Caddy
caddy-docker-proxy
Our great sponsors
Caddy | caddy-docker-proxy | |
---|---|---|
399 | 52 | |
53,025 | 2,275 | |
2.3% | - | |
9.4 | 7.6 | |
6 days ago | 8 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Caddy
-
Show HN: Nano-web, a low latency one binary webserver designed for serving SPAs
Caddy [1] is a single binary. It is not minimal, but the size difference is barely noticeable.
serve also comes to mind. If you have node installed, `npx serve .` does exactly that.
There are a few go projects that fit your description, none of them very popular, probably because they end up being a 20-line wrapper around http frameworks just like this one.
-
I Deployed My Own Cute Lil’ Private Internet (a.k.a. VPC)
Each app’s front end is built with Qwik and uses Tailwind for styling. The server-side is powered by Qwik City (Qwik’s official meta-framework) and runs on Node.js hosted on a shared Linode VPS. The apps also use PM2 for process management and Caddy as a reverse proxy and SSL provisioner. The data is stored in a PostgreSQL database that also runs on a shared Linode VPS. The apps interact with the database using Drizzle, an Object-Relational Mapper (ORM) for JavaScript. The entire infrastructure for both apps is managed with Terraform using the Terraform Linode provider, which was new to me, but made provisioning and destroying infrastructure really fast and easy (once I learned how it all worked).
-
Cheapest ECS Fargate Service with HTTPS
Let's use Caddy which can act as reverse-proxy with automatic HTTPS coverage.
-
Bluesky announces data federation for self hosters
Even if it may be simple, it doesn't handle edge cases such as https://github.com/caddyserver/caddy/issues/1632
I personally would make the trade off of taking on more complexity so that I can have extra compatibility.
-
Freenginx.org
I haven't read the content of the patches to understand the impact of the bugs, but from my own experience [0] I can suggest a few reasons:
- CVEs are gold to researchers and organizations like citations are to academics. In this case, the CVEs were filed based on "policy" but it's unclear if they are just adding noise to the DB.
- The severity of the bug is not as severe as greater powers-that-be would like to think (again, they see it as doing due diligence; developers who know the ins and outs might see it as an overreaction).
- Bug is in an experimental feature.
I'm not saying one way is right or not in this case, just pointing out my experience has generally been that CVEs are kind of broken in general...
One of the most heavily used Russian software projects on the internet https://www.nginx.com/blog/do-svidaniya-igor-thank-you-for-n... but it's only marginally more modern than Apache httpd.
In light of recently announced nginx memory-safety vulnerabilities I'd suggest migrating to Caddy https://caddyserver.com/
- Asciinema 3.0 will be rewritten in Rust
-
AI for Web Devs: Deploying Your AI App to Production
My preferred solution is using Caddy. This will resolve the networking issues, work as a great reverse proxy, and takes care of the whole SSL process for us. We can follow the install instructions from their documentation and run these five commands:
-
I abandoned OpenLiteSpeed and went back to good ol' Nginx
> I’m not aware of anyone running Caddy at any sort of scale for customers.
Well, to name a few...
- Stripe (https://twitter.com/caddyserver/status/1559591673511813120)
- Mercedes-Benz (https://github.com/caddyserver/caddy/pull/5275#issuecomment-...)
- Approximated.app (https://dev.to/carterbryden/how-to-allow-end-user-custom-dom...)
- FusionAuth (https://fusionauth.io/blog/unlimited-domains-fusionauth)
The problem is those using Caddy are shy, not that it's not used at all. I know this because I see users removing the `server` header on the Caddy forum all the time, and many of the large users are just shy of their technology stack when it comes to Caddy.
Disclaimer: Member of the Caddy team
caddy-docker-proxy
-
Keycloak SSO with Docker Compose and Nginx
My go to is always this instead:
https://github.com/lucaslorentz/caddy-docker-proxy
Single label to a docker container and with correct DNS you’ll have an automatically managed certificate right away.
