LostKobrakai Posted December 17, 2016 Posted December 17, 2016 With php7 I don't see any reason why one would run hhvm besides at enterprice scale. Without 100% feature parity to php using hhvm is trading a spark more speed for the potential of having unexpected issues, which are probably hard to debug/reason about.
netcarver Posted July 15, 2021 Posted July 15, 2021 Hello wonderful Caddyphiles, Do any of you have an updated config for PW and Caddy? I wouldn't mind trying this out now Caddy has matured somewhat. Never run it before though so will start acquainting myself with the docs. 1
Beluga Posted July 15, 2021 Posted July 15, 2021 Here is my Caddy 2 config for a PW site: mysite.fi, www.mysite.fi { encode gzip tls my@email.com root * /var/www/mysite/pw file_server php_fastcgi unix//var/run/php-fpm/php-fpm.sock { health_timeout 10000s } @deny_hidden path_regexp /\. @deny_root path_regexp /(CONTRIBUTING|COPYRIGHT|LICENSE|README|htaccess)\.txt @deny_assets path_regexp ^/site(-[^/]+)?/assets/(.*\.php|backups|cache|config|install|logs|sessions) @deny_install path_regexp ^/site(-[^/]+)?/install @deny_config path_regexp ^/(site(-[^/]+)?|wire)/(config(-dev)?|index\.config)\.php @deny_modules path_regexp ^/((site(-[^/]+)?|wire)/modules|wire/core)/.*\.(inc|module|php|tpl) @deny_templates path_regexp ^/(site(-[^/]+)?|wire)/templates(-admin)?/.*\.(inc|html?|php|tpl) rewrite @deny_hidden /denyaccess rewrite @deny_root /denyaccess rewrite @deny_assets /denyaccess rewrite @deny_install /denyaccess rewrite @deny_config /denyaccess rewrite @deny_modules /denyaccess rewrite @deny_templates /denyaccess # global rule try_files {path} {path}/ /index.php?it={path}&{query} log { format single_field common_log output file /var/log/www/access.log { roll_size 50MiB roll_keep 5 roll_keep_for 168h } } } 5 2
Jonathan Lahijani Posted November 30, 2023 Posted November 30, 2023 I've been using Apache forever... never even touched nginx. Today I felt like giving Caddy a try and it feels nice. I developed what I believe is a much more improved Caddyfile that also supports ProCache and stronger blocking of files (returns a 403 like PW's htaccess file, instead of a 404 which is what /denyaccess seems to do). I added a way to also put the site in maintenance mode (meaning all requests get rewritten to /maintenance.php) if /maintenance.php exists (which is now part of my deployment process). Hopefully I can share the results in a week. 5
bernhard Posted November 30, 2023 Posted November 30, 2023 7 hours ago, Jonathan Lahijani said: I added a way to also put the site in maintenance mode (meaning all requests get rewritten to /maintenance.php) if /maintenance.php exists (which is now part of my deployment process). RockMigrations has a checkbox to prevent guest access. What you state hear sounds interesting. What do you think of adding that to RockMigrations? 1
Pete Posted Sunday at 10:53 AM Posted Sunday at 10:53 AM @Jonathan Lahijani just wondering if you got further with your Caddy file? Caddy looks really interesting to me but where you were at with your own config sounds like if I could take a look at your file it would save a lot of headaches working it out from scratch (lazy of me I know).
Jonathan Lahijani Posted Sunday at 03:33 PM Posted Sunday at 03:33 PM @Pete I did get far with it, but I never ended up running a site with Caddy so it hasn't been battle tested. I've messaged it to you directly as I don't want to post something incomplete for the public until I've really done my due diligence on it.
Jonathan Lahijani Posted Sunday at 03:49 PM Posted Sunday at 03:49 PM This is a bit off-topic (however related to Caddy), but I have been re-doing my internal development setup, which is now powered by a dedicated Proxmox server (on a Minisforum MS-01) and uses LXC containers for ProcessWire sites. On some containers, I just have one ProcessWire site, and on others, I have multiple. Previously, I just had one bare-metal, dedicated server with all my sites on it, which is very convenient but I lose having parity with my production environments (which isn't a big deal with a typical website, but more-so for mission critical webapps; also I am trying to avoid using Docker). So my internal infrastructure might look like this: lxc1 site1.domain.com site2.domain.com site3.domain.com lxc2 site4.domain.com Since I want some of my development sites to be accessible from the outside on a dedicated subdomain like shown above, this requires the need of a reverse proxy since my internet connection has only 1 IP address. Therefore, I set up another LXC which runs Caddy as a reverse proxy (also set up fail2ban to deal with stupid hackbots) which works so well and it's ridiculously easy to set up and takes care of SSL automatically. I did this just a couple days ago, after not having played with Caddy for a couple years, so maybe this bit of excitement will get me back into using it directly as well. 1
Ivan Gretsky Posted yesterday at 08:28 AM Posted yesterday at 08:28 AM Cool @Jonathan Lahijani! So you are still using apache on those LXC instances, right? Have you considered Incus instead of Proxmox? I've read it is more easy to setup and manage if you're good with cli. And is "more native" for LXC's. 1
Jonathan Lahijani Posted yesterday at 01:12 PM Posted yesterday at 01:12 PM @Ivan Gretsky Yes, still using Apache on the LXCs. I've never heard of Incus, but thanks for mentioning it. Seems it started in 2023 so in the early stages. For now, I'm going full force on Proxmox (I spent a lot of time in December and January experimenting with it), but will keep a close eye on it. Users on this post on HN say some nice things about Incus so that's a good sign.
Ivan Gretsky Posted yesterday at 01:42 PM Posted yesterday at 01:42 PM AFAIK Incus is a community fork of LXD developed (partly) by same people. So not so new actually)
Recommended Posts