Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
That just seems like an even greater nightmare to me. Soon you would have to learn to read and understand a custom program in a Turing-complete language for each and every installation.
The proper solution is a DSL, just a better DSl. Or perhaps a DSL embedded in something like dhall <https://dhall-lang.org/>, but definitely not a general-purpose programming language.
I would recommend giving Caddy[0] a try.
Most servers/reverse proxies need 10s of options to work more or less well. With Caddy, "correct" is the default, including having the best SSL management system (so you don't even need certbot) I've seen, and using HTTPS by default. It's true that it has some things missing (rate-limitng and weighted load balancing to name a few) that you can do in Nginx/Traefik/etc, but it's 100% worth it. Caddy also has a great extension system, so those things could easily be created as extensions.
[0] https://caddyserver.com/
Caddy has a rate limiting plugin. Using it requires building a new Docker image, if necessary. https://github.com/hundertzehn/caddy-ratelimit