Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Francis definitely gets to claim the "Show HN" on this one, as he authored more commits to Caddy during this timeframe than I did: https://github.com/caddyserver/caddy/graphs/contributors?fro...
He and several other maintainers, community helpers, distribution team members, and sponsors go a long way to making this project tick. Thanks for all you do!
Caddy at its simplest form is an HTTP server. So you could use it to front end your application that otherwise isn't well suited for taking direct HTTP requests. Caddy would bring you other features like TLS support.
However I think in K8s world Caddy would make the most sense as an Ingress Controller. There is even a project as such: https://github.com/caddyserver/ingress
All traffic would terminate first at Caddy. Handling TLS, HTTP1/2/3, etc. Then passing it back to your application service/pod.
I've been using this Docker image in a Docker Compose configuration to run some apps on a VPS
https://github.com/lucaslorentz/caddy-docker-proxy
Pretty nice, handles routing to your containers and manages LetsEncrypt for you. Response times are super fast too (<= 100ms for an ASP Web API application which uses Postgres via Entity Framework).
Thanks for recommending it!
I hear ya. The JSON config is definitely not trivial. I wrote our JSON docs and strove to made them easy to follow. You can traverse into the module structure piece-by-piece here: https://caddyserver.com/docs/json/
There is also a Caddy plugin by @abiosoft that can generate a JSON schema for your custom Caddy builds, which can then be used by IDEs to give you autocomplete and validation: https://github.com/abiosoft/caddy-json-schema
I also sometimes recommend writing your config by hand in the Caddyfile, then using `caddy adapt` to get the JSON equivalent. (It might not always be the prettiest JSON, since the adapter is only so smart.) But then you can fine-tune the JSON a little easier, possibly. Hope that helps!
"Caddy L4" aka "Project Conncept" might be what you're looking for:
https://github.com/mholt/caddy-l4
"Project Conncept is an experimental layer 4 app for Caddy. It facilitates composable handling of raw TCP/UDP connections based on properties of the connection or the beginning of the stream."
Not a secret now haha!
I used to use this https://github.com/nginx-proxy/nginx-proxy (used to be under jwilder's GitHub account) which was also a good tool, and then used behind CloudFlare for free SSL certificates, but the Caddy container with automatic LetsEncrypt is fantastic also.
Could you be more specific about these complaints? What examples don't work? We can't work on improving the docs if we don't get specific and actionable feedback. The docs are found at https://github.com/caddyserver/website if you want to propose any changes.
Because Lego maintainers wouldn't budge when Caddy needed changes made to increase ACME reliability. Matt wrote his own implementation https://github.com/mholt/acmez and started using that in Caddy soon after. There's a deeper explanation here: https://github.com/caddyserver/certmagic/issues/71
Because Lego maintainers wouldn't budge when Caddy needed changes made to increase ACME reliability. Matt wrote his own implementation https://github.com/mholt/acmez and started using that in Caddy soon after. There's a deeper explanation here: https://github.com/caddyserver/certmagic/issues/71
Related posts
- Autostrada: A codebase generator for new Go projects
- General Docker Troubleshooting, Best Practices & Where to Go From Here
- Running one’s own root Certificate Authority in 2023
- I am once again asking that "web" and "fullstack" developers...
- Where do you get/setup certificates from for your https/ssl?