this post was submitted on 03 Apr 2025
24 points (87.5% liked)

Selfhosted

45448 readers
255 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
24
Having trouble with my caddy config for my lemmy instance (lemmy.world)
submitted 1 day ago* (last edited 1 day ago) by [email protected] to c/[email protected]
10 comments fedilink hide all child comments
 

I have a lemmy instance running but I'm having trouble with my reverse proxy config. I'm using Caddy. Previously I had used nginx but didn't end up keeping the instance alive. Now I want to get it back up but I've since switched to Caddy because it's just easier. I have several self hosted services already working great with caddy and don't want to disrupt that.

I've found a few configs online but none seem to work. I'm running this on a standard ubuntu server 22.04 box.

Any ideas or suggestions?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 1 day ago (3 children)

The biggest issue I have with Caddy and running ancillary services as some services attempt to utilize port 80 and/or 443 (and may not be configurable), which of course isn't possible because Caddy monopolizes those ports. The best solution to this I've found is to migrate Caddy and my services to docker containers and adding them all to the same "caddy" network.

With your caddy instance still monopolizing port 80 and 443, you can use the Docker expose or port parameters to allow your containers to utilize port 80 and/or 443 from within the container, but proxify it on the host network. This is what my caddy config looks like;

{
        admin 127.0.0.1:2019
        email {email}
        acme_dns cloudflare {token}
}
domain.dev, domain.one {
        encode zstd gzip
        redir https://google.com/
}
*.domain.dev, *.domain.one {
        encode zstd gzip
        @book host bk.domain.dev bk.domain.one
        handle @book {
                reverse_proxy linkding:9090
        }
        @git host git.domain.dev git.domain.one
        handle @git {
                reverse_proxy rgit:8000
        }
        @jelly host jelly.domain.dev jelly.domain.one
        handle @jelly {
                reverse_proxy {ip}:8096
        }
        @status host status.domain.dev status.domain.one
        handle @status {
                reverse_proxy status:3000
        }
        @wg host wg.domain.dev wg.domain.one
        handle @wg {
                reverse_proxy wg:51820
        }
        @ping host ping.domain.dev ping.domain.one
        handle @ping {
                respond "pong!"
        }
}

It works very well.

[–] [email protected] 1 points 19 hours ago (1 children)

You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.

Though that is still experimental.

[–] [email protected] 2 points 8 hours ago

Well that's dope... Didn't know that was a thing.

[–] [email protected] 2 points 1 day ago (1 children)

How are you doing your certs with this set up?

[–] [email protected] 1 points 8 hours ago

Caddy manages everything, including certs for both domains. So I guess my answer would be, you don't.

[–] [email protected] 0 points 1 day ago (1 children)

Caddy does not need 80 and 443. I've changed them to unprivileged ports like 8000 and 8443.

Besides, op doesn't mention having problems with ports

[–] [email protected] 1 points 8 hours ago

Caddy does not need 80 and 443.

By default and all measurable expectation it does. Unless you can't use privileged HTTP/HTTPS ports, there's no real reason to use unprivileged ports.

Besides, op doesn’t mention having problems with ports

OP said he was having issues, and this is a common issue I've had. Since he was non-descript as to what the issues were, it's really not stupid to mention it.