this post was submitted on 13 Nov 2023
2 points (100.0% liked)

Self-Hosted Main

504 readers
1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

For Example

We welcome posts that include suggestions for good self-hosted alternatives to popular online services, how they are better, or how they give back control of your data. Also include hints and tips for less technical readers.

Useful Lists

founded 1 year ago
MODERATORS
 

This seems too straightforward, what's the catch?

Like how secure is it? Should I be turning it off (and disabling the port forwarding) when not using it?

Do I need any additional security? Mainly just want to use it for Jellyfin

Thanks

you are viewing a single comment's thread
view the rest of the comments
[–] adamshand@alien.top 1 points 1 year ago (9 children)

I switched from Traefik to Caddy a few years ago and have no ragrets. The only complaints I have about Caddy:

  • It doesn't support configuring virtual hosts automatically via docker labelsl (like Traefik).
  • Many features (like DNS auth for certs) require compiling Caddy. Which is easy but annoying.
[–] ghoarder@alien.top 1 points 11 months ago

I wrote something that can setup caddy automatically from docker labels.

It's not well documented as I mostly wrote it for myself. https://hub.docker.com/r/mheys1/docker-dynamic-caddy https://github.com/mattheys/ddc

It basically acts like a DNS server serving up SRV records that caddy can use for dynamic configuration, I added in an on_demand_tls endpoint as well so that you don't get spammed for non existent TLS records.

[–] rodude123@alien.top 1 points 11 months ago (1 children)

Don't hate me but I use Apache2, why would use caddy?

[–] adamshand@alien.top 1 points 11 months ago

I used Apache for many years. It’s great! But Caddy is simpler, easier and lighter weight.

[–] _unbanned_datum@alien.top 1 points 11 months ago (1 children)

Anyone know if Caddy would be a good pick for a reverse proxy on a public subnet to distribute traffic to a bunch of subdomains in low traffic settings? I figure it could be a single source for all HTTPS stuff in my stack.

Or is it really just for like single applications running through Docker? Sorry, I haven’t played with it too much.

[–] MaxGhost@alien.top 1 points 11 months ago

Yes, it excels at that usecase. Caddy will automatically set up and manage certificates for each subdomain.

[–] shahmeers@alien.top 1 points 11 months ago (1 children)

It doesn't support configuring virtual hosts automatically via docker labelsl (like Traefik).

Here you go: https://github.com/lucaslorentz/caddy-docker-proxy. No more extra Caddy configuration file.

[–] brando56894@alien.top 1 points 11 months ago

Whoa, just when I thought I had completed my setup haha

[–] sarkyscouser@alien.top 1 points 11 months ago

I use Caddy and agree with your last point in the context of Crowdsec

[–] madrascafe@alien.top 1 points 1 year ago

You mean using dns providers like cloud flare?

It’s very easy just don’t this

caddy add-package github.com/caddy-dns/cloudflare

[–] Veloder@alien.top 1 points 11 months ago (1 children)

If you are using Docker, check out this repository for Caddy builds with different plugins https://github.com/serfriz/caddy-custom-builds

[–] adamshand@alien.top 1 points 11 months ago
[–] bbaulenas@alien.top 1 points 11 months ago

I have not tested it, but someone did auto discovery for caddy

https://github.com/lucaslorentz/caddy-docker-proxy

[–] Exist4@alien.top 1 points 11 months ago (1 children)

Random question from a noobie…. Why do you use something like Traefik versus something like Cloudflare Zero Access? (Again sorry if question is dumb). I’m just a new guy to this learning as I go and after getting up zero access with a $8 domain and now being able to securely access everything via subdomains it seems confusing why apps like Traefik are still so popular? I know I’m missing something there but hoping someone points it out.

[–] adamshand@alien.top 1 points 11 months ago

Because this is r/selfhosted. :-)