1. Output of caddy version
:
Caddy v2.6.1 h1:EDqo59TyYWhXQnfde93Mmv4FJfYe00dO60zMiEt+pzo=
2. How I run Caddy:
I run caddy in a docker-compose environment
a. System environment:
Docker-compose installed on debian 11
b. Command:
docker-stack deploy -c docker-compose.yml app
c. Service/unit/compose file:
version: "3.6"
services:
# Déploiement du reverse proxy caddy (avec gestion certificats auto via let's encrypt
caddy:
image: caddy:latest
ports:
# HTTP et HTTPS
- "80:80"
- "443:443"
networks:
- caddy
volumes:
- ./apps/caddy/Caddyfile:/etc/caddy/Caddyfile:ro #fichier de configuration principal de Caddy
- ./data/caddy:/data #indispensable pour stocker les données de certificats auto générés par caddy
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /mnt/existant/ademe/apps/public_html:/srv_ademe:ro
#- ./apps/caddy/ademe:/cert_ademe:ro
Make sure backticks stay on their own lines,
and the post looks nice in the preview pane. -->
d. My complete Caddy config:
{
# email to generate a valid SSL certificate
email mgagnant@wecompetence.com
}
# Snippet de règle de réécriture, permet d'être appelé en import dans chacun des sites php
(rewriterule) {
#On sécurise le site publié par caddy
header {
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff;
X-XSS-Protection "1; mode=block;"
X-Robots-Tag none;
X-Frame-Options SAMEORIGIN;
Referrer-Policy no-referrer;
Cache-Control max-age=31536000;
}
#Règle de réécriture de l'accueil Ademe
@accueil path_regexp accueil ^/accueil.*
rewrite @accueil /solutions/index.php
#Règle de réécriture des dossiers Ademe
@solfolder path_regexp solfolder .*f([0-9]+).html
rewrite @solfolder /solutions/folder.php?folid={re.solfolder.1}
#Règle de réécriture des stage Ademe
@solstage path_regexp solstage .*s([0-9]+).html
rewrite @solstage /solutions/stage.php?folid=26&stageid={re.solstage.1}
#Règle de réécriture des sessions (formulaire d'inscription) Ademe
@solinscr path_regexp solinscr .*r([0-9]+).html
rewrite @solinscr /solutions/beforeregister.php?sessionid={re.solfolder.1}
#Règle de réécriture recherche de formation (searchstage) Ademe
@searchstage path_regexp searchstage .*recherche-de-formation.html
rewrite @searchstage /solutions/searchstage.php
#Règle de réécriture contactez-nous (contact) Ademe
@contact path_regexp contact .*contactez-nous.html
rewrite @contact /solutions/contact.php
@contact-thankyou path_regexp contact-thankyou .*remerciements-contact.html
rewrite @contact-thankyou /solutions/contact-thankyou.php
#Règle de réécriture plan du site (sitemap) Ademe
@sitemap path_regexp sitemap .*plan-du-site.html
rewrite @sitemap /solutions/sitemap.php
#Règle de réécriture formulaire d'inscription (register & co) Ademe
# Voir l'envoi de variable en get pour rewriting entre beforeregister => register ex :(secteur=2&sessionid=1292&formval=Valider)
# Voir les actions des form pour le rewriting
@forminsc path_regexp forminsc .*formulaire-d-inscription.html
rewrite @forminsc /solutions/beforeregister.php
@register path_regexp register .*participant.html
rewrite @register /solutions/register.php
@register2 path_regexp register2 .*responsable.html
rewrite @register2 /solutions/register2.php
@register3 path_regexp register3 .*societe.html
rewrite @register3 /solutions/register3.php
@register4 path_regexp register4 .*facturation.html
rewrite @register4 /solutions/register4.php
@register5 path_regexp register5 .*message.html
rewrite @register5 /solutions/register5.php
@register6 path_regexp register6 .*synthese.html
rewrite @register6 /solutions/register6.php
@register7 path_regexp register7 .*enregistrement-formulaire-d-inscription.html
rewrite @register7 /solutions/register7.php
@register-thankyou path_regexp register-thankyou .*remerciements.html
rewrite @register-thankyou /solutions/register-thankyou.php
#Règle de réécriture formulaire création d'un compte (account & co)
# Voir l'envoi de variable en get pour rewriting entre beforecreateaccount => createaccount ex : (secteur=2&email=jlemoine45d@webcompetence.com)
# Voir les actions des form pour le rewriting
@beforecreateaccount path_regexp beforecreateaccount .*creation-de-compte.html
rewrite @beforecreateaccount /solutions/beforecreateaccount.php
@createaccount path_regexp createaccount .*creation-compte-vos-informations.html
rewrite @createaccount /solutions/createaccount.php
@createaccount2 path_regexp createaccount .*creation-compte-societe.html
rewrite @createaccount2 /solutions/createaccount2.php
@createaccount3 path_regexp createaccount3 .*creation-compte-message.html
rewrite @createaccount3 /solutions/createaccount3.php
@createaccount4 path_regexp createaccount4 .*creation-compte-synthese.html
rewrite @createaccount4 /solutions/createaccount4.php
@createaccount5 path_regexp createaccount5 .*creation-compte-enregistrement.html
rewrite @createaccount5 /solutions/createaccount5.php
@createaccount-thankyou path_regexp .*creation-compte-remerciement.html
rewrite @createaccount-thankyou /solutions/createaccount-thankyou.php
#Rewrite FAQ
@searchfaq path_regexp searchfaq .*faq.html
rewrite @searchfaq /solutions/searchfaq.php
#Règle de réécriture de la FAQ
@faq path_regexp faq .*a([0-9]+).html
rewrite @faq /solutions/faq.php?faqid={re.faq.1}
}
#***************************Déclaration Sites PHP clients*********************************
#client ADEME certificats fournis par le client
test.kalischool.com {
# On indique quel sera le dossier racine du module simpleSAMLpph
handle_path /simplesaml* {
root * /srv_ademe/external/simplesamlphp/www
php_fastcgi http://172.17.0.1:9001
encode gzip zstd
file_server
}
# On indique quel sera le dossier racine de l'application web cliente
handle {
root * /srv_ademe
php_fastcgi http://172.17.0.1:9001
encode gzip zstd
file_server
#reverse_proxy * 172.17.0.1:9001
try_files /{path} {path}/index.php /notfound.html
import rewriterule
}
}
Use `caddy fmt` to make it readable.
