acme-companion VS caddy-l4

My hunch is that because I decided to include the acme-companion image in this nginx setup, that maybe it has something to do with the SSL certs? The only other thing I could think of is that I had to combine the networks in order for nginx-proxy and Sonarr both to be able to see my transmission instance via:

Probably want acme with nginx https://github.com/nginx-proxy/acme-companion

setting up letsencrypt with nginx-proxy and acme-companion

I'm experiencing a weird situation, and am not sure how to go about finding a solution. I am running the nginx-proxy container (https://github.com/nginx-proxy/nginx-proxy) together with the acme-companion container (https://github.com/nginx-proxy/acme-companion) to provide https connections to all my different applications under different subdomains on the same host (currently, for testing purposes: only two other nginx containers with a plain html page).

We use the nginx-proxy docker image with its acme-companion to have an auto configuring SSL reverse proxy, so it's really easy to deploy images (we do it based on a merge PR into protected release branches).

Use a reverse proxy to handle TLS/SSL encryption. I find nginx-proxy with companion easy to use, just follow steps 1, 2, 3.

Where I'm running into issues is with the two stacks I have deployed - one is a wordpress stack which uses the wordpress image along with a db image (going by the docs here), and the other is the nginx-proxy and acme-companion (going by the docs here).

Just use nginx-proxy and the LetsEncrypt companion as reverse proxy to handle TLS/SSL in front of your web server.

You can simply use this proxy container which automatically generates nginx config based on envs set in your containers. There is also a companion container which takes care of your certs. https://github.com/nginx-proxy/nginx-proxy https://github.com/nginx-proxy/acme-companion

https://github.com/nginx-proxy/acme-companion https://github.com/nginx-proxy/docker-gen https://github.com/projectdiscovery/dnsx https://github.com/projectdiscovery/httpx https://github.com/projectdiscovery/mapcidr https://github.com/debauchee/barrier https://github.com/stedolan/jq https://github.com/ddosify/ddosify https://github.com/kubernetes-sigs/kind https://github.com/mailcow/mailcow-dockerized https://github.com/motiv-labs/janus

https://github.com/mholt/caddy-l4 and https://github.com/kadeessh/kadeessh can do SSH forwarding.

3) Use a L4 TCP/UDP plugin for caddy. https://github.com/mholt/caddy-l4

Wireguard gives my service servers their own internal IP for the gateway to reference (nothing fancy done with it, no iptables modifications like you may see on other guides), and I use NGINX for the game server proxying, specifically linuxserver's nginx container. I love Caddy, but even with caddy-l4 I couldn't get it working right for Valheim (and thus UDP), but NGINX worked real quick.

This may help: https://github.com/mholt/caddy-l4

Well, that's a bit off-topic from the parent comment, which was more about the Caddyfile supporting complex config (versus the underlying JSON config) and not really "complex usecases".

But that said, from a quick Google search... was this an RTMP stream? If so, I suppose you'd want to use https://github.com/mholt/caddy-l4 which is a plugin for Caddy that lets you do TCP-layer things. Caddy's standard distribution just ships an HTTP server (plus TLS and PKI, etc), which is layer-7

You might be able to use caddy-l4's "tee" handler to pipe into multiple "proxy" handlers. But I'm not sure anyone's tried this yet, I had no idea people did this sort of thing. I'd be interested to hear if it does work though.

If you are only having your services accessible via LAN, HTTPS isn't totally necessary, but I would still recommend it. I think a reverse proxy will be easier than your described method. Just set it to listen to 443 and have all of your other services on random ports being proxied from the reverse proxy. If you want HTTPS from your reverse proxy to your services, most reverse proxies will have this kind of feature. Here is the caddy L4 raw TCP stream module: https://github.com/mholt/caddy-l4

I had a similar problem a while back and found this project (Caddy-L4). It had no releases or examples on how to build it so I forked it and added some Docker stuff.

"Caddy L4" aka "Project Conncept" might be what you're looking for:

https://github.com/mholt/caddy-l4

"Project Conncept is an experimental layer 4 app for Caddy. It facilitates composable handling of raw TCP/UDP connections based on properties of the connection or the beginning of the stream."