 | 21 | **Screenshot**: 22 | 23 | ![screen shot 2018-12-06 at 7 48 19 pm](https://user-images.githubusercontent.com/6694151/49621138-e574a080-f991-11e8-8a8e-d9a2b2a4a974.jpg) 24 | 25 | This is part of my project: 26 | [📦 A smaller Caddy docker image 14MB + (security header, gzip, cache, healthcheck)](https://github.com/pascalandy/caddy-securityheader) 27 | 28 | Cheers! 29 | https://twitter.com/askpascalandy 30 | -------------------------------------------------------------------------------- /sendy/Caddyfile: -------------------------------------------------------------------------------- 1 | sendy.yourdomain.tld 2 | 3 | root /var/www/html/sendy.yourdomain.tld/public 4 | gzip 5 | 6 | # Point to the upstream PHP-FPM socket 7 | fastcgi / unix:/run/php/sendy.yourdomain.tld-fpm.sock php 8 | 9 | # This rewrite is to prevent access to dot files and folders such 10 | # as .htaccess, .git, etc. 11 | rewrite { 12 | r \/\. 13 | if {path} not_starts_with .well-known 14 | to /index.php{uri} 15 | } 16 | 17 | # Custom sendy rewrites: main rewrite 18 | # RewriteRule ^([a-zA-Z0-9-]+)$ $1.php [L] 19 | rewrite { 20 | r ^/([a-zA-Z0-9-]+)$ 21 | to {1}.php 22 | } 23 | 24 | # Link tracker 25 | # RewriteRule ^l/([a-zA-Z0-9/]+)$ l.php?i=$1 [L] 26 | rewrite { 27 | r ^/l/([a-zA-Z0-9/]+)$ 28 | to l.php?i={1} 29 | } 30 | 31 | # Open tracker 32 | # RewriteRule ^t/([a-zA-Z0-9/]+)$ t.php?i=$1 [L] 33 | rewrite { 34 | r ^/t/([a-zA-Z0-9/]+)$ 35 | to t.php?i={1} 36 | } 37 | 38 | # Web version 39 | # RewriteRule ^w/([a-zA-Z0-9/]+)$ w.php?i=$1 [L] 40 | rewrite { 41 | r ^/w/([a-zA-Z0-9/]+)$ 42 | to w.php?i={1} 43 | } 44 | 45 | # unsubscribe 46 | # RewriteRule ^unsubscribe/(.*)$ unsubscribe.php?i=$1 [L] 47 | rewrite { 48 | r ^/unsubscribe/(.*)$ 49 | to unsubscribe.php?i={1} 50 | } 51 | 52 | # subscribe 53 | # RewriteRule ^subscribe/(.*)$ subscribe.php?i=$1 [L] 54 | rewrite { 55 | r ^/subscribe/(.*)$ 56 | to subscribe.php?i={1} 57 | } 58 | -------------------------------------------------------------------------------- /shopware/Caddyfile: -------------------------------------------------------------------------------- 1 | DOMAIN { 2 | root /PATH/TO/SHOPWARE 3 | 4 | fastcgi / /PATH/TO/PHP-FPM php { 5 | index shopware.php index.php 6 | } 7 | 8 | status 404 { 9 | /autoload.php 10 | /composer. 11 | /config.php 12 | /eula.txt 13 | /eula_ 14 | /CONTRIBUTING.md 15 | /UPGRADE- 16 | /README.md 17 | } 18 | 19 | status 403 { 20 | /files/documents/ 21 | /var/ 22 | /media/temp/ 23 | /. 24 | /forbidden 25 | } 26 | 27 | rewrite { 28 | if {file} ends_with .tpl 29 | if {file} ends_with .yml 30 | if {file} ends_with .ini 31 | if {file} ends_with .log 32 | if_op or 33 | to /forbidden 34 | } 35 | 36 | ## Shopware Install / Update 37 | rewrite /recovery/install/ { 38 | to {path} /recovery/install/index.php?{query} 39 | } 40 | 41 | rewrite /recovery/update/ { 42 | to {path} /recovery/update/index.php?{query} 43 | } 44 | 45 | # Block direct access to ESDs, but allow the follwing download options: 46 | # * 'PHP' (slow) 47 | # * 'X-Accel' (optimized) 48 | # Also see http://wiki.shopware.com/ESD_detail_1116.html#Ab_Shopware_4.2.2 49 | internal /files/552211cce724117c3178e3d22bec532ec/ 50 | 51 | ## backend media support 52 | rewrite { 53 | r ^/backend/media/(.*) 54 | to /media/{1} /shopware.php?module=frontend&controller=Media&action=fallback 55 | } 56 | 57 | ## XML Sitemap support. 58 | rewrite /sitemap.xml {path} /shopware.php 59 | 60 | ## XML SitemapMobile support. 61 | rewrite /sitemapMobile.xml {path} /shopware.php 62 | 63 | ## robots.txt support 64 | rewrite /robots.txt {path} /shopware.php 65 | 66 | ## All static files will be served directly. 67 | rewrite { 68 | r ^.+\.(?:css|cur|js|jpe?g|gif|ico|png|svg|html)$ 69 | to {path} /shopware.php?module=frontend&controller=Media&action=fallback 70 | } 71 | 72 | rewrite / { 73 | to {path} {path}/ /shopware.php?