Hi ,
So it took some time and a lot of reading to figure this out (I migrated from caddy v1 some time ago and it took some figuring to get to this lol) - so I hope i can help some of you with this modular caddyfile as an example.
Feel free to share improvements, as Iām all in for optimizations
#Global
{
experimental_http3
email mail@conor-burns.com
}
#Snippets
(headers) {
header {
Server conor-burns.com
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
Referrer-Policy no-referrer-when-downgrade
}
}
(encoding) {
encode zstd gzip
}
(logging) {
log {
output file /var/log/caddy/access.log {
roll_size 1gb
roll_keep 5
roll_keep_for 730h
}
format single_field common_log
}
}
(errors) {
handle_errors {
rewrite * /{http.error.status_code}
reverse_proxy https://http.cat
}
}
(common) {
import headers
import encoding
import logging
import errors
}
(tls) {
import common
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
}
(tls-beat) {
import common
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN_BEAT}
}
}
(tls-mail) {
import common
tls /opt/mailcow-dockerized/data/assets/ssl/cert.pem /opt/mailcow-dockerized/data/assets/ssl/key.pem
}
#conor-burns.com
*.conor-burns.com, conor-burns.com {
import tls
root * /srv/http/root
file_server
@www host www.conor-burns.com
@blog host blog.conor-burns.com
@pgp host pgp.conor-burns.com
@stats host stats.conor-burns.com
handle @www {
redir https://conor-burns.com{uri} permanent
}
handle @blog {
redir https://0xcb.dev{uri} permanent
}
handle @pgp {
root * /srv/http/files.0xcb.dev/pgp
file_server
}
handle @stats {
reverse_proxy localhost:8088
}
}
#max.hil.conor-burns.com
*.max.hil.conor-burns.com, max.hil.conor-burns.com {
import tls
reverse_proxy localhost:10103
@www host www.max.hil.conor-burns.com
handle @www {
redir https://max.hil.conor-burns.com{uri} permanent
}
}
#0xcb.dev
*.0xcb.dev {
import tls
@www host www.0xcb.dev
@blog host blog.0xcb.dev
@files host files.0xcb.dev
@s3 host s3.0xcb.dev
@s host s.0xcb.dev
@media host media.0xcb.dev
@docker host docker.0xcb.dev
@3d host 3d.0xcb.dev
handle @www {
redir https://0xcb.dev{uri} permanent
}
handle @blog {
reverse_proxy /ghost* localhost:10105
root * /srv/http/blog.0xcb.dev
file_server
}
handle @files {
root * /srv/http/files.0xcb.dev
file_server browse
}
handle @s3 {
reverse_proxy localhost:9001
}
handle @s {
reverse_proxy localhost:8089
}
handle @media {
reverse_proxy localhost:8096
}
handle @docker {
reverse_proxy localhost:9000
}
handle @3d {
reverse_proxy 10.10.10.15:80
}
}
#mail.0xcb.dev
mail.0xcb.dev, autodiscover.0xcb.dev, autoconfig.0xcb.dev {
import tls-mail
reverse_proxy localhost:8080
}
#kriener.photography
*.kriener.photography, kriener.photography {
import tls
reverse_proxy localhost:10104
@www host www.kriener.photography
@stats host statskriener.photography
@files host files.kriener.photography
@3d host 3d.kriener.photography
handle @www {
redir https://kriener.photography{uri} permanent
}
handle @3d {
reverse_proxy 10.1.10.11:80
}
handle @files {
root * /mnt/jakob/public
file_server browse
}
handle @stats {
reverse_proxy 10.1.10.10:19999
}
}
#offbeat-music.com
*.offbeat-music.com, offbeat-music.com {
import tls-beat
reverse_proxy localhost:10102
@www host www.offbeat-music.com
handle @www {
redir https://offbeat-music.com{uri} permanent
}
}
(Iām just going to post my real config - feels free to ask for different use cases)