caddy
caddy
basic auth
From the caddy docs
Protect files in /secret/ so only Bob can access them (and anyone can see other paths):
example.com {
root * /srv
basic_auth /secret/* {
# Username "Bob", password "hiccup"
Bob $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG
}
file_server
}
You can use caddy hash-password to get the properly hashed password to drop into the config.
redirect
Super easy to redirect. Can trivially replace a cname with a redirect (example stolen from mwl’s apache to caddy post):
blather.michaelwlucas.com www.michaelwarrenlucas.com michaelwarrenlucas.com {
redir https://mwl.io
}
Or inside a site config:
mwl.io www.mwl.io {
tls mwl@mwl.io
log {
output file /var/log/mwl/io-caddy.log
format json
}
root * /var/www/io
file_server
redir "/ks" https://www.kickstarter.com/projects/mwlucas/mwls-next-1-april-book"
}
caching
Set the cache-control headers so that static stuff can be cached for a while, but dynamic stuff is reloaded:
@static_assets {
file {path}
path *.ico *.css *.js *.gif *.webp *.avif *.jpg *.jpeg *.png *.svg *.woff *.woff2 *.ttf
}
header @static_assets Cache-Control "public, max-age=31536000, immutable"
@html_files {
path *.html *.htm /
}
header @html_files Cache-Control "public, max-age=0, must-revalidate"