Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
static-web-server
A cross-platform, high-performance and asynchronous web server for static files-serving. ⚡
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
https://github.com/yandex/gixy/blob/master/docs/en/plugins/a...
(and nixos automatically runs gixy on a configuration generated through it, so the system refuses to build <3)
I use https://static-web-server.net/
Cross-platform, written in Rust, straightforward configuration, secure defaults, also has a hardened container image and a hardened NixOS module.
I wouldn't recommend Caddy. Their official docker image runs as root unnecessarily (and the reasoning suggests a lack of understanding) [1], and they don't provide a properly sandboxed systemd unit file [2].
[1]: https://github.com/caddyserver/caddy-docker/issues/104
I use https://static-web-server.net/
Cross-platform, written in Rust, straightforward configuration, secure defaults, also has a hardened container image and a hardened NixOS module.
I wouldn't recommend Caddy. Their official docker image runs as root unnecessarily (and the reasoning suggests a lack of understanding) [1], and they don't provide a properly sandboxed systemd unit file [2].
[1]: https://github.com/caddyserver/caddy-docker/issues/104
I have nginx-proxy docker container on top of vaultwarden - there aren't any alias directives there. Vaultwarden itself appears to use rust with some http framework called "rocket" [1]. Sorry I'm not familiar with rust world.
But anyways, said vuln doesn't apply to vaultwarden.
[1] https://github.com/dani-garcia/vaultwarden/blob/19e671ff25bf...
I found this a few weeks ago: https://github.com/mlvzk/manix
Caddy has been my default choice recently: https://caddyserver.com
Among other things, it features automatic TLS via ACME and dead-simple configuration for my most common use cases: namely, serving a directory of static files and reverse-proxying to an app server.
I'm also a fan of Traefik but it's strictly a reverse proxy, there's not even built-in support for serving static files. But it's great if you have e.g. a bunch of containers on a single host and you want to front them all with a single load balancer.