{query} 74 | } 75 | } -------------------------------------------------------------------------------- /smokeping/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | root /usr/share/smokeping/www 3 | fastcgi / unix:/var/run/fcgiwrap.socket { 4 | env SCRIPT_FILENAME /usr/share/smokeping/smokeping.cgi 5 | } 6 | } 7 | example.com/js { 8 | root /usr/share/smokeping/www/js 9 | } 10 | example.com/css { 11 | root /usr/share/smokeping/www/css 12 | } 13 | example.com/cache { 14 | root /var/cache/smokeping 15 | } 16 | example.com/smokeping/images { 17 | root /usr/share/smokeping/www/images 18 | } 19 | -------------------------------------------------------------------------------- /smokeping/README.md: -------------------------------------------------------------------------------- 1 | # Smokeping 2 | 3 | This is an example configuration on how to use [Smokeping](https://oss.oetiker.ch/smokeping/) with Caddy. 4 | 5 | ## Prerequisites 6 | 7 | Smokeping needs the following requirments to run properly with caddy: 8 | 9 | - fcgiwrap installed 10 | 11 | On Ubuntu / Debian Linux, we can install them using the following commands: 12 | 13 | ```` 14 | sudo apt install fcgiwrap 15 | ```` 16 | 17 | The directories of the files that smokeping used in the Caddyfile are the default values of the smokeping installed from the package manager (e.g. apt), please be sure to change it with your actual values. 18 | -------------------------------------------------------------------------------- /symfony/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | root /var/www/symfony/ 3 | 4 | rewrite { 5 | to {path} /app.php?{query} 6 | } 7 | 8 | fastcgi / unix:/var/run/php/php7.0-fpm.sock php { 9 | index app.php 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /symfony/README.md: -------------------------------------------------------------------------------- 1 | # [Symfony](https://symfony.com/) 2 | 3 | **Considerations:** 4 | - To change from `prod` the `dev` environment, change all instances of `app.php` to `app_dev.php` 5 | - You may need to change the `fastcgi` endpoint to the listen address of your `php-fpm` instance 6 | - Make sure that the user that Caddy is running under has permissions to to `php-fpm` 7 | - Make sure that the user that `php-fpm` is running under has permissions to the `root` directory 8 | -------------------------------------------------------------------------------- /systemd/README.md: -------------------------------------------------------------------------------- 1 | ### systemd 2 | 3 | See [caddy/dist/init/linux-systemd/](https://github.com/mholt/caddy/tree/master/dist/init/linux-systemd) for the most recently updated systemd service file and instructions. 4 | -------------------------------------------------------------------------------- /thinkjs/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com { 2 | gzip 3 | root /var/www/example.com/www 4 | proxy / http://127.0.0.1:8360 { 5 | transparent 6 | except static 7 | } 8 | } -------------------------------------------------------------------------------- /thinkjs/README.md: -------------------------------------------------------------------------------- 1 | # ThinkJS 2 | 3 | This is an example configuration on how to use [ThinkJS](https://thinkjs.org) with Caddy. 4 | 5 | The configuration takes following assumptions: 6 | 7 | 1. The ThinkJS installation path is `/var/www/example.com`. 8 | 2. ThinkJS listens on port `8360`. 9 | 3. You use domain name `example.com`. 10 | 11 | Please be sure to change with your actual values. 12 | -------------------------------------------------------------------------------- /vanilla/Caddyfile: -------------------------------------------------------------------------------- 1 | forum.example.com { 2 | root /var/www/vanilla/ 3 | 4 | fastcgi / /run/php/php7.0-fpm.sock php { 5 | index index.php 6 | } 7 | 8 | rewrite { 9 | to {path} /index.php?p={path}&{query} 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /vanilla/README.md: -------------------------------------------------------------------------------- 1 | # [Vanilla](https://open.vanillaforums.com/) 2 | 3 | **Considerations:** 4 | - You may need to change the `fastcgi` endpoint to the listen address of your `php-fpm` instance 5 | - Make sure that the user that Caddy is running under has permissions to to `php-fpm` 6 | - Make sure that the user that `php-fpm` is running under has permissions to the `root` directory 7 | -------------------------------------------------------------------------------- /web2py/Caddyfile: -------------------------------------------------------------------------------- 1 | example.com 2 | 3 | proxy / localhost:8000 { 4 | transparent 5 | } 6 | -------------------------------------------------------------------------------- /web2py/README.md: -------------------------------------------------------------------------------- 1 | # Web2py 2 | 3 | This is an example configuration for web2py using caddy as proxy the requests to the app server. 