What is Reddit's opinion of Caddy?

From 3.5 billion Reddit comments

Caddy would be possible.

https://caddyserver.com/v2

https://caddy.community/t/example-docker-nextcloud-fpm-caddy-v2-webserver/9407

Because caddy is able to build automatic renewable ssl-certs on internal IP address.

The link isn't a perfect copy&paste solution, just a hint in the right direction for the config file.

Caddy is an ACME client (the protocol making automated cert issuance from Let's Encrypt possible). Having it built into the server means that you get access to more advanced features with certificate management that you can't get with other servers.

A big one for many companies is On-Demand TLS, which is a mode of operations where Caddy will have certificates issued on the fly for domains that it doesn't have a certificate for yet, for example if a customer of yours wants to use a custom domain for your SaaS. No other server does this.

Honestly, I could keep typing for days listing all the features. I suggest you look at everything it can do https://caddyserver.com/v2 and read the docs https://caddyserver.com/docs/

Yeah, just check out their site, it's got tons of walkthroughs for different scenarios and also forums to get help from and the dev is active on the forums. https://caddyserver.com/v2

So I run my stuff through subdomains like you. It's really simple, here's the gist of it:

1) either install caddy or run it via docker 2) make sure your gateway is pointing ports 80 and 443 to teh server running caddy(as it is what is listening on those ports) 3) set up dynamic DNS through your gateway and domain provider 4) create a "caddyfile" 5) profit

So the caddy file is dead simple. here's a write up on what you're doing. https://caddy.community/t/using-caddy-as-a-reverse-proxy-in-a-home-network/9427

Well its simple to setup but in my case im using several things specific to my setup.

1. NAS running at home that can run Calibre-web (docker container in my case)
2. VPS where im running my Caddy2 reverse-proxy (SSL is generated automatically for your defined domain)
3. Router setup so that the Calibre-web can be accessed only by the VPS so it is always hidden behind the reverse-proxy

Whit this its only a matter of Creating your Calibre DB on your NAS and pointing your Calibre-web to this DB.

If more info is needed feal free to PM me but a warning in advanced i may take some time to replay as i check reddit irregularly

So I know you found a solution, but here's what my setup looks like:

• $12/year for a domain
• Cloudflare free directing my domain to my IP (which is dynamic)
• HomeAsisstant integration with Cloudflare to update the IP if/when it changes.
• PC running ProxMox VE
• Foundry running in a Container
• Caddy Reverse Proxy running in another container.

So, I have fun.domain. People can navigate to foundry.fun.domain, Cloudflare directs that to my IP address (which is kept updated by HomeAssistant). Caddy sees it coming in as foundry.fun.domain and proxys it over to the Foundry container/port.

Edit: Another benefit is that I don't have any ports open except for 80 and 443, which helps with security.

Look into a reverse proxy. You only keep 80 (HTTP) and 443 (HTTPS) open, and the request goes to your RP. RP takes a look at the request and, depending how you've set it up, moves things around.

As an example:

• I have three services running: Tandoor Recipes server running in Docker, Foundry, and Plex.
• I pay $12/year to whoever (GoDaddy, Google, Cloudflare, etc.) for my domain superawesome.fun.
• I set superawesome.fun to point at my IP address though whichever DNS provider I used.
• Incoming traffic gets picked up by my Reverse Proxy (real talk, I currently use Caddy2.
• tandoor.superawesome.fun comes in, Caddy sees tandoor.$DOMAIN and directs the traffic to my Tandoor server.
• foundry.$DOMAIN and plex.$DOMAIN both redirect to their respective IP:PORT config.
• I'm more secure because I only have two ports open on my firewall instead of those two PLUS the ports for my services.
• Even if somebody scans my IP for Foundry on port 30000 (or Plex's default 32400), they won't find it because it's locked behind Caddy.

Not sure if that made ANY sense, but yeah, look into Caddy, Traefik, Nginx, etc. and always use a password.

cool, thanks. there are some really good DASH servers out there, such as Caddy2, Hypercorn, go-quic, so give those a go first, before writing your own... That said, writing from scratch is super cool, and so much fun...

I have not compared against Nginx, been too busy writing it :)

Best advise is download and give a whirl...

I think the best part of this work, is that, yes it is a HAS player with lots of cools features, but it is also a framework for prototyping your own work... so lots of functions can be added/changed at the client and server side to suit whatever you want to do...

So completely hackable, without having to start from scratch...

This is an initial beta version, and we hope to release v2.0 in the coming weeks, and that lots, lots more (such as collaborative players, real-time QoE modelling, WSGI and ASGI TCP/QUIC streaming...). I'll post here once I'm happy to release it...

I would suggest you take a look at Caddy instead. I'm not all that well versed in reverse proxies either but I've tried to do NGINX reverse proxies in the past and failed. Caddy, on the other hand, was simple to get started.

Caddy would handle the SSl certs for you with no extra work. It's so damned easy.

To give you an idea of how the config looks, this is mine.

files.DOMAIN.org { reverse_proxy ubuntu_nextcloud:80 }

guac.DOMAIN.org { redir / /guacamole/ 308 reverse_proxy guac:8080 { flush_interval -1 } }

jelly.DOMAIN.org { redir / /web/index.html 308 reverse_proxy ubuntu_jellyfin:8096 }

I didn't have to do shit for configuring SSL certs - Caddy does it for you as long as your DNS looks OK. I don't bother to SSL on my LAN so it just forwards unencrypted after it gets inside the LAN.