Having trouble with my caddy config for my lemmy instance
from BuckRowdy@lemmy.world to selfhosted@lemmy.world on 03 Apr 22:45
https://lemmy.world/post/27755926
from BuckRowdy@lemmy.world to selfhosted@lemmy.world on 03 Apr 22:45
https://lemmy.world/post/27755926
I have a lemmy instance running but I’m having trouble with my reverse proxy config. I’m using Caddy. Previously I had used nginx but didn’t end up keeping the instance alive. Now I want to get it back up but I’ve since switched to Caddy because it’s just easier. I have several self hosted services already working great with caddy and don’t want to disrupt that.
I’ve found a few configs online but none seem to work. I’m running this on a standard ubuntu server 22.04 box.
Any ideas or suggestions?
threaded - newest
The biggest issue I have with Caddy and running ancillary services as some services attempt to utilize port 80 and/or 443 (and may not be configurable), which of course isn’t possible because Caddy monopolizes those ports. The best solution to this I’ve found is to migrate Caddy and my services to docker containers and adding them all to the same “caddy” network.
With your caddy instance still monopolizing port 80 and 443, you can use the Docker
exposeorportparameters to allow your containers to utilize port 80 and/or 443 from within the container, but proxify it on the host network. This is what my caddy config looks like;{ admin 127.0.0.1:2019 email {email} acme_dns cloudflare {token} } domain.dev, domain.one { encode zstd gzip redir https://google.com/ } *.domain.dev, *.domain.one { encode zstd gzip @book host bk.domain.dev bk.domain.one handle @book { reverse_proxy linkding:9090 } @git host git.domain.dev git.domain.one handle @git { reverse_proxy rgit:8000 } @jelly host jelly.domain.dev jelly.domain.one handle @jelly { reverse_proxy {ip}:8096 } @status host status.domain.dev status.domain.one handle @status { reverse_proxy status:3000 } @wg host wg.domain.dev wg.domain.one handle @wg { reverse_proxy wg:51820 } @ping host ping.domain.dev ping.domain.one handle @ping { respond "pong!" } }It works very well.
How are you doing your certs with this set up?
Caddy manages everything, including certs for both domains. So I guess my answer would be, you don’t.
Caddy does not need 80 and 443. I’ve changed them to unprivileged ports like 8000 and 8443.
Besides, op doesn’t mention having problems with ports
By default and all measurable expectation it does. Unless you can’t use privileged HTTP/HTTPS ports, there’s no real reason to use unprivileged ports.
OP said he was having issues, and this is a common issue I’ve had. Since he was non-descript as to what the issues were, it’s really not stupid to mention it.
You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.
Though that is still experimental.
Well that’s dope… Didn’t know that was a thing.
We’ll need to see configs and IP assignments to be able to help.
I’m not sure if this will help you out since I’m really not sure what your problems are other than getting the reverse proxy to work. So, I’ll give you what I’ve found to work and if it’s not what you were looking for then you can just skip over what I"m yammering on about.
The process:
Spin up a container, let’s say it’s Dozzle and it needs port 1124. Container deployed, so lets put it in reverse proxy:
Issue command together:
Enter the following in the Caddyfile:
dozzle.myverycooldomain.duckdns.org:443 { reverse_proxy localhost:1124 }Press ctrl x, press y, press enter, and the Caddy server restarts if you indeed issued the commands together. Now go to
dozzle.myverycooldomain.duckdns.orgfor test run.Have you tried the Caddyfile from Lemmy-Easy-Deploy?