Using Caddy to Serve Static Files Behind a Load Balancer

Edimar Cardoso - Oct 3 - - Dev Community

Caddy server has proven to be a very promising project. Not only is it fast, but it also has many built-in features that greatly simplify configuration. One example is the automatic issuance of SSL certificates. Moreover, it's very easy to set up a service using Caddy.

This week, I needed to create a service to publish static files. When trying to do this with Caddy's default configuration, I noticed it wouldn't be possible due to a slightly different scenario.

In my scenario, the service would run behind a load balancer at zCloud that's already responsible for generating certificates and handling TLS/SSL termination. The default configuration caused issues because it shouldn't generate an SSL certificate, but only serve files on the default HTTP port.

Additionally, there was another particularity: I needed a health check endpoint with public access, while everything else needed to be blocked using standard "Basic Auth" authentication.

Here's the file used to accomplish this in a simple way:

{
  auto_https off
}
:8080 {
    route /_health* {
        respond 200
    }
    route {
        basic_auth / {
            USER_NAME HASH_PASSWORD
        }
        root * /var/www/static
        file_server
    }
}
Enter fullscreen mode Exit fullscreen mode

Let's break down the configuration:

Disabling SSL 

auto_https off
Enter fullscreen mode Exit fullscreen mode

This disables automatic certificate issuance and disables redirection to HTTPS.

Port 

:8080 {
# ...
Enter fullscreen mode Exit fullscreen mode

This specifies the port that will be opened to receive connections.

Health check 

    route /_health* {
        respond 200
    }
Enter fullscreen mode Exit fullscreen mode

This route provides public access to the health check endpoint.

Static files with authentication 

    route {
        basic_auth / {
            USER_NAME HASH_PASSWORD
        }
        root * /var/www/static
        file_server
    }
Enter fullscreen mode Exit fullscreen mode

This part of the configuration will receive all other requests, intercept them and force a login if the user is not logged in, and serve files from the /var/www/static directory.

The USER_NAME value is the username that will be used for authentication.
The HASH_PASSWORD value is the hash generated by the Caddy CLI based on the defined password. To generate this value, simply follow the instructions in the official basic_auth documentation.

Conclusion

This Caddy Server configuration offers an elegant solution for serving static files with authentication while allowing a public health check endpoint. Caddy's flexibility and simplicity make it an excellent choice for various deployment scenarios.

Image
Ten Personal Injury Lawsuits Myths You Should Never Share On Twitter
Image
Seven Explanations On Why Replace Lost Car Keys Is Important
Image
10 Undeniable Reasons People Hate Asbestos Claim Payouts
Image
penyiapan penting biar menang judi slots online
Image
langkah putuskan cara negosiasi dalam slots online
Image
Hello everyone can you hear me ?
Image
Solutions To Problems With Drip Brew
Image
Lost My Keys: It's Not As Difficult As You Think
Image
langkah daftar ke situs slots online terbaik di asia
Image
Why Is Asbestos Lawsuit Settlements So Popular?
Image
30 Inspirational Quotes For Accidents Lawyer
Image
15 Gifts For Your Bifold Door Repair Lover In Your Life
Image
15 Gifts For The Bi-Fold Door Repair Lover In Your Life
Image
Top 30 React hooks every developer must know

react, javascript, webdev, nextjs
Image
15 Best Documentaries On Mental Health Tests NHS
Image
Why Adding Recessed In-Wall Electric Fireplace To Your Life Can Make All The Impact
Image
The 3 Biggest Disasters In Houston Asbestos Attorney History
Image
The Main Problem With Asbestos Poisoning Lawsuit, And How You Can Resolve It
Image
Kortsluiting in de Stoppenkast? Bel de Storingsdienst
. . . . . . . .
Terabox Video Player