Web Server powerful dan mudah
2 Minggu - 10 Hari - Complete Guide
Caddy adalah web server dengan konfigurasi sederhana dan automatic HTTPS
| Hari | Topik | Praktik |
|---|---|---|
| 1 | Pengenalan Caddy | Apa itu Caddy? Keunggulan |
| 2 | Instalasi | Install Caddy di Linux |
| 3 | Caddyfile Dasar | Syntax dan struktur |
| 4 | Static Files | Serve static website |
| 5 | Reverse Proxy | Proxy ke backend |
# Install dependencies
sudo apt install -y apt-transport-https ca-certificates curl gnupg
# Add Caddy repository
sudo curl -fsSL "https://dl.cloudsmith.io/public/caddy/stable/gpg.key" | gpg --dearmor -o /usr/share/keyrings/caddy-archive-keyring.gpg
sudo curl -fsSL "https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt" | sudo tee /etc/apt/sources.list.d/caddy-stable.list
# Install Caddy
sudo apt update
sudo apt install caddycaddy version# Basic Caddyfile
example.com {
respond "Hello, World!"
}mysite.com {
root * /var/www/html
file_server
}# Validate Caddyfile
caddy validate
# Format Caddyfile
caddy fmt
# Reload konfigurasi
caddy reloadwww.example.com {
# Root folder
root * /var/www/mysite
# Enable file server
file_server
# Enable index files
index index.html index.htm
}www.example.com {
root * /var/www/html
php_fastcgi localhost:9000
file_server
}www.example.com {
root * /var/www/app
# Rewrite /app ke /app/public
rewrite /app /app/public
php_fastcgi localhost:9000
file_server
}api.example.com {
reverse_proxy localhost:3000
}myapp.example.com {
reverse_proxy container-name:3000
}app.example.com {
reverse_proxy localhost:8080 {
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Proto {scheme}
}
}| Hari | Topik | Praktik |
|---|---|---|
| 1 | Automatic HTTPS | Let's Encrypt config |
| 2 | TLS Options | Custom certificates |
| 3 | Load Balancing | Multiple backends |
| 4 | Security Headers | Hardening |
| 5 | Logging - Monitoring | Logs dan metrics |
example.com {
# Automatic HTTPS - tidak perlu konfigurasi tambahan
root * /var/www/html
file_server
}localhost:8080 {
http_port 8080
https_port 8443
respond "Dev Server"
}example.com {
tls {
protocols tls1.2 tls1.3
ciphers TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256
}
reverse_proxy localhost:3000
}example.com {
tls external
reverse_proxy backend:443 {
transport http {
tls
tls_server_name backend.example.com
}
}
}example.com {
tls self_signed
respond "Internal Dev"
}api.example.com {
reverse_proxy localhost:3000 localhost:3001 localhost:3002
}api.example.com {
reverse_proxy localhost:3000 localhost:3001 localhost:3002 {
health_uri /health
health_interval 5s
health_timeout 3s
}
}app.example.com {
reverse_proxy localhost:3000 localhost:3001 {
lb_policy ip_hash
}
}example.com {
header {
X-Frame-Options "SAMEORIGIN"
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
Referrer-Policy "strict-origin-when-cross-origin"
Content-Security-Policy "default-src 'self'"
}
reverse_proxy localhost:3000
}api.example.com {
@cors {
header Origin *
}
respond @cors "OK" 200 {
Access-Control-Allow-Origin "*"
Access-Control-Allow-Methods "GET, POST, OPTIONS"
}
reverse_proxy localhost:3000
}example.com {
log {
output file /var/log/caddy/access.log
}
reverse_proxy localhost:3000
}example.com {
log {
output file /var/log/caddy/error.log
level ERROR
}
reverse_proxy localhost:3000
}example.com {
log {
output stdout
}
respond "Debug mode"
}caddy run # Start Caddy
caddy start # Start as daemon
caddy stop # Stop Caddy
caddy reload # Reload config
caddy validate # Validate Caddyfile
caddy fmt # Format Caddyfile
caddy list-certificates # List certificates
caddy revoke # Revoke certificateroot * /path/to/files # Document root
file_server # Enable static file serving
reverse_proxy localhost:3000 # Proxy to backend
php_fastcgi localhost:9000 # PHP support
encode gzip # Enable gzip compression
log { } # Logging
header { } # Set headers
tls { } # TLS configuration