caddy-docker-proxy
docker-swag
Our great sponsors
caddy-docker-proxy | docker-swag | |
---|---|---|
52 | 295 | |
2,284 | 2,488 | |
- | 2.9% | |
7.6 | 9.2 | |
7 days ago | 6 days ago | |
Go | Dockerfile | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
caddy-docker-proxy
-
Keycloak SSO with Docker Compose and Nginx
My go to is always this instead:
https://github.com/lucaslorentz/caddy-docker-proxy
Single label to a docker container and with correct DNS you’ll have an automatically managed certificate right away.
-
Working on Multiple Web Projects with Docker Compose and Traefik
I have had a great experience with using this: https://github.com/lucaslorentz/caddy-docker-proxy
It combines caddy with docker-compose labels, making it super easy to spin up new projects that can immediately be exposed.
-
Caddy is the first and only web server to use HTTPS automatically and by default
If you want a slightly heavier but more robust solution, caddy-docker-proxy[0] is a plugin that listens to the Docker socket and automatically updates the Caddy configuration based on Docker labels you add to containers.
I.e. it makes Caddy act a bit more like Traefik. Most of the time, you'll just add the label `caddy.reverse_proxy={{upstreams http 8080}}` to your containers and the plugin will regenerate Caddy's configuration whenever the container is modified.
-
Nginx Development Guide
I disagree, Caddy works great in Docker. See https://caddyserver.com/docs/running#docker-compose, and CDP is a project that autoconfigures Caddy from labels https://github.com/lucaslorentz/caddy-docker-proxy. Regarding plugins, it's super simple to write a Dockerfile to add plugins, we ship a builder image variant that can be used to compile in any plugins you want.
-
How I run my servers
````
This way, Caddy will buffer the request and give 30 seconds for your new service to get online when you're deploying a new version.
Ideally, during deployment of a new version the new version should go live and healthy before caddy starts using it (and kills the old container). I've looked at https://github.com/Wowu/docker-rollout and https://github.com/lucaslorentz/caddy-docker-proxy but haven't had time to prioritize it yet.
-
Which reverse proxy are you using?
And if you're using Docker then you can use Caddy Docker Proxy to configure Caddy directly in your Docker compose files:
Docker labels support is available via a plugin https://github.com/lucaslorentz/caddy-docker-proxy
-
My repository of the week: NGINX Proxy - Automated nginx for your containers
Or caddy-docker-proxy: https://github.com/lucaslorentz/caddy-docker-proxy
-
Ask HN: What's on Your Home Server?
- zwave-js-ui (manages the zwave based smart home devices I have...about 20 or so)
My router/firewall is a separate devices running OPNsense.
I run all the services with docker-compose. The server itself is a bit of a snowflake but all the critical parts of the services are in their respective docker directories so backup is a snap (aside from postgres which has a separate backup process).
Currently I'm working on documenting a recovery procedure for Vaultwarden from our Backblaze backups so that in the event something happens to me my wife will be able to recover the Vaultwarden instance and our passwords. That's a fun exercise in documentation and simplifying the process.
Snapcast has really been a dream for multi-room audio setup. It presents a Spotify Connect device to anyone on my wifi. It has a separate stream which comes from whatever is being played on MPD and it is easily configured to play audio from whichever of those two streams is actively playing music...so I don't have to manually switch between them.
Caddy has been great for organizing everything and ensuring each service has HTTPS. I understand Traefik is somewhat more purpose built for doing this with a bunch of containers but I haven't had a need to switch.
I do use https://github.com/lucaslorentz/caddy-docker-proxy for letting the containers themselves describe their respective domains and mapping.
I do have a VPS and use it for the occasional site that needs to be more reliable than my home internet (which itself is quite reliable but I'm not counting 9s there). More and more I find I'm comfortable putting random static sites on my machine at home, though.
- Most used selfhosted services in 2022?
docker-swag
- Fail2Ban – Daemon to ban hosts that cause multiple authentication errors
- How do you renew SSL certificates?
-
LDAP or AD for selfhosted
https://docs.linuxserver.io/general/swag makes the setup of Authelia very simple.
-
VPN vs Exposing ports/subdomains for services
If you're issuing certs, you might as well centralize with a reverse proxy etc etc. -- take a look at something like a combination of Duckdns and SWAG from linuxserver.io (https://docs.linuxserver.io/general/swag), which does a lot of the heavy lifting for integrations with Lets Encrypt.
-
Next cloud Nginx on two different machines
Linuxserver.io maintains a reverse proxy (SWAG) and they have a github repo of all the configs they support, nextcloud being one of them (ofc to do it on your own you have to merge a few of the includes they have ssl.conf, proxy.conf, etc).
-
Did you have serious attacks on your exposed services before?
I have a domain through Cloudflare and I use a Cloudflare tunnel to expose my services on my domain. Geoblocking helps filter a lot of erroneous traffic. Cloudflare also has some useful features to help with blocking malicious attacks and bots. For my reverse proxy, I use SWAG
- Plex, sonarr, and radarr have saved my sanity... and ruined my gaming computer at the same time
-
Who else doesn’t work in IT? What are you struggling with today.
Long-time amateur here. I tried a bunch of different methods for reverse proxies, and in the end, I used the SWAG docker container from Linuxserver.io, which simplifies it a great deal, and helped me understand the proper syntax.
This is what I used: https://docs.linuxserver.io/general/swag
-
This is probably the stupidest question and I'm 99% sure I know the answer
It's all in their repo https://github.com/linuxserver/docker-swag and docs https://docs.linuxserver.io/general/swag
What are some alternatives?
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
authentik - The authentication glue you need.
traefik-examples - docker-compose configurations examples for traefik
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
authelia - The Single Sign-On Multi-Factor portal for web apps
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Navidrome Music Server - 🎧☁️ Modern Music Server and Streamer compatible with Subsonic/Airsonic
traefik - The Cloud Native Application Proxy
Jellyfin - The Free Software Media System
docker-pihole-unbound - Run Pi-Hole + Unbound on Docker