4 | Assuming you run web server on the same server with port 8000 either using default web2py rocket server in web2py.py or using anyserver.py (cherrypy, diesel, eventlet, gevent, gunicorn, paste, rocket, tornado, twisted, waitress, wsgiref), otherwise change the server name or ip or server port 5 | -------------------------------------------------------------------------------- /winphp/Caddyfile: -------------------------------------------------------------------------------- 1 | :2015 { 2 | root C:\sites\1 3 | on startup php_cgi.bat & 4 | fastcgi / 127.0.0.1:6545 php 5 | } 6 | -------------------------------------------------------------------------------- /winphp/php_cgi.bat: -------------------------------------------------------------------------------- 1 | :start 2 | SET PHP_FCGI_MAX_REQUESTS=0 3 | C:\php\php-cgi.exe -b 6545 -------------------------------------------------------------------------------- /winphp/php_cgi2.bat: -------------------------------------------------------------------------------- 1 | :start 2 | C:\php\php-cgi.exe -b 6545 3 | goto start -------------------------------------------------------------------------------- /winphp/readme.md: -------------------------------------------------------------------------------- 1 | ### Running PHP Fast-cgi on windows 2 | 3 | This example shows how to run PHP on Windows. The Caddyfile uses a file named php_cgi.bat to start PHP. 4 | 5 | There's a known limitation when php-cgi.exe is executed by itself. php-cgi.exe quits after exactly 500 hits. 6 | 7 | This issue is mentioned there: 8 | https://stackoverflow.com/questions/12487147/php-cgi-exe-quits-after-exactly-500-hits 9 | https://stackoverflow.com/questions/23279497/php-cgi-stops-working-randomly-without-error-log 10 | 11 | This line in php_cgi.bat ensures this issue doesn't happen: 12 | > SET PHP_FCGI_MAX_REQUESTS=0 13 | 14 | Another option if you’re worried on memory leaks in php_cgi.bat is to use php_cgi2.bat. 15 | 16 | Using this command directly in a Caddyfile isn't recommended: 17 | > on startup c:\path\to\php\php-cgi.exe -b 6545 & 18 | 19 | The php-cgi process(e)s will be shutdown automatically when caddy stops. -------------------------------------------------------------------------------- /woltlab/Caddyfile: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | 3 | root 4 | gzip 5 | fastcgi / 127.0.0.1:9000 php 6 | rewrite { 7 | to {path} {path}/ /index.php?{path}&{query} 8 | } -------------------------------------------------------------------------------- /woltlab/README.md: -------------------------------------------------------------------------------- 1 | # WoltLab 2 | 3 | This is an example configuration on how to use [WoltLab](https://www.woltlab.com/) with Caddy. 4 | 5 | Please make sure to change the `root` directive to your WoltLab installation directory! -------------------------------------------------------------------------------- /wordpress/Caddyfile: -------------------------------------------------------------------------------- 1 | localhost:8080 2 | 3 | root 4 | gzip 5 | fastcgi / 127.0.0.1:9000 php 6 | 7 | # Prevent malicious PHP uploads from running 8 | rewrite { 9 | r /uploads\/(.*)\.php 10 | to / 11 | } 12 | 13 | rewrite { 14 | if {path} not_match ^\/wp-admin 15 | to {path} {path}/ /index.php?{query} 16 | } 17 | -------------------------------------------------------------------------------- /wordpress/README.md: -------------------------------------------------------------------------------- 1 | # WordPress 2 | 3 | This is an example configuration on how to use [WordPress](https://wordpress.org/) with Caddy. 4 | 5 | ## Prerequisites 6 | 7 | WordPress has the following [requirements](https://wordpress.org/about/requirements/): 8 | 9 | - PHP version 5.6 or greater 10 | - MySQL version 5.5 or greater 11 | 12 | On Ubuntu Linux, we can install them using the following commands: 13 | ```` 14 | sudo apt-get update 15 | sudo apt-get install mysql-server php5-mysql php5-fpm 16 | ```` 17 | 18 | During the installation, MySQL will ask you to set a root password. 