Caddy: Difference between revisions

(3 intermediate revisions by 2 users not shown)

Line 145:

</syntaxhighlight>This example will serve a [[uWSGI]] app, provided by a unix socket file, on the host <code>myapp.example.org</code>.

=== Caching ===

Caching can be enabled by adding the official [https://github.com/caddyserver/cache-handler cache-handler plugin]. Note that the corresponding hash and upstream version can change.<syntaxhighlight lang="nix">

services.caddy = {

package = pkgs.caddy.withPlugins {

plugins = [ "github.com/caddyserver/cache-handler@v0.16.0" ];

hash = "sha256-XTFwYo3o7il3UfnE2QuJM+UoGTu0Yw+8ka0p9czdgEM=";

};

globalConfig = ''

cache

'';

virtualHosts = {

"example.org" = {

extraConfig = ''

cache

reverse_proxy your-app:8080

'';

};

</syntaxhighlight>If you need to add caching to an existing virtual host entry, which was created by a module, you can prepend it by using <code>lib.mkBefore</code><syntaxhighlight lang="nix">

services.caddy = {

[...]

virtualHosts."dokuwiki.example.org".extraConfig = lib.mkBefore ''

cache {

ttl 30m

stale 1h

]

'';

};

</syntaxhighlight>See [https://github.com/caddyserver/cache-handler upstream documentation] for further configuration options.

=== Passing environment variable secrets/configuring acme_dns ===

Line 166:

Line 198:

=== Check used ports ===

To check if Caddy is running and listening as configured you can run <code>~~netstat~~</code>:

To check if Caddy is running and listening as configured you can run <code>ss</code>:

$ ~~netstat~~ -~~tulpn~~

$ sudo ss --listening --no-queues --numeric --processes --tcp --udp | grep 'Process\|caddy'

~~Active Internet connections (only servers)~~

Netid State Local Address:Port Peer Address:Port Process

~~Proto Recv~~-~~Q Send~~-Q Local Address ~~Foreign~~ Address ~~State PID/Program name~~

tcp LISTEN 127.0.0.1:2019 0.0.0.0:* users:(("caddy",pid=1000,fd=10))

tcp ~~0 0~~ 127.0.0.1:2019 0.0.0.0:* ~~LISTEN 1202/~~caddy

tcp LISTEN *:80 *:* users:(("caddy",pid=1000,fd=11))

~~tcp6 0 0 ::~~:80 ::~~:* LISTEN 1202/~~caddy

tcp LISTEN *:443 *:* users:(("caddy",pid=1000,fd=12))

~~tcp6 0 0 ::~~:443 ::~~:* LISTEN 1202/~~caddy

udp UNCONN *:443 *:* users:(("caddy",pid=1000,fd=13))

~~udp6 0 0 ::~~:443 ::~~:* 1202/~~caddy

</syntaxhighlight>

The tcp (ipv4) socket port 2019 is Caddy's management endpoint, for when you want manage its config via web REST calls instead of Nix (ignore).

@@ Line 145: / Line 145: @@
 </syntaxhighlight>This example will serve a [[uWSGI]] app, provided by a unix socket file, on the host <code>myapp.example.org</code>.
+=== Caching ===
+Caching can be enabled by adding the official [https://github.com/caddyserver/cache-handler cache-handler plugin]. Note that the corresponding hash and upstream version can change.<syntaxhighlight lang="nix">
+services.caddy = {
+  package = pkgs.caddy.withPlugins {
+    plugins = [ "github.com/caddyserver/cache-handler@v0.16.0" ];
+    hash = "sha256-XTFwYo3o7il3UfnE2QuJM+UoGTu0Yw+8ka0p9czdgEM=";
+  };
+  globalConfig = ''
+    cache
+  '';
+  virtualHosts = {
+    "example.org" = {
+      extraConfig = ''
+        cache
+        reverse_proxy your-app:8080
+      '';
+  };
+};
+</syntaxhighlight>If you need to add caching to an existing virtual host entry, which was created by a module, you can prepend it by using <code>lib.mkBefore</code><syntaxhighlight lang="nix">
+services.caddy = {
+  [...]
+  virtualHosts."dokuwiki.example.org".extraConfig = lib.mkBefore ''
+    cache {
+      ttl 30m
+      stale 1h
+    ]
+  '';
+};
+</syntaxhighlight>See [https://github.com/caddyserver/cache-handler upstream documentation] for further configuration options.
 === Passing environment variable secrets/configuring acme_dns ===
@@ Line 166: / Line 198: @@
 === Check used ports ===
-To check if Caddy is running and listening as configured you can run <code>netstat</code>:
+To check if Caddy is running and listening as configured you can run <code>ss</code>:
-<syntaxhighlight lang="bash">
+<syntaxhighlight lang="console">
-$ netstat -tulpn
+$ sudo ss --listening --no-queues --numeric --processes --tcp --udp | grep 'Process\|caddy'
-Active Internet connections (only servers)
+Netid State       Local Address:Port  Peer Address:Port Process
-Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
+tcp   LISTEN          127.0.0.1:2019       0.0.0.0:*    users:(("caddy",pid=1000,fd=10))
-tcp        0      0 127.0.0.1:2019          0.0.0.0:*               LISTEN      1202/caddy
+tcp   LISTEN                  *:80               *:*    users:(("caddy",pid=1000,fd=11))
-tcp6       0      0 :::80                   :::*                    LISTEN      1202/caddy
+tcp   LISTEN                  *:443              *:*    users:(("caddy",pid=1000,fd=12))
-tcp6       0      0 :::443                  :::*                    LISTEN      1202/caddy
+udp   UNCONN                  *:443              *:*    users:(("caddy",pid=1000,fd=13))
-udp6       0      0 :::443                  :::*                                1202/caddy
 </syntaxhighlight>
 The tcp (ipv4) socket port 2019 is Caddy's management endpoint, for when you want manage its config via web REST calls instead of Nix (ignore).