acme-companion
Caddy
Our great sponsors
acme-companion | Caddy | |
---|---|---|
32 | 399 | |
7,229 | 53,025 | |
0.9% | 2.3% | |
7.6 | 9.4 | |
about 1 month ago | 7 days ago | |
Shell | Go | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
acme-companion
-
Wireguard (docker-compose) has stopped being able to connect to the internet.
My hunch is that because I decided to include the acme-companion image in this nginx setup, that maybe it has something to do with the SSL certs? The only other thing I could think of is that I had to combine the networks in order for nginx-proxy and Sonarr both to be able to see my transmission instance via:
-
Add https to docker app
Probably want acme with nginx https://github.com/nginx-proxy/acme-companion
-
Beginner questions about deploying node.js app on Beanstalk
setting up letsencrypt with nginx-proxy and acme-companion
-
Further investigating 403 – access forbidden by rule
I'm experiencing a weird situation, and am not sure how to go about finding a solution. I am running the nginx-proxy container (https://github.com/nginx-proxy/nginx-proxy) together with the acme-companion container (https://github.com/nginx-proxy/acme-companion) to provide https connections to all my different applications under different subdomains on the same host (currently, for testing purposes: only two other nginx containers with a plain html page).
-
What is the correct way to have my webapp in one container and the webserver in another?
We use the nginx-proxy docker image with its acme-companion to have an auto configuring SSL reverse proxy, so it's really easy to deploy images (we do it based on a merge PR into protected release branches).
-
dockerfile for httpd
Just use nginx-proxy and the LetsEncrypt companion as reverse proxy to handle TLS/SSL in front of your web server.
-
nginx-proxy-manager abandoned?
You can simply use this proxy container which automatically generates nginx config based on envs set in your containers. There is also a companion container which takes care of your certs. https://github.com/nginx-proxy/nginx-proxy https://github.com/nginx-proxy/acme-companion
-
Tools for automation and daily tasks
https://github.com/nginx-proxy/acme-companion https://github.com/nginx-proxy/docker-gen https://github.com/projectdiscovery/dnsx https://github.com/projectdiscovery/httpx https://github.com/projectdiscovery/mapcidr https://github.com/debauchee/barrier https://github.com/stedolan/jq https://github.com/ddosify/ddosify https://github.com/kubernetes-sigs/kind https://github.com/mailcow/mailcow-dockerized https://github.com/motiv-labs/janus
-
Trying to figure out how to update our SSL certificates for a couple of docker webapps using nginx
If you use Docker anyway, have a look at nginx-proxy and it's acme companion. When running on the same host, it will automatically find other containers via docker.sock and then route and create Let's Encrypt certificates for the (sub-)domain you add via env.
-
Help for Iran: How to host the signal-tls-proxy for iran behind a nginx
For the signal proxy, they are using nginx and letsencrypt already and the ports 80 and 443. My current setup already involves an nginx proxy as well as a certbot, so how can I host this signal proxy in my infrastructure?
Caddy
-
Show HN: Nano-web, a low latency one binary webserver designed for serving SPAs
Caddy [1] is a single binary. It is not minimal, but the size difference is barely noticeable.
serve also comes to mind. If you have node installed, `npx serve .` does exactly that.
There are a few go projects that fit your description, none of them very popular, probably because they end up being a 20-line wrapper around http frameworks just like this one.
-
I Deployed My Own Cute Lil’ Private Internet (a.k.a. VPC)
Each app’s front end is built with Qwik and uses Tailwind for styling. The server-side is powered by Qwik City (Qwik’s official meta-framework) and runs on Node.js hosted on a shared Linode VPS. The apps also use PM2 for process management and Caddy as a reverse proxy and SSL provisioner. The data is stored in a PostgreSQL database that also runs on a shared Linode VPS. The apps interact with the database using Drizzle, an Object-Relational Mapper (ORM) for JavaScript. The entire infrastructure for both apps is managed with Terraform using the Terraform Linode provider, which was new to me, but made provisioning and destroying infrastructure really fast and easy (once I learned how it all worked).
-
Cheapest ECS Fargate Service with HTTPS
Let's use Caddy which can act as reverse-proxy with automatic HTTPS coverage.
-
Bluesky announces data federation for self hosters
Even if it may be simple, it doesn't handle edge cases such as https://github.com/caddyserver/caddy/issues/1632
I personally would make the trade off of taking on more complexity so that I can have extra compatibility.
-
Freenginx.org
I haven't read the content of the patches to understand the impact of the bugs, but from my own experience [0] I can suggest a few reasons:
- CVEs are gold to researchers and organizations like citations are to academics. In this case, the CVEs were filed based on "policy" but it's unclear if they are just adding noise to the DB.
- The severity of the bug is not as severe as greater powers-that-be would like to think (again, they see it as doing due diligence; developers who know the ins and outs might see it as an overreaction).
- Bug is in an experimental feature.
I'm not saying one way is right or not in this case, just pointing out my experience has generally been that CVEs are kind of broken in general...
One of the most heavily used Russian software projects on the internet https://www.nginx.com/blog/do-svidaniya-igor-thank-you-for-n... but it's only marginally more modern than Apache httpd.
In light of recently announced nginx memory-safety vulnerabilities I'd suggest migrating to Caddy https://caddyserver.com/
- Asciinema 3.0 will be rewritten in Rust
-
AI for Web Devs: Deploying Your AI App to Production
My preferred solution is using Caddy. This will resolve the networking issues, work as a great reverse proxy, and takes care of the whole SSL process for us. We can follow the install instructions from their documentation and run these five commands:
-
I abandoned OpenLiteSpeed and went back to good ol' Nginx
> I’m not aware of anyone running Caddy at any sort of scale for customers.
Well, to name a few...
- Stripe (https://twitter.com/caddyserver/status/1559591673511813120)
- Mercedes-Benz (https://github.com/caddyserver/caddy/pull/5275#issuecomment-...)
- Approximated.app (https://dev.to/carterbryden/how-to-allow-end-user-custom-dom...)
- FusionAuth (https://fusionauth.io/blog/unlimited-domains-fusionauth)
The problem is those using Caddy are shy, not that it's not used at all. I know this because I see users removing the `server` header on the Caddy forum all the time, and many of the large users are just shy of their technology stack when it comes to Caddy.
Disclaimer: Member of the Caddy team
What are some alternatives?
traefik - The Cloud Native Application Proxy
HAProxy - HAProxy documentation
Nginx - An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
envoy - Cloud-native high-performance edge/middle/service proxy
RoadRunner - 🤯 High-performance PHP application server, process manager written in Go and powered with plugins
Squid - Squid Web Proxy Cache
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
docker-compose-letsencrypt-nginx-proxy-companion - Automated docker nginx proxy integrated with letsencrypt. [Moved to: https://github.com/evertramos/nginx-proxy-automation]
caddy-docker-proxy - Caddy as a reverse proxy for Docker
nginx-proxy - Automated nginx proxy for Docker containers using docker-gen
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
Docker Compose - Define and run multi-container applications with Docker