When I first set up my web server I don’t think Caddy was really a sensible choice. It was still immature (The big “version 2” rewrite was in beta). But it’s about five years from when that happened, so I decided to give Caddy a try.
Wow! My config shrank to about 25% from what it was with Nginx. It’s also a lot less stuff to deal with, especially from a personal hosting perspective. As much as I like self-hosting, I’m not like “into” configuring web servers. Caddy made this very easy.
I thought the automatic HTTPS feature was overrated until I used it. The fact is it works effortlessly. I do not need to add paths to certificate files in my config anymore. That’s great. But what’s even better is I do not need to bother with my server notes to once again figure out how to correctly use Certbot when I want to create new certs for subdomains, since Caddy will do it automatically.
I’ve been annoyed with my Nginx config for a while, and kept wishing to find the motivation to streamline it. It started simple, but as I added things to it over the years the complexity in the config file blossomed. But the thing that tipped me over to trying Caddy was seeing the difference between the Nginx and Caddy configurations necessary for Jellyfin. Seriously. Look at what’s necessary for Nginx.
https://jellyfin.org/docs/general/networking/nginx/#https-config-example
In Caddy that became
jellyfin.example.com {
reverse_proxy internal.jellyfin.host:8096
}
I thought no way this would work. But it did. First try. So, consider this a field report from a happy Caddy convert, and if you’re not using it yet for self-hosting maybe it can simplify things for you, too. It made me happy enough to write about it.
I’m too scared to swap away from SWAG. The combination of nginx proxy manager and LetsEncrypt helps me dumb ass a ton.
You have already made your choice :) But Traefik is also a good alternative ! Specially if you work with a lot of docker containers !
Once you get how Traefik works, it just simple as adding a few lines into your yaml file and everything is handled by Traefik !
I just set up caddy a few weeks ago as my first foray into reverse proxies, and as you said it was an incredibly easy experience.
I specifically chose caddy for the simplicity of the Caddyfile and automatic certs/renewals when I was looking at which reverse proxy engine to set up.
10/10 would choose caddy again.
You can also restrict the reverse proxy to specific adresses too like 192.168.1.0/24
I should look into that to see if I can restrict Vaultwarden, since I VPN into my home network anyway.
I’ve been using nginx proxy manager for years on my server, and it’s great, but occasionally I give caddy the side eye and think about switching.
I very highly recommend that you take the time and just switch. Caddy is simply fabulous. It’s designed to work (assuming it’s compiled with the module) with containers and use docker networks for routing. It makes it easy to spin up containers and directly reference the container names instead of remembering IP addresses and particularly comes in handy when your entire environment is containerized.
You can pull the caddy image and run it in docker and as long as your environment is configured correctly you can simply
reverse_proxy @containerand you’re done. Caddy pulls all the relevant port information directly from the container API.I get such a nerd boner thinking about it.
By reputation I know that Nginx proxy manager seems to work great if you’re on the “happy path” but if you need anything out of the norm it supposedly is less great to use. In my case I do have a few quirks, primarily with fcgiwrap. But I can’t say how it’d play, because I honestly never heard of NPM until yesterday when I was refreshing myself on web servers (and went with Caddy).
Agree. So far when I’ve had abnormal stuff it’s been easy enough to add the custom config in NPM, but that super simple caddy config looks really nice
I used NPM as well, and eventually just got sick of various issues i’d had with it (probably all my fault, but…) so switched to Caddy and it was just so much easier and reliable for me. I’d heartily recommend it.
Why
Why do I use NPM, or why do I consider switching to caddy?
Why would you consider switching? I find NPM to be the best :)
I like NPM, but on a few occasions over the years I’ve used it it has broken irreparably for no reason. There have been times where I couldn’t log in with my credentials, and times when I couldn’t generate SSL certs. Over the last year or so it’s been really solid but there were a couple times I was ready to chuck NPM out the window.
I had these sorts of issues too, always assumed it was something i’d goofed - but have never had similar with Caddy.
I can understand that! Portainer recently did the same log in thing to me and I wanted to go crazy.
@GnuLinuxDude Since I’m a fan of Caddy I’ll add in one little trick I recently found.
I have a use case where I might get requests in the first few seconds, while the reverse-proxied application is still starting up. Caddy actually has a load balancer built in. It’s a bit overkill for the use case but it works:
https://caddyserver.com/docs/caddyfile/directives/reverse/_proxy#load-balancing
Just make sure to set both lb_try_duration and lb_retries (seems redundant but whatever) and your early requests will wait until the app starts!
Do you have an example use-case? I don’t think I’ve ever needed to wait for something to start, as anything that’s reverse proxied is already running.
Soon I am hoping to migrate from Nginx to H2O
