docker-swag
Caddy
Our great sponsors
docker-swag | Caddy | |
---|---|---|
295 | 399 | |
2,488 | 53,025 | |
2.9% | 2.3% | |
9.2 | 9.4 | |
5 days ago | 7 days ago | |
Dockerfile | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
docker-swag
- Fail2Ban – Daemon to ban hosts that cause multiple authentication errors
- How do you renew SSL certificates?
-
LDAP or AD for selfhosted
https://docs.linuxserver.io/general/swag makes the setup of Authelia very simple.
-
VPN vs Exposing ports/subdomains for services
If you're issuing certs, you might as well centralize with a reverse proxy etc etc. -- take a look at something like a combination of Duckdns and SWAG from linuxserver.io (https://docs.linuxserver.io/general/swag), which does a lot of the heavy lifting for integrations with Lets Encrypt.
-
Next cloud Nginx on two different machines
Linuxserver.io maintains a reverse proxy (SWAG) and they have a github repo of all the configs they support, nextcloud being one of them (ofc to do it on your own you have to merge a few of the includes they have ssl.conf, proxy.conf, etc).
-
Did you have serious attacks on your exposed services before?
I have a domain through Cloudflare and I use a Cloudflare tunnel to expose my services on my domain. Geoblocking helps filter a lot of erroneous traffic. Cloudflare also has some useful features to help with blocking malicious attacks and bots. For my reverse proxy, I use SWAG
- Plex, sonarr, and radarr have saved my sanity... and ruined my gaming computer at the same time
-
Who else doesn’t work in IT? What are you struggling with today.
Long-time amateur here. I tried a bunch of different methods for reverse proxies, and in the end, I used the SWAG docker container from Linuxserver.io, which simplifies it a great deal, and helped me understand the proper syntax.
This is what I used: https://docs.linuxserver.io/general/swag
-
This is probably the stupidest question and I'm 99% sure I know the answer
It's all in their repo https://github.com/linuxserver/docker-swag and docs https://docs.linuxserver.io/general/swag
Caddy
-
Show HN: Nano-web, a low latency one binary webserver designed for serving SPAs
Caddy [1] is a single binary. It is not minimal, but the size difference is barely noticeable.
serve also comes to mind. If you have node installed, `npx serve .` does exactly that.
There are a few go projects that fit your description, none of them very popular, probably because they end up being a 20-line wrapper around http frameworks just like this one.
-
I Deployed My Own Cute Lil’ Private Internet (a.k.a. VPC)
Each app’s front end is built with Qwik and uses Tailwind for styling. The server-side is powered by Qwik City (Qwik’s official meta-framework) and runs on Node.js hosted on a shared Linode VPS. The apps also use PM2 for process management and Caddy as a reverse proxy and SSL provisioner. The data is stored in a PostgreSQL database that also runs on a shared Linode VPS. The apps interact with the database using Drizzle, an Object-Relational Mapper (ORM) for JavaScript. The entire infrastructure for both apps is managed with Terraform using the Terraform Linode provider, which was new to me, but made provisioning and destroying infrastructure really fast and easy (once I learned how it all worked).
-
Cheapest ECS Fargate Service with HTTPS
Let's use Caddy which can act as reverse-proxy with automatic HTTPS coverage.
-
Bluesky announces data federation for self hosters
Even if it may be simple, it doesn't handle edge cases such as https://github.com/caddyserver/caddy/issues/1632
I personally would make the trade off of taking on more complexity so that I can have extra compatibility.
-
Freenginx.org
I haven't read the content of the patches to understand the impact of the bugs, but from my own experience [0] I can suggest a few reasons:
- CVEs are gold to researchers and organizations like citations are to academics. In this case, the CVEs were filed based on "policy" but it's unclear if they are just adding noise to the DB.
- The severity of the bug is not as severe as greater powers-that-be would like to think (again, they see it as doing due diligence; developers who know the ins and outs might see it as an overreaction).
- Bug is in an experimental feature.
I'm not saying one way is right or not in this case, just pointing out my experience has generally been that CVEs are kind of broken in general...
One of the most heavily used Russian software projects on the internet https://www.nginx.com/blog/do-svidaniya-igor-thank-you-for-n... but it's only marginally more modern than Apache httpd.
In light of recently announced nginx memory-safety vulnerabilities I'd suggest migrating to Caddy https://caddyserver.com/
- Asciinema 3.0 will be rewritten in Rust
-
AI for Web Devs: Deploying Your AI App to Production
My preferred solution is using Caddy. This will resolve the networking issues, work as a great reverse proxy, and takes care of the whole SSL process for us. We can follow the install instructions from their documentation and run these five commands:
-
I abandoned OpenLiteSpeed and went back to good ol' Nginx
> I’m not aware of anyone running Caddy at any sort of scale for customers.
Well, to name a few...
- Stripe (https://twitter.com/caddyserver/status/1559591673511813120)
- Mercedes-Benz (https://github.com/caddyserver/caddy/pull/5275#issuecomment-...)
- Approximated.app (https://dev.to/carterbryden/how-to-allow-end-user-custom-dom...)
- FusionAuth (https://fusionauth.io/blog/unlimited-domains-fusionauth)
The problem is those using Caddy are shy, not that it's not used at all. I know this because I see users removing the `server` header on the Caddy forum all the time, and many of the large users are just shy of their technology stack when it comes to Caddy.
Disclaimer: Member of the Caddy team
What are some alternatives?
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
traefik - The Cloud Native Application Proxy
HAProxy - HAProxy documentation
Nginx - An official read-only mirror of http://hg.nginx.org/nginx/ which is updated hourly. Pull requests on GitHub cannot be accepted and will be automatically closed. The proper way to submit changes to nginx is via the nginx development mailing list, see http://nginx.org/en/docs/contributing_changes.html
envoy - Cloud-native high-performance edge/middle/service proxy
authentik - The authentication glue you need.
traefik-examples - docker-compose configurations examples for traefik
RoadRunner - 🤯 High-performance PHP application server, process manager written in Go and powered with plugins
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
Squid - Squid Web Proxy Cache
authelia - The Single Sign-On Multi-Factor portal for web apps
Navidrome Music Server - 🎧☁️ Modern Music Server and Streamer compatible with Subsonic/Airsonic