forked from wekan/wekan
-
Notifications
You must be signed in to change notification settings - Fork 0
Caddy Webserver Config
Lauri Ojansivu edited this page May 7, 2017
·
8 revisions
List of Let's Encrypt implementations
Create directory for caddy, website and logs:
mkdir -p ~/caddy/example.com ~/caddy/logsAdd this config to ~/caddy/Caddyfile
There's also some extra examples.
example.com {
root /home/username/caddy/example.com
# Static website, markdown or html
ext .md .html
proxy /wekan 127.0.0.1:3000 {
websocket
}
log /home/username/caddy/logs/wekan-access.log {
rotate {
size 100 # Rotate after 100 MB
age 7 # Keep log files for 7 days
keep 52 # Keep at most 52 log files
}
}
errors {
log /home/username/caddy/logs/wekan-error.log {
size 100 # Rotate after 100 MB
age 7 # Keep log files for 7 days
keep 52 # Keep at most 52 log files
}
}
}
example.com/files {
root /home/username/files
# View files in directory, has sorting in browser
browse
}Install Caddy. Change username to what user you run caddy, like in /home/username:
# Install caddy with some plugins
curl https://getcaddy.com | bash -s ipfilter,ratelimit
# Give permissions to caddy to bind 80 and 443
sudo setcap cap_net_bind_service=+ep /usr/local/bin/caddyAnd this service file for Caddy to /etc/systemd/system/[email protected]
; see `man systemd.unit` for configuration details
; the man section also explains *specifiers* `%x`
[Unit]
Description=Caddy HTTP/2 web server %I
Documentation=https://caddyserver.com/docs
After=network-online.target
Wants=network-online.target
Wants=systemd-networkd-wait-online.service
[Service]
; run user and group for caddy
User=username
Group=username
ExecStart=/home/username/caddy/caddy -conf=/home/username/caddy/Caddyfile -agree -email="[email protected]"
Restart=on-failure
StartLimitInterval=86400
StartLimitBurst=5
RestartSec=10
ExecReload=/bin/kill -USR1 $MAINPID
; limit the number of file descriptors, see `man systemd.exec` for more limit settings
LimitNOFILE=1048576
LimitNPROC=64
; create a private temp folder that is not shared with other processes
PrivateTmp=true
PrivateDevices=true
ProtectSystem=full
CapabilityBoundingSet=CAP_NET_BIND_SERVICE
AmbientCapabilities=CAP_NET_BIND_SERVICE
NoNewPrivileges=true
[Install]
WantedBy=multi-user.targetStart caddy and enable service:
sudo systemctl daemon-reload
sudo systemctl start caddy@username
sudo systemctl enable caddy@username
- About
- No UI major redesign
- Test Edge
- FAQ
- IRC FAQ - answers to questions asked at IRC
- Roadmap - board at Wekan demo
- Team
- Press
- Blog
- NOT related to Wekan
- Wekan vs Trello vs Restyaboard
- Features
- Custom Logo
- Gantt Chart
- Admin: Impersonate user
- Emoji etc syntax
- Numbered text syntax
- Time Tracking
- Subtasks <== Has fix
- Templates
- Archive and Delete
- Adding Users
- LDAP
- Keycloak
- Google login
- Azure
- OAuth2, Auth0, GitLab, RocketChat
- Oracle OIM on premise using OAuth2
- ADFS 4.0 using OAuth2 and OpenID
- Nextcloud
- CAS Please test
- SAML Please test
- IFTTT
- Custom Fields
- Due Date
- Forgot Password
- Requirements
- Translations
- Roadmap
- Fix Export board menu not visible on some boards
- Integrations
- RAM usage
- Demo
- Swimlane Documentation
- Wekan Markdown
- Download Wekan for various Platforms: Supported by xet7, Operating Systems, NAS, Cloud
- Example: New card with Python3 and REST API
- Python client to REST API
- Java
- Wekan Sandstorm cards to CSV using Python
- Excel and VBA
- Global Webhook
- Limiting Webhook data
- Receiving Webhooks
- Outgoing Webhook to Discord/Slack/RocketChat/Riot
- Outgoing Webhook to NodeRed
- Outgoing Webhook to PowerShell
- Security: Webhook and CA
- Outgoing Webhooks Data
- Outgoing Webhooks and Let's Encrypt
- Outgoing Webhooks Original Pull Request, multiple Webhooks, more parameters and response order