-
Working on Multiple Web Projects with Docker Compose and Traefik
I have had a great experience with using this: https://github.com/lucaslorentz/caddy-docker-proxy
It combines caddy with docker-compose labels, making it super easy to spin up new projects that can immediately be exposed.
-
Caddy is the first and only web server to use HTTPS automatically and by default
If you want a slightly heavier but more robust solution, caddy-docker-proxy[0] is a plugin that listens to the Docker socket and automatically updates the Caddy configuration based on Docker labels you add to containers.
I.e. it makes Caddy act a bit more like Traefik. Most of the time, you'll just add the label `caddy.reverse_proxy={{upstreams http 8080}}` to your containers and the plugin will regenerate Caddy's configuration whenever the container is modified.
-
Nginx Development Guide
I disagree, Caddy works great in Docker. See https://caddyserver.com/docs/running#docker-compose, and CDP is a project that autoconfigures Caddy from labels https://github.com/lucaslorentz/caddy-docker-proxy. Regarding plugins, it's super simple to write a Dockerfile to add plugins, we ship a builder image variant that can be used to compile in any plugins you want.
-
How I run my servers
````
This way, Caddy will buffer the request and give 30 seconds for your new service to get online when you're deploying a new version.
Ideally, during deployment of a new version the new version should go live and healthy before caddy starts using it (and kills the old container). I've looked at https://github.com/Wowu/docker-rollout and https://github.com/lucaslorentz/caddy-docker-proxy but haven't had time to prioritize it yet.
-
Which reverse proxy are you using?
And if you're using Docker then you can use Caddy Docker Proxy to configure Caddy directly in your Docker compose files:
Docker labels support is available via a plugin https://github.com/lucaslorentz/caddy-docker-proxy
-
My repository of the week: NGINX Proxy - Automated nginx for your containers
Or caddy-docker-proxy: https://github.com/lucaslorentz/caddy-docker-proxy
-
Ask HN: What's on Your Home Server?
- zwave-js-ui (manages the zwave based smart home devices I have...about 20 or so)
My router/firewall is a separate devices running OPNsense.
I run all the services with docker-compose. The server itself is a bit of a snowflake but all the critical parts of the services are in their respective docker directories so backup is a snap (aside from postgres which has a separate backup process).
Currently I'm working on documenting a recovery procedure for Vaultwarden from our Backblaze backups so that in the event something happens to me my wife will be able to recover the Vaultwarden instance and our passwords. That's a fun exercise in documentation and simplifying the process.
Snapcast has really been a dream for multi-room audio setup. It presents a Spotify Connect device to anyone on my wifi. It has a separate stream which comes from whatever is being played on MPD and it is easily configured to play audio from whichever of those two streams is actively playing music...so I don't have to manually switch between them.
Caddy has been great for organizing everything and ensuring each service has HTTPS. I understand Traefik is somewhat more purpose built for doing this with a bunch of containers but I haven't had a need to switch.
I do use https://github.com/lucaslorentz/caddy-docker-proxy for letting the containers themselves describe their respective domains and mapping.
I do have a VPS and use it for the occasional site that needs to be more reliable than my home internet (which itself is quite reliable but I'm not counting 9s there). More and more I find I'm comfortable putting random static sites on my machine at home, though.
- Most used selfhosted services in 2022?
What are some alternatives?
traefik - The Cloud Native Application Proxy
HAProxy - HAProxy documentation
Nginx - An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
envoy - Cloud-native high-performance edge/middle/service proxy
RoadRunner - 🤯 High-performance PHP application server, process manager written in Go and powered with plugins
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
Squid - Squid Web Proxy Cache
docker-swag - Nginx webserver and reverse proxy with php support and a built-in Certbot (Let's Encrypt) client. It also contains fail2ban for intrusion prevention.
Lighttpd - lighttpd2 on github for easier collaboration - main repo still on lighttpd.net
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.