1. My Caddy version (caddy -version
):
v2.0.0-beta.13
docker image - caddy/caddy:alpine
django version - 2.0+
2. How I run Caddy:
Docker as service in docker swarm
Stack file:
caddy:
image: caddy/caddy:alpine
hostname: "{{.Service.Name}}-{{.Task.Slot}}"
depends_on:
- django
ports:
- "0.0.0.0:2015:2015"
- "0.0.0.0:8088:8088"
volumes:
- /etc/localtime:/etc/localtime:ro
- /opt/project/compose/caddy/:/etc/caddy/
- /opt/project:/srv
deploy:
replicas: 1
mode: replicated
placement:
constraints:
- node.labels.server == backend
restart_policy:
condition: on-failure
cap_add:
- CAP_NET_BIND_SERVICE
networks:
- blabla
For the first version of Caddy I used the following caddy file:
example.com {
header / {
-Server
-X-Host
}
proxy / django:5000 {
except project/static
transparent
}
gzip
log stdout
errors stderr
tls /srv/compose/caddy/security-cert/client_ssl.pem /srv/compose/caddy/security-cert/root.unencrypted.pem {
protocols tls1.2
}
}
localhost:8088 {
header / {
-Server
-X-Host
}
proxy / django:5000 {
except project/static
transparent
}
gzip
log stdout
errors stderr
tls off
}
Now I started using the second version of caddy (Caddy server) and made a different caddy for it.:
{
http_port 8088
https_port 2015
}
example.com:2015 {
reverse_proxy django:5000
tls /srv/compose/caddy/security-cert/client_ssl.pem /srv/compose/caddy/security-cert/root.unencrypted.pem {
protocols tls1.2 tls1.3
}
encode zstd gzip
}
localhost:8088 {
root * /srv/project/
reverse_proxy django:5000 {
header_down -Server
header_down -Host
}
file_server
}
Questions:
- The alternative way for server caddy(caddy2) parameter “except”? (That use static files because I get status 404 from my all static files)
- How to set only tls1. 2? ((If I try to do it on caddy 2 I get a message “building standard TLS config: protocol min (746c73312e32) cannot be greater than protocol max ()”)
- Are these two files the same caddy? ((I may have read the documentation for caddy 2 quite well)