Caddy VS Squid

It looks nice and friendly, but for developers I can recommend exploring caddy[1] or nginx[2]. It's a useful technology to have worked with, even if they're ultimately only used for proxying analytics.

[1] https://caddyserver.com/

I began to self-host a Minecraft server using Crafty Controller, an Excalidraw instance, Docmost to replace Notion, Plane to replace Jira, and Penpot to replace Figma. To be able to access them from the internet, I used Nginx Proxy Manager to set up reverse proxies with SSL. You can use Traefik or Caddy instead, but I enjoyed the ease-of-use of NPM. For a dashboard solution, I started with Homarr, but later switched to Homepage because I'm apparently incapable of making a decision and sticking with it.

This approach offers a level of customizability similar to what xcaddy does for the Caddy server, eliminating the complexities associated with writing Rhai scripts to customize a precompiled binary, as is the case with the Apollo Router.

Caddy is a server written in Go programming language, known to be easy peasy to configure (Unlike configuring Nginx), and it also includes https by default.

Caddy is the ultimate web server anyone should be using. This is true for production as well as for local development. It is very fast, and by default obtains and renews SSL certificates automatically. This is useful for when you want to test certain website feature that is only allowed when they're accessed with HTTPS. You get free TLS for all your subdomains, and it does that in a scalable way.

Did you happen to look at caddy? It at least used to have some degree of support for plan9: https://github.com/caddyserver/caddy/issues/1093

https://github.com/caddyserver/caddy/issues/5759 :

> When generating a CA cert via caddy and putting that in the trust store, those private keys can also forge certificates for any other domain.

RFC5280 (2008) "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile" > Section 4.2.1.10

Squid Caching Proxy — A popular and widely adopted proxy and caching solution for network protocols. It caters for FTP, HTTP, and HTTPS. Squid operates in a similar way to Varnish and optimizes data flow between the client and server. In terms of security, it has authorization, access control, authentication, and support for SSL/TLS. As a bonus, you get activity logs.

> But I’m working on setting up a VPN at my house to tunnel all Netflix traffic through ...

On a technical point, you might be able to get away with just using Squid for the proxy, with pretty much default settings.

http://www.squid-cache.org

I used to use that years ago (not with Netflix though) running from a data centre, using an ssh (autossh) tunnel to reach it securely.

Worked pretty well, aside from the extra latency due to the packets having to go an extra half way around the world. ;)

I recommend trying a transparent proxy like Squid. There are many analytics tools for Squid logs. Squid can generate TLS certificates on the fly to inspect secure websites but you'll have to generate and install a CA certificate and key into Squid. You'll also have to import the CA certificate on any machine accessing the internet through the Squid proxy. Squid has the added bonus of caching content to speed up web browsing and reduce data usage.

I “invented” IPFS when I though “wouldn’t it be nice if we could combine Squid-Cache with BackupPC

A couple of dedicated server-side resource caching solutions have emerged over the years: Memcached, Varnish, Squid, etc. Other solutions are less focused on web resource caching and more generic, e.g., Redis or Hazelcast.

Web caching (more techical, probably not useful) there squid-cache

Also, the fact it is distributed by HTTP allow companies (and ISPs) to cache content in Squid servers (http://www.squid-cache.org/). And this is quite a feature!