Guides

User Tools

Site Tools

You are here: start » esxi » caddy_server
esxi:caddy_server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
esxi:caddy_server [2024/07/29 18:59]
derek 		esxi:caddy_server [2025/12/25 09:41] (current)
derek
Line 15: Line 15:
         * ''Save''         * ''Save''
       * Add a 'SRV' record for any minecraft servers to allow accessing them using subdomains instead of port numbers       * Add a 'SRV' record for any minecraft servers to allow accessing them using subdomains instead of port numbers
 +        * If not using a wildcard CNAME record, add a CNAME record for the desired subdomain as above
         * ''Add record''         * ''Add record''
         * ''Type'' > ''SRV''          * ''Type'' > ''SRV'' 
Line 61: Line 62:
 # Generate a GitHub Personal Access Token at https://github.com/settings/tokens with Read-Only Contents access to the Configs repo # Generate a GitHub Personal Access Token at https://github.com/settings/tokens with Read-Only Contents access to the Configs repo
 # Enter the key when this command asks # Enter the key when this command asks
-read -rp "Enter github api token: " token && echo "export GITHUB_OAUTH_TOKEN=$token\n" > /etc/profile.d/github_token.sh +read -rp "Enter github api token: " token && echo "export GITHUB_OAUTH_TOKEN=$token" > /etc/profile.d/github_token.sh
- +
-# Get a DNS API token from https://dash.cloudflare.com/profile/api-tokens: +
-#  Edit zone DNS > Use template: +
-#    Zone.Zone:Read permission +
-#    Zone.DNS:Edit permission +
-#    Restriction of the domain you're managing with Caddy +
-# Enter the key when this command asks +
-read -rp "Enter Cloudflare api token: " token && echo "export CF_API_TOKEN=$token\n" > /etc/profile.d/cloudflare_token.sh +
- +
-# Set up Google OAuth 2.0: +
-#   Go to: [[https://console.cloud.google.com/projectcreate]] +
-#   Follow the guide on [[https://docs.authcrunch.com/docs/authenticate/oauth/backend-oauth2-0002-google]] +
-# Enter the keys after the following commands +
-read -rp "Enter Google OAuth Client ID: " token && echo "export GOOGLE_CLIENT_ID=$token\n" > /etc/profile.d/google_oauth.sh +
-read -rp "Enter Google OAuth Client Secret: " token && echo "export GOOGLE_CLIENT_SECRET=$token\n" >> /etc/profile.d/google_oauth.sh +
 # Reload the shell so it exports the tokens in this session # Reload the shell so it exports the tokens in this session
 exec $SHELL exec $SHELL
Line 84: Line 69:
 chmod -R a=r,u+w,a+X /etc/caddy chmod -R a=r,u+w,a+X /etc/caddy
  
-# Setup startup, and run+# Setup caddy startup service
 curl -L -o /etc/systemd/system/caddy.service "https://raw.githubusercontent.com/caddyserver/dist/master/init/caddy.service" curl -L -o /etc/systemd/system/caddy.service "https://raw.githubusercontent.com/caddyserver/dist/master/init/caddy.service"
 systemctl daemon-reload systemctl daemon-reload
 +
 +# Get a DNS API token from https://dash.cloudflare.com/profile/api-tokens:
 +#   Edit zone DNS > Use template:
 +#     Zone.DNS:Edit permission
 +#     Add a Permissions entry for: Zone.Zone:Read
 +#     Restriction of the domain you're managing with Caddy
 +#   Save/keep open the API token
 +
 +# Set up Google OAuth 2.0:
 +#   Go to: [[https://console.cloud.google.com/projectcreate]]
 +#   Follow the guide on [[https://docs.authcrunch.com/docs/authenticate/oauth/backend-oauth2-0002-google]]
 +#   Save/keep open the Client ID/Secret
 +
 +systemctl edit caddy
 +# Paste in the following lines with their respective keys filled in:
 +[Service]
 +Environment="CF_API_TOKEN="
 +Environment="GOOGLE_CLIENT_ID="
 +Environment="GOOGLE_CLIENT_SECRET="
 +# Then save and exit the file with: ESC, :wq
 +
 +# Enable and run the Caddy service
 systemctl enable --now caddy systemctl enable --now caddy
 </code> </code>
Line 104: Line 111:
 systemctl reload caddy systemctl reload caddy
 </code> </code>
 +
 +Edit the Caddyfile at [[https://github.com/Archer4499/Configs/blob/master/Server/Caddy/Caddyfile]] to add or modify services then follow the command in [[#Update]] to update the file in the VM.
 +
 +Services that require setting Trusted Proxies:
 +  * [[esxi:xpenology]]
 +  * [[home:Home Assistant]]
 +  * [[esxi:AMP Game Server]]
  
 @No_Backup @No_Backup
Line 117: Line 131:
 # Update Caddy # Update Caddy
 caddy update caddy update
 +chmod 755 /usr/bin/caddy
 systemctl reload caddy systemctl reload caddy
  
 # Once a year generate a GitHub Personal Access Token at https://github.com/settings/tokens with Read-Only Contents access to the Configs repo # Once a year generate a GitHub Personal Access Token at https://github.com/settings/tokens with Read-Only Contents access to the Configs repo
 # Enter the key when this command asks # Enter the key when this command asks
-read -rp "Enter api token: " token && echo "export GITHUB_OAUTH_TOKEN=$token\n" > /etc/profile.d/github_token.sh+read -rp "Enter api token: " token && echo "export GITHUB_OAUTH_TOKEN=$token" > /etc/profile.d/github_token.sh
 # Reload the shell so it exports the tokens in this session # Reload the shell so it exports the tokens in this session
 exec $SHELL exec $SHELL
esxi/caddy_server.1722279579.txt.gz · Last modified: 2024/09/22 19:51 (external edit)

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki