117 lines
2.3 KiB
Text
117 lines
2.3 KiB
Text
{
|
|
{{- if .Debug}}
|
|
debug
|
|
{{- end}}
|
|
admin {{.PortsConfig.AdminPort}}
|
|
http_port {{.PortsConfig.HTTPPort}}
|
|
https_port {{.PortsConfig.HTTPSPort}}
|
|
{{- if .Metrics}}
|
|
metrics
|
|
{{- end}}
|
|
|
|
order ja4h_header first
|
|
order webdav before file_server
|
|
order cache before rewrite
|
|
|
|
cache {
|
|
cache_name CaddyCache
|
|
}
|
|
|
|
log {
|
|
level {{.LogConfig.Level}}
|
|
output file ./log/caddy.log {
|
|
roll_size {{.LogConfig.RotateSize}}
|
|
roll_keep {{.LogConfig.RotateKeep}}
|
|
{{- if .LogConfig.RotateKeepForTime}}
|
|
roll_keep_for {{.LogConfig.RotateKeepForTime}}
|
|
{{- end}}
|
|
}
|
|
}
|
|
|
|
{{- if .TLSConfig.EnableDNSChallenge}}
|
|
dns {{.TLSConfig.Provider}} {{.TLSConfig.Token}}
|
|
{{- end}}
|
|
{{- if .TLSConfig.ECHOuterSNI}}
|
|
ech {{.TLSConfig.ECHOuterSNI}}
|
|
{{- end}}
|
|
{{- if .TLSConfig.Email}}
|
|
email {{.TLSConfig.Email}}
|
|
{{- end}}
|
|
}
|
|
|
|
(log) {
|
|
log {
|
|
format transform `{request>headers>X-Forwarded-For>[0]:request>remote_ip} - {user_id} [{ts}] "{request>method} {request>uri} {request>proto}" {status} {size} "{request>headers>Referer>[0]}" "{request>headers>User-Agent>[0]}"` {
|
|
time_format "02/Jan/2006:15:04:05 -0700"
|
|
}
|
|
output file ./log/{args[0]}/access.log {
|
|
roll_size 10MB
|
|
roll_keep 10
|
|
roll_keep_for 24h
|
|
}
|
|
}
|
|
}
|
|
|
|
(error_page) {
|
|
handle_errors {
|
|
rewrite * /{err.status_code}.html
|
|
root * ./pages/errors
|
|
file_server
|
|
}
|
|
}
|
|
|
|
(encode) {
|
|
encode {
|
|
zstd
|
|
br
|
|
gzip
|
|
minimum_length 512
|
|
}
|
|
}
|
|
|
|
(cache) {
|
|
cache {
|
|
allowed_http_verbs GET
|
|
stale {args[0]}
|
|
ttl {args[1]}
|
|
}
|
|
}
|
|
|
|
(header_realip_cf) {
|
|
header_up X-Real-IP {remote_host}
|
|
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-Proto {http.request.header.CF-Visitor}
|
|
}
|
|
|
|
(header_realip) {
|
|
header_up X-Real-IP {remote_host}
|
|
header_up X-Forwarded-For {remote_host}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
}
|
|
|
|
(tls) {
|
|
{{- if .TLSSnippetConfig.EnableSiteTLSSnippet}}
|
|
tls {{- if .TLSSnippetConfig.Email }} {{ .TLSSnippetConfig.Email }}{{- end }} {
|
|
dns {{.TLSSnippetConfig.Provider}} {{.TLSSnippetConfig.Token}}
|
|
}
|
|
{{- end}}
|
|
}
|
|
|
|
(rate_limit) {
|
|
route /* {
|
|
rate_limit {remote.ip} {args[0]}r/m 10000 429
|
|
}
|
|
}
|
|
|
|
(route_nocache) {
|
|
route {args[0]} {
|
|
rate_limit {remote.ip} {args[1]}r/m 10000 429
|
|
cache {
|
|
stale 0s
|
|
ttl 0s
|
|
}
|
|
}
|
|
}
|
|
|
|
import ./config.d/*
|