插件扩展 #
概述 #
Caddy 拥有丰富的插件生态系统,可以通过插件扩展功能,如 DNS 提供商、缓存、认证等。
text
┌─────────────────────────────────────────────────────────────┐
│ Caddy 插件类型 │
├─────────────────────────────────────────────────────────────┤
│ │
│ 📦 DNS 提供商 - Cloudflare, Route53, AliDNS 等 │
│ 🔐 认证插件 - JWT, OAuth, LDAP 等 │
│ 🗜️ 压缩插件 - Brotli 等 │
│ 📊 监控插件 - Prometheus, Datadog 等 │
│ 🔄 代理插件 - Forward Proxy, WebDAV 等 │
│ 🛡️ 安全插件 - Rate Limit, WAF 等 │
│ │
└─────────────────────────────────────────────────────────────┘
插件安装 #
使用 xcaddy 构建 #
xcaddy 是构建自定义 Caddy 的推荐工具:
bash
# 安装 xcaddy
go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
# 构建带插件的 Caddy
xcaddy build \
--with github.com/caddyserver/forwardproxy \
--with github.com/mholt/caddy-webdav
# 构建后的二进制文件在当前目录
./caddy version
构建特定版本 #
bash
# 构建特定版本的 Caddy
xcaddy build v2.7.6 \
--with github.com/caddyserver/forwardproxy
Docker 构建 #
dockerfile
FROM caddy:builder AS builder
RUN xcaddy build \
--with github.com/caddyserver/forwardproxy \
--with github.com/mholt/caddy-webdav
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
DNS 提供商插件 #
Cloudflare #
bash
# 安装
xcaddy build --with github.com/caddy-dns/cloudflare
caddyfile
*.example.com {
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
respond "Wildcard certificate"
}
阿里云 DNS #
bash
# 安装
xcaddy build --with github.com/caddy-dns/alidns
caddyfile
*.example.com {
tls {
dns alidns {
access_key_id {env.ALIYUN_ACCESS_KEY_ID}
access_key_secret {env.ALIYUN_ACCESS_KEY_SECRET}
}
}
}
腾讯云 DNS #
bash
# 安装
xcaddy build --with github.com/caddy-dns/tencentcloud
caddyfile
*.example.com {
tls {
dns tencentcloud {
secret_id {env.TENCENTCLOUD_SECRET_ID}
secret_key {env.TENCENTCLOUD_SECRET_KEY}
}
}
}
AWS Route 53 #
bash
# 安装
xcaddy build --with github.com/caddy-dns/route53
caddyfile
*.example.com {
tls {
dns route53 {
access_key_id {env.AWS_ACCESS_KEY_ID}
secret_access_key {env.AWS_SECRET_ACCESS_KEY}
}
}
}
常用插件 #
Forward Proxy(正向代理) #
bash
# 安装
xcaddy build --with github.com/caddyserver/forwardproxy
caddyfile
example.com {
forward_proxy {
basic_auth user pass
hide_ip
hide_via
probe_resistance
}
}
WebDAV #
bash
# 安装
xcaddy build --with github.com/mholt/caddy-webdav
caddyfile
webdav.example.com {
root * /var/www/webdav
webdav {
prefix /dav
}
basicauth {
admin $2a$14$Zkx...
}
}
Brotli 压缩 #
bash
# 安装
xcaddy build --with github.com/ueffel/caddy-brotli
caddyfile
example.com {
brotli
encode gzip zstd
file_server
}
Rate Limit(限流) #
bash
# 安装
xcaddy build --with github.com/mholt/caddy-ratelimit
caddyfile
example.com {
rate_limit {
zone api {
key {remote_host}
events 100
window 1m
}
}
reverse_proxy localhost:3000
}
Prometheus 监控 #
bash
# 安装
xcaddy build --with github.com/caddyserver/forwardproxy
caddyfile
{
servers {
metrics
}
}
example.com {
# 指标端点
handle /metrics {
metrics
}
}
Redis 存储 #
bash
# 安装
xcaddy build --with github.com/caddyserver/redis-storage
caddyfile
{
storage redis {
host redis.example.com
port 6379
password secret
db 0
}
}
GeoIP #
bash
# 安装
xcaddy build --with github.com/porech/caddy-maxmind-geolocation
caddyfile
example.com {
geoip {
db_path /etc/caddy/GeoLite2-City.mmdb
}
@cn geoip_country_code CN
respond @cn "Hello from China"
}
JWT 认证 #
bash
# 安装
xcaddy build --with github.com/ggicci/caddy-jwt
caddyfile
api.example.com {
jwt {
primary rsa /etc/keys/public.pem
issuer my-app
audience api
}
reverse_proxy localhost:3000
}
CORS #
bash
# 安装
xcaddy build --with github.com/caddyserver/forwardproxy
caddyfile
api.example.com {
cors {
origin *
methods GET POST PUT DELETE
allowed_headers Content-Type Authorization
