I used to host my website on nginx, then httpd, finally @faddat referred me to caddy, and I just migrated yesterday. My homepage is up, being nothin' but a jekyll site, but having an issue with using lrsjng/h5ai, my caddyfile is this :
#the homepage
msfjarvis.me:80 www.msfjarvis.me:80 {
root /var/www/html/
tls [email protected]
}
#the downloads index
#roms.msfjarvis.me:80 {
# root /var/www/ROMs/
# fastcgi / /var/run/php5-fpm.sock {
# ext .php
# split .php
# index _h5ai/public/index.php
# }
# tls [email protected]
#}
roms.msfjarvis.me:80, roms.msfjarvis.me:443 {
root /var/www/ROMs
log /root/access.log
errors /root/errors.log
fastcgi / /var/run/php5-fpm.sock php {
ext .php
split .php
index _h5ai/public/index.php
}
}
msfjarvis
All 15 comments
Firstly, change that fastcgi block to this single line and try again.
fastcgi / /var/run/php5-fpm.sock php
abiosoft
on 13 May 2016
Second, do a rewrite where you check for existance of the path, otherwise rewrite to php
tboerger
on 13 May 2016
@tboerger Can you spoonfeed me on this? :)
msfjarvis
on 13 May 2016
I can't remember the exact values since I replaced h5ai with the browse directive and a custom template. But it's something like that:
rewrite {
to {path} /_h5ai/public/index.php
}
That should server files directly (including CSS and JS) but delegates folders to the h5ai PHP file.
tboerger
on 13 May 2016
So @msf-jarvis, what you probably want to do is look into the browse
directive and how to template it :).
On Fri, May 13, 2016, 20:42 Thomas Boerger [email protected] wrote:
I can't remember the exact values since I replaced h5ai with the browse
directive and a custom template. But it's something like that:rewrite {
to {path} /_h5ai/public/index.php
}That should server files directly (including CSS and JS) but delegates
folders to the h5ai PHP file.—
You are receiving this because you were mentioned.
Reply to this email directly or view it on GitHub
https://github.com/mholt/caddy/issues/819#issuecomment-219046201
faddat
on 14 May 2016
rewrite {
if {path} ends_with /
to {dir}/index.html {dir}/index.php /_h5ai/server/php/index.php
}
thats what i found somewhere and it has to be in http://[awesome].domain.ninja/_h5ai or in .caddy/_h5ai but i forgot, hope it works for you
got it running at https://awesome.nwgat.ninja/
nwgat
on 20 May 2016
@nwgat, can you let me know how you added the custom header and the needed section of your Caddyfile
msfjarvis
on 20 May 2016
awesome.nwgat.ninja {
root /var/www/awesome.nwgat.ninja
#browse
#basicauth /test user pass
gzip
tls [email protected]
fastcgi / /var/run/php5-fpm.sock php
rewrite {
if {path} ends_with /
to {dir}/index.html {dir}/index.php /_h5ai/server/php/index.php
}
}
seems you need to put h5ai in /var/www/awesome.nwgat.ninja/_h5ai
nwgat
on 20 May 2016
and there is a bug somewhere, atleast on caddy 0.8.2 as it sometimes hang the whole http server, it might be php that does it
nwgat
on 20 May 2016
Caddy and PHP still don't seem to be very friendly. I can't wait till php has been go-ified!
faddat
on 22 May 2016
Looks like there is a working solution here! Thanks to everyone who helped with that.
mholt
on 29 Jun 2016
In case someone else is looking for the Caddyfile config for h5ai and caddy v2. Here's what I have that works for me.
# workaround for file_server hide doesn't seem to work with folder
# see https://caddy.community/t/help-hiding-only-one-named-folder/8449
# see https://caddy.community/t/v2-hide-entire-folder-caddyfile/7234/2
handle /_h5ai/private/* {
respond 404
}
handle {
php_fastcgi unix//run/php/php7.4-fpm.sock
file_server
@no_index {
not file {
try_files {path}.html {path} {path}/index.html
}
}
rewrite @no_index /_h5ai/public/index.php
}
squaresmile
on 12 Nov 2020
Thanks a lot @squaresmile, works for me.
[Edit] Hum, not quite in fact. Now my domain.tld whows the h5ai interface too (with no files visible), while it should serve wordpress.
I'm wondering if there would be a way to restrict browsing to authenticated user, but allow direct file access when the full URL of a file is used by anonymous users? Would it be something to configure in Caddy or in h5ai? My installation of h5ai is several years old, I don't quite remember how it works.
Kabouik
on 21 Nov 2020
In case it helps understanding why h5ai is now served on domain.tld with the above h5ai config for just a subfolder, this is my caddyfile:
domain.tld, www.domain.tld {
tls [email protected]
root * /var/www/domain.tld/wordpress
# handle /misc/* {
# root * /var/www/domain.tld/wordpress/misc
# uri strip_prefix /misc
# file_server browse
# }
handle /misc/_h5ai/private/* {
respond 404
}
handle {
php_fastcgi unix//run/php/php7.3-fpm.sock
file_server
@no_index {
not file {
try_files {path}.html {path} {path}/index.html
}
}
rewrite @no_index /misc/_h5ai/public/index.php
}
encode gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
# Prevent malicious PHP uploads from running
@uploads {
path_regexp path /uploads\/(.*)\.php
}
rewrite @uploads /
file_server
}
[Edit] Alright, this seems to work:
domain.tld, www.domain.tld {
tls [email protected]
root * /var/www/domain.tld/wordpress
# handle /misc/* {
# root * /var/www/domain.tld/wordpress/misc
# uri strip_prefix /misc
# file_server browse
# }
handle /misc/_h5ai/private/* {
respond 404
}
handle /misc/* {
php_fastcgi unix//run/php/php7.3-fpm.sock
file_server
@no_index {
not file {
try_files {path}.html {path} {path}/index.html
}
}
rewrite @no_index /misc/_h5ai/public/index.php
}
encode gzip
php_fastcgi unix//run/php/php7.3-fpm.sock
# Prevent malicious PHP uploads from running
@uploads {
path_regexp path /uploads\/(.*)\.php
}
rewrite @uploads /
file_server
}
Still interested as to whether it is possible to restrict browsing to authenticated users, while keeping direct file access to everyone who's got a correct file URL.
Kabouik
on 21 Nov 2020
Related issues
whs
·
3Comments
wayneashleyberry
·
3Comments
aeroxy
·
3Comments
mholt
·
3Comments
muhammadmuzzammil1998
·
3Comments
Most helpful comment
Firstly, change that fastcgi block to this single line and try again.