103 lines
2.3 KiB
Caddyfile
Executable File
103 lines
2.3 KiB
Caddyfile
Executable File
# Global options
|
|
{
|
|
# Debug mode - uncomment to activate.
|
|
#debug
|
|
|
|
# Use local-only certs? Comment out the on_demand_tls block
|
|
# if you use this.
|
|
#local_certs
|
|
|
|
# To use automatic on/demand SSL/TLS certs we need to ask an
|
|
# end-point if we host the domain.
|
|
on_demand_tls {
|
|
# This can be any http url you like, a domain query will be
|
|
# attached. A request will be made such as
|
|
# http://my.end.point:80/hosted/?domain=myawesomesite.foo
|
|
# The end-point MUST return a 200 response if the domain is
|
|
# valid.
|
|
#ask http://my.end.point:80/hosted/
|
|
|
|
# So we don't have to use external scripting let's get caddy
|
|
# to check a directory for us instead. There needs to be a
|
|
# block below to handle this otherwise all domains using SSL
|
|
# will fail.
|
|
ask http://127.0.0.1:62453/
|
|
}
|
|
}
|
|
|
|
# On-demand SSL/TLS end-point to check if we host the domain before
|
|
# getting a cert.
|
|
http://127.0.0.1:62453 {
|
|
# The folder where ALL sites are so we can check if hosted or not.
|
|
# No files from here are served.
|
|
root * /var/www/
|
|
|
|
# Log to stdout.
|
|
log
|
|
|
|
# Rewrite the domain query into a path request and only if /.
|
|
@domain_query {
|
|
path /
|
|
query domain=*
|
|
}
|
|
rewrite @domain_query /{query.domain}/
|
|
|
|
# Match domain.
|
|
# The path regex matcher must come first, Thanks caddy devs!
|
|
# Info https://github.com/caddyserver/caddy/issues/4204
|
|
@domain_in_path path_regexp domain \/(www\.)?([^\.\\\/].{1,})\/
|
|
handle @domain_in_path {
|
|
@domain_exists file {re.domain.2}/
|
|
respond @domain_exists 200 {
|
|
close
|
|
}
|
|
}
|
|
|
|
# Default response if domain doesn't exist.
|
|
respond 404 {
|
|
close
|
|
}
|
|
}
|
|
|
|
# Catch-all SSL/TLS site(s) - this must be last!
|
|
:443 {
|
|
# Strip www from host header.
|
|
@host_header header_regexp host Host (www\.)?([^\.\\\/].{1,})
|
|
|
|
# Enable on-demand SSL/TLS certs.
|
|
tls {
|
|
on_demand
|
|
}
|
|
|
|
handle_errors {
|
|
respond "{http.error.status_text}." {
|
|
close
|
|
}
|
|
}
|
|
|
|
handle @host_header {
|
|
root * /var/www/{re.host.2}/htdocs/
|
|
file_server {
|
|
hide .* ~*
|
|
}
|
|
|
|
@has_reverse_proxy {
|
|
file /run/{re.host.2}.sock
|
|
path !*.php
|
|
}
|
|
|
|
handle @has_reverse_proxy {
|
|
reverse_proxy unix//run/{re.host.2}.sock {
|
|
header_up Host {upstream_hostport}
|
|
header_up X-Forwarded-Host {host}
|
|
}
|
|
}
|
|
|
|
php_fastcgi unix//run/php/{re.host.2}.sock {
|
|
# This only works with Caddy versions >= 2.4.6
|
|
try_files {path} {path}/ {path}/index.php =404
|
|
}
|
|
}
|
|
error 404
|
|
}
|