DO NOT REDACT anything except credentials.
LEAVE DOMAIN NAMES INTACT.
Make sure the backticks stay on their own lines.
3. The problem I’m having:
Hi the community,
my problem is that the webpage serving is very slow on my php-fpm container.
When you browse https://test.kalischool.com , the time for display the webpage is over than 1.5s (TTFB>1.5s).
Maybe something is not configured (cache ?)
Could you help me ?
Micka
4. Error messages and/or full log output:
{"level":"info","ts":1665071246.1081674,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"10.0.0.2","remote_port":"16687","proto":"HTTP/2.0","method":"GET","host":"test.kalischool.com","uri":"/","headers":{"Sec-Ch-Ua":["\"Google Chrome\";v=\"105\", \"Not)A;Brand\";v=\"8\", \"Chromium\";v=\"105\""],"Sec-Ch-Ua-Platform":["\"Windows\""],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"],"Sec-Fetch-User":["?1"],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Cookie":[]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"test.kalischool.com"}},"user_id":"","duration":0.061237692,"size":0,"status":302,"resp_headers":{"X-Robots-Tag":["none;"],"Strict-Transport-Security":["max-age=31536000;"],"Status":["302 Found"],"Content-Type":["text/html; charset=UTF-8"],"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Referrer-Policy":["no-referrer;"],"X-Content-Type-Options":["nosniff;"],"X-Frame-Options":["SAMEORIGIN;"],"Location":["./accueil.html"],"X-Xss-Protection":["1; mode=block;"],"Cache-Control":["max-age=31536000;"]}}
{"level":"info","ts":1665071249.828001,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"10.0.0.2","remote_port":"16687","proto":"HTTP/2.0","method":"GET","host":"test.kalischool.com","uri":"/accueil.html","headers":{"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"105\", \"Not)A;Brand\";v=\"8\", \"Chromium\";v=\"105\""],"Sec-Ch-Ua-Mobile":["?0"],"Accept-Encoding":["gzip, deflate, br"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-Site":["none"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"Cookie":[]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"test.kalischool.com"}},"user_id":"","duration":3.705047694,"size":8192,"status":302,"resp_headers":{"Cache-Control":["max-age=31536000;","no-store, no-cache, must-revalidate"],"Strict-Transport-Security":["max-age=31536000;"],"X-Content-Type-Options":["nosniff;"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Referrer-Policy":["no-referrer;"],"X-Frame-Options":["SAMEORIGIN;"],"Content-Type":["text/html; charset=UTF-8"],"Vary":["Accept-Encoding"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Status":["302 Found"],"Location":["https://test.kalischool.com/back/index.php"],"Content-Encoding":["gzip"],"Server":["Caddy"],"X-Robots-Tag":["none;"],"X-Xss-Protection":["1; mode=block;"],"Pragma":["no-cache"]}}
{"level":"info","ts":1665071255.1025906,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"10.0.0.2","remote_port":"16687","proto":"HTTP/2.0","method":"GET","host":"test.kalischool.com","uri":"/back/index.php","headers":{"Upgrade-Insecure-Requests":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-User":["?1"],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7"],"Cookie":[],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua":["\"Google Chrome\";v=\"105\", \"Not)A;Brand\";v=\"8\", \"Chromium\";v=\"105\""],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"test.kalischool.com"}},"user_id":"","duration":5.279715144,"size":14841,"status":200,"resp_headers":{"X-Content-Type-Options":["nosniff;"],"X-Frame-Options":["SAMEORIGIN;"],"Content-Type":["text/html; charset=UTF-8"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"X-Xss-Protection":["1; mode=block;"],"Server":["Caddy"],"Pragma":["no-cache"],"Vary":["Accept-Encoding"],"Cache-Control":["max-age=31536000;","no-store, no-cache, must-revalidate"],"Referrer-Policy":["no-referrer;"],"Strict-Transport-Security":["max-age=31536000;"],"X-Robots-Tag":["none;"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Content-Encoding":["gzip"]}}
USE THE PREVIEW PANE TO MAKE SURE IT LOOKS NICELY FORMATTED.
5. What I already tried:
I browse this website but I don’t find any answer for this problem