19 | 20 | To finish the installation, we need to activate MySQL and secure the installation: 21 | ```` 22 | sudo mysql_install_db 23 | sudo /usr/bin/mysql_secure_installation 24 | ```` 25 | 26 | ## Create WordPress Database 27 | 28 | With all the prerequisites in place, we can go ahead and create a new MySQL database and user for WordPress. 29 | 30 | First, log into the MySQL Shell: 31 | ```` 32 | mysql -u root -p 33 | ```` 34 | 35 | Now, create the database and user: 36 | ```` 37 | CREATE DATABASE wordpress; 38 | CREATE USER wordpressuser@localhost; 39 | SET PASSWORD FOR wordpressuser@localhost= PASSWORD("password"); 40 | GRANT ALL PRIVILEGES ON wordpress.* TO wordpressuser@localhost IDENTIFIED BY 'password'; 41 | FLUSH PRIVILEGES; 42 | exit 43 | ```` 44 | 45 | A couple of things are going on here: 46 | 1. Create the actual `wordpress` database. 47 | 2. Create the user `wordpressuser`. 48 | 3. Set a password for this user. 49 | 4. Grant all privileges of the `wordpress` database to this user. 50 | 5. Reload the new user settings. 51 | 52 | Feel free to name you database or user differently. 53 | 54 | ## Download & install WordPress 55 | 56 | We can get the latest version of Wordpress from their official website: 57 | ```` 58 | curl -SL http://wordpress.org/latest.tar.gz | tar --strip 1 -xzf - 59 | 60 | ```` 61 | 62 | Use the Caddyfile in this example and make sure that fastcgi is listening on port 9000 63 | 64 | Now, we can finally run `caddy`. If everything went right, you'll be greeted by WordPress once you visit `http://localhost:8080`. From here on, WordPress will guide you through the rest of the setup. 65 | 66 | ## Troubleshooting 67 | 68 | The most common error you might encounter is `502 Bad Gateway`. In this case, proceed as following: 69 | 70 | - Check `/var/log/php5-fpm.log` for any errors. 71 | - Add `errors visible` to your `Caddyfile` 72 | - Often times, php-fpm doesn't work because of wrong permissions. Check the error logs and change the user in `/etc/php5/fpm/pool.d/www.conf` 73 | - Switching to a Unix socket might help. Change the listen directive in `/etc/php5/fpm/pool.d/www.conf` to `listen = unix:/var/run/php5-fpm.sock` and adjust your `Caddyfile` accordingly. 74 | - If using a unix socket, make sure Caddy has access to the socket file. 75 | 76 | Otherwise, search for guides on how to set up `fastcgi` for Nginx. The configuration for `fastcgi` is identical for Nginx and Caddy, but Nginx has a lot more tutorials online. 77 | -------------------------------------------------------------------------------- /youtrack/Caddyfile: -------------------------------------------------------------------------------- 1 | # 2 | # JetBrains YouTrack 3 | # 4 | 5 | youtrack.domain.tld { 6 | proxy / http://127.0.0.1:8080 { 7 | timeout 86400s 8 | transparent 9 | websocket 10 | } 11 | } 12 | -------------------------------------------------------------------------------- /youtrack/README.md: -------------------------------------------------------------------------------- 1 | # JetBrains YouTrack 2 | 3 | **Important!**: make sure you don't enable `gzip`, as this breaks SSE 4 | (Server Sent Events) required for live updates to function. 5 | 6 | 1. Just adjust the domain and the proxy url to match your setup. 7 | -------------------------------------------------------------------------------- /zabbix/Caddyfile: -------------------------------------------------------------------------------- 1 | zabbix.mydomain.tld { 2 | root /usr/share/zabbix 3 | status 404 { 4 | /conf 5 | /app 6 | /include 7 | /local 8 | } 9 | fastcgi / /var/run/php5-fpm.sock php 10 | } 11 | -------------------------------------------------------------------------------- /zabbix/README.md: -------------------------------------------------------------------------------- 1 | Zabbix 2 | ------ 3 | 4 | If you allready have a zabbix server, but want to switch the apache it uses for a caddyserver, the Caddyfile included may help you. 5 | 6 | Beware, you need to turn off the apache before you can start caddy, as both are trying to bind the same ports (probably). 7 | 8 | `apache2ctl stop` 9 | 10 | Also, this assumes, you have the php5-fpm, which usually will be installed, still running with the default socket. 11 | --------------------------------------------------------------------------------