max_age 3600
}
reverse_proxy localhost:3000
}
插件列表 #
DNS 提供商 #
| 插件 | 说明 |
|---|---|
| cloudflare | Cloudflare DNS |
| route53 | AWS Route 53 |
| alidns | 阿里云 DNS |
| tencentcloud | 腾讯云 DNS |
| digitalocean | DigitalOcean DNS |
| godaddy | GoDaddy DNS |
| namecheap | Namecheap DNS |
| gandi | Gandi DNS |
认证授权 #
| 插件 | 说明 |
|---|---|
| caddy-jwt | JWT 认证 |
| caddy-auth-portal | 认证门户 |
| caddy-auth-jwt | JWT 插件 |
压缩编码 #
| 插件 | 说明 |
|---|---|
| caddy-brotli | Brotli 压缩 |
| caddy-compress | 自定义压缩 |
监控日志 #
| 插件 | 说明 |
|---|---|
| caddy-exporter | Prometheus 导出器 |
| caddy-logger | 自定义日志 |
其他插件 #
| 插件 | 说明 |
|---|---|
| forwardproxy | 正向代理 |
| caddy-webdav | WebDAV 服务 |
| caddy-ratelimit | 限流 |
| caddy-filter | 响应过滤 |
| caddy-geoip | 地理位置识别 |
| caddy-cgi | CGI 支持 |
自定义插件开发 #
插件结构 #
text
my-caddy-plugin/
├── main.go
├── handler.go
├── parser.go
└── README.md
基本插件模板 #
go
// main.go
package myplugin
import (
"github.com/caddyserver/caddy/v2"
"github.com/caddyserver/caddy/v2/caddyconfig/caddyfile"
"github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile"
"github.com/caddyserver/caddy/v2/modules/caddyhttp"
)
func init() {
caddy.RegisterModule(MyHandler{})
httpcaddyfile.RegisterHandlerDirective("myplugin", parseCaddyfile)
}
type MyHandler struct {
Option string `json:"option,omitempty"`
}
func (MyHandler) CaddyModule() caddy.ModuleInfo {
return caddy.ModuleInfo{
ID: "http.handlers.myplugin",
New: func() caddy.Module { return new(MyHandler) },
}
}
func (h *MyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error {
// 插件逻辑
return next.ServeHTTP(w, r)
}
func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
var m MyHandler
err := m.UnmarshalCaddyfile(h.Dispenser)
if err != nil {
return nil, err
}
return m, nil
}
func (m *MyHandler) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
for d.Next() {
for d.NextBlock() {
switch d.Val() {
case "option":
if !d.NextArg() {
return d.ArgErr()
}
m.Option = d.Val()
}
}
}
return nil
}
构建自定义插件 #
bash
# 使用 xcaddy 构建包含自定义插件的 Caddy
xcaddy build --with github.com/yourname/my-caddy-plugin
插件管理 #
查看已安装插件 #
bash
# 列出所有模块
caddy list-modules
# 过滤特定插件
caddy list-modules | grep dns
caddy list-modules | grep auth
验证插件 #
bash
# 验证配置
caddy validate --config Caddyfile
# 转换配置查看
caddy adapt --config Caddyfile --pretty
完整示例 #
多插件构建 #
dockerfile
FROM caddy:builder AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddy-dns/alidns \
--with github.com/mholt/caddy-webdav \
--with github.com/ggicci/caddy-jwt \
--with github.com/mholt/caddy-ratelimit \
--with github.com/porech/caddy-maxmind-geolocation
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
COPY Caddyfile /etc/caddy/Caddyfile
完整配置示例 #
caddyfile
{
email admin@example.com
storage redis {
host redis
port 6379
}
}
# 主站
example.com {
# GeoIP
geoip {
db_path /etc/caddy/GeoLite2-City.mmdb
}
# 限流
rate_limit {
zone general {
key {remote_host}
events 100
window 1m
}
}
# 压缩
encode gzip zstd
brotli
# 代理
reverse_proxy localhost:3000
}
# API
api.example.com {
# JWT 认证
jwt {
primary rsa /etc/keys/public.pem
}
# 限流
rate_limit {
zone api {
key {remote_host}
events 1000
window 1m
}
}
reverse_proxy localhost:3001
}
# WebDAV
webdav.example.com {
basicauth {
admin $2a$14$Zkx...
}
root * /var/www/webdav
webdav
}
# 通配符域名
*.example.com {
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
@api host api.example.com
handle @api {
reverse_proxy localhost:3001
}
handle {
respond "Default handler"
}
}
下一步 #
现在你已经掌握了插件扩展,接下来学习 Caddyfile 模板 了解常用的配置模板!
最后更新:2026-03-28