注意
1. 在没有公网ip的机器A上启用自动https一定要注意A机器上的dns不要用网关地址或路由器地址,一定要用公共DNS服务器地址,因为家用宽带封了常用的服务端口,其中包括了dns服务的端口53。启动会报类似如下错误
CNAME dns query: dial tcp 192.168.1.1:53: connect: connection refused
2.泛域名或https非443端口要用到相应的插件,域名解析到非公网ip也要相应的插件
编译插件
bash
package main
import (
caddycmd "github.com/caddyserver/caddy/v2/cmd"
// plug in Caddy modules here
_ "github.com/caddy-dns/cloudflare"
_ "github.com/caddyserver/caddy/v2/modules/standard"
)
func main() {
caddycmd.Main()
}
在windows下编译linux的执行文件
bash
go env -w GOOS=linux
go env -w GOARCH=amd64
go build -ldflags "-w -s" -o caddy-cf .
配置示例
1. 泛域名配置并自动https
bash
cat > Caddyfile <<'EOF'
{
log {
output file /root/caddy/caddy5/caddy.log
level INFO
format console {
time_local
time_format wall_milli
}
}
}
*.zjc001.top {
tls {
dns cloudflare gqRkHttI-ZAa8jEb09CsKyf_fPGrae1f13g8GHMk
}
@chat host chat.zjc001.top
handle @chat {
respond "Hello, world! [chat]"
}
@vault host vault.zjc001.top
handle @vault {
respond "Hello, world! [vault]"
}
handle {
abort
}
}
EOF
cloudflare令牌的创建参考:https://pages.uing.vip/post/caddy2/
启动并测试
bash
caddy-cf run
浏览器访问chat.zjc001.top
和vault.zjc001.top
将分别显示
Hello, world! [chat]
Hello, world! [vault]
且都自动转成了https
2. 非公网ip配置并自动https
bash
cat > Caddyfile <<'EOF'
eone.ehall.top {
tls {
dns cloudflare c_A6L9KqCIuuBPXRG1zsg03ZELl6FmQVuARwh3Mv
}
encode gzip
respond "Hello, World!"
}
EOF