Skip to content

Generate Caddyfile

Jump to bottom
Zheng Luo edited this page Mar 3, 2018 · 2 revisions

Since 0.8.0, this project bundles a gen_caddyfile.sh along with a default template to generate Caddyfile from config.yaml, which could be directly used by Caddy web server.

Command-line usage

./gen_caddyfile.sh config.yaml outputCaddyfile

Before run, check if there is gomplate under the same directory with gen_caddyfile.sh

How it works

The template iterates over all repos, and check if it meets given requirements:

local repo

Condition worker has name and path

Effects Generate a route /{{name}} => {{path}}

reverse proxy

Condition worker has name and proxy_to

Effects Generate reverse proxy /{{name}} => {{proxy_to}}

Example

repos:
    - type: rsync
      source: rsync://rsync.chiark.greenend.org.uk/ftp/users/sgtatham/putty-website-mirror/
      interval: 6
      path: /tmp/putty
      name: putty # this will generate a route from /putty to /tmp/putty
    - type: external
      name: ubuntu
      proxy_to: http://ftp.sjtu.edu.cn/ubuntu/ # this will generate a route from /ubuntu to http://ftp.sjtu.edu.cn/ubuntu/

Additional routes

The bundled template will generate two additional routes:

/lug

lug JSON Restful API.

Reverse proxy to $lug_addr(127.0.0.1:7001) by default.

/lug/v1/admin

This path is protected and requires auth. Auth is configurable:

{{/* configure methods to protect your admin API */}}
{{ define "login_config" }}
    {{/* by default this uses Github OAuth, change it to your needs! */}}
    {{/* the sample OAuth application only allows redirection to 127.0.0.1:2015, so register your own OAuth App! */}}
    github client_id=d8d4b5b349b0172af159,client_secret=aa4a70fe46d309220fefce5a567a0a884dea715b
    jwt_expiry 24h
    cookie_expiry 2400h
{{ end }}

{{ define "jwt_config" }}
    {{/* only allow username=htfy96 */}}
    allow sub htfy96
{{ end }}

Users need to visit /login first to acquire JWT tokens in the cookie and then visit .../admin.

By default, the auth is based on Github OAuth application, which needs client_id and client_secret params. Users should apply their own OAuth keys at https://developer.github.com/apps/building-oauth-apps/authorization-options-for-oauth-apps/ with redirect_dir having the same host and port with those served by Caddy.

Users can also choose alternative auth options following docs provided by loginsrv

:9180/metrics

Prometheus metrics of Caddy server

Clone this wiki locally