azorius.aria.company

Having trouble with my caddy config for my lemmy instance
from BuckRowdy@lemmy.world to selfhosted@lemmy.world on 03 Apr 22:45
https://lemmy.world/post/27755926

I have a lemmy instance running but I’m having trouble with my reverse proxy config. I’m using Caddy. Previously I had used nginx but didn’t end up keeping the instance alive. Now I want to get it back up but I’ve since switched to Caddy because it’s just easier. I have several self hosted services already working great with caddy and don’t want to disrupt that.

I’ve found a few configs online but none seem to work. I’m running this on a standard ubuntu server 22.04 box.

Any ideas or suggestions?

#selfhosted

threaded - newest

Xanza@lemm.ee on 03 Apr 22:50 next collapse

The biggest issue I have with Caddy and running ancillary services as some services attempt to utilize port 80 and/or 443 (and may not be configurable), which of course isn’t possible because Caddy monopolizes those ports. The best solution to this I’ve found is to migrate Caddy and my services to docker containers and adding them all to the same “caddy” network.

With your caddy instance still monopolizing port 80 and 443, you can use the Docker expose or port parameters to allow your containers to utilize port 80 and/or 443 from within the container, but proxify it on the host network. This is what my caddy config looks like;

{
        admin 127.0.0.1:2019
        email {email}
        acme_dns cloudflare {token}
}
domain.dev, domain.one {
        encode zstd gzip
        redir https://google.com/
}
*.domain.dev, *.domain.one {
        encode zstd gzip
        @book host bk.domain.dev bk.domain.one
        handle @book {
                reverse_proxy linkding:9090
        }
        @git host git.domain.dev git.domain.one
        handle @git {
                reverse_proxy rgit:8000
        }
        @jelly host jelly.domain.dev jelly.domain.one
        handle @jelly {
                reverse_proxy {ip}:8096
        }
        @status host status.domain.dev status.domain.one
        handle @status {
                reverse_proxy status:3000
        }
        @wg host wg.domain.dev wg.domain.one
        handle @wg {
                reverse_proxy wg:51820
        }
        @ping host ping.domain.dev ping.domain.one
        handle @ping {
                respond "pong!"
        }
}

It works very well.

azron@lemmy.ml on 04 Apr 02:35 next collapse

How are you doing your certs with this set up?

enemenemu@lemm.ee on 04 Apr 04:40 next collapse

Caddy does not need 80 and 443. I’ve changed them to unprivileged ports like 8000 and 8443.

Besides, op doesn’t mention having problems with ports

InnerScientist@lemmy.world on 04 Apr 10:07 collapse

You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.

Though that is still experimental.

just_another_person@lemmy.world on 04 Apr 00:07 next collapse

We’ll need to see configs and IP assignments to be able to help.

irmadlad@lemmy.world on 04 Apr 09:31 next collapse

I’m not sure if this will help you out since I’m really not sure what your problems are other than getting the reverse proxy to work. So, I’ll give you what I’ve found to work and if it’s not what you were looking for then you can just skip over what I"m yammering on about.

The process:

Spin up a container, let’s say it’s Dozzle and it needs port 1124. Container deployed, so lets put it in reverse proxy:

Issue command together:

sudo nano /etc/caddy/Caddyfile
sudo systemctl restart caddy

Enter the following in the Caddyfile:

dozzle.myverycooldomain.duckdns.org:443 {
	reverse_proxy localhost:1124
}

Press ctrl x, press y, press enter, and the Caddy server restarts if you indeed issued the commands together. Now go to dozzle.myverycooldomain.duckdns.org for test run.

hitagi@ani.social on 04 Apr 10:31 collapse

Have you tried the Caddyfile from Lemmy-Easy-Deploy?