this post was submitted on 03 Apr 2025

25 points (87.9% liked)

Selfhosted

45470 readers

594 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago

MODERATORS

HybridSarcasm@lemmy.world

HybridSarcasm@lemmy.hybridsarcasm.xyz

Having trouble with my caddy config for my lemmy instance (lemmy.world)

submitted 2 days ago* (last edited 2 days ago) by BuckRowdy@lemmy.world to c/selfhosted@lemmy.world

10 comments fedilink hide all child comments

I have a lemmy instance running but I'm having trouble with my reverse proxy config. I'm using Caddy. Previously I had used nginx but didn't end up keeping the instance alive. Now I want to get it back up but I've since switched to Caddy because it's just easier. I have several self hosted services already working great with caddy and don't want to disrupt that.

I've found a few configs online but none seem to work. I'm running this on a standard ubuntu server 22.04 box.

Any ideas or suggestions?

top 10 comments

sorted by: hot top controversial new old

[–] Xanza@lemm.ee 6 points 2 days ago (3 children)

The biggest issue I have with Caddy and running ancillary services as some services attempt to utilize port 80 and/or 443 (and may not be configurable), which of course isn't possible because Caddy monopolizes those ports. The best solution to this I've found is to migrate Caddy and my services to docker containers and adding them all to the same "caddy" network.

With your caddy instance still monopolizing port 80 and 443, you can use the Docker expose or port parameters to allow your containers to utilize port 80 and/or 443 from within the container, but proxify it on the host network. This is what my caddy config looks like;

{
        admin 127.0.0.1:2019
        email {email}
        acme_dns cloudflare {token}
}
domain.dev, domain.one {
        encode zstd gzip
        redir https://google.com/
}
*.domain.dev, *.domain.one {
        encode zstd gzip
        @book host bk.domain.dev bk.domain.one
        handle @book {
                reverse_proxy linkding:9090
        }
        @git host git.domain.dev git.domain.one
        handle @git {
                reverse_proxy rgit:8000
        }
        @jelly host jelly.domain.dev jelly.domain.one
        handle @jelly {
                reverse_proxy {ip}:8096
        }
        @status host status.domain.dev status.domain.one
        handle @status {
                reverse_proxy status:3000
        }
        @wg host wg.domain.dev wg.domain.one
        handle @wg {
                reverse_proxy wg:51820
        }
        @ping host ping.domain.dev ping.domain.one
        handle @ping {
                respond "pong!"
        }
}

It works very well.

[–] InnerScientist@lemmy.world 1 points 2 days ago (1 children)

You can use caddy-l4 to redirect some traffic before (or after) tls and to different ports and hosts depending on FQDN.

Though that is still experimental.

[–] Xanza@lemm.ee 2 points 1 day ago

Well that's dope... Didn't know that was a thing.

[–] azron@lemmy.ml 2 points 2 days ago (1 children)

How are you doing your certs with this set up?

[–] Xanza@lemm.ee 1 points 1 day ago

Caddy manages everything, including certs for both domains. So I guess my answer would be, you don't.

[–] enemenemu@lemm.ee 0 points 2 days ago (1 children)

Caddy does not need 80 and 443. I've changed them to unprivileged ports like 8000 and 8443.

Besides, op doesn't mention having problems with ports

[–] Xanza@lemm.ee 1 points 1 day ago

Caddy does not need 80 and 443.

By default and all measurable expectation it does. Unless you can't use privileged HTTP/HTTPS ports, there's no real reason to use unprivileged ports.

Besides, op doesn’t mention having problems with ports

OP said he was having issues, and this is a common issue I've had. Since he was non-descript as to what the issues were, it's really not stupid to mention it.

[–] hitagi@ani.social 2 points 2 days ago* (last edited 2 days ago)

Have you tried the Caddyfile from Lemmy-Easy-Deploy?

[–] just_another_person@lemmy.world 4 points 2 days ago

We'll need to see configs and IP assignments to be able to help.

[–] irmadlad@lemmy.world 1 points 2 days ago

I'm not sure if this will help you out since I'm really not sure what your problems are other than getting the reverse proxy to work. So, I'll give you what I've found to work and if it's not what you were looking for then you can just skip over what I"m yammering on about.

The process:

Spin up a container, let's say it's Dozzle and it needs port 1124. Container deployed, so lets put it in reverse proxy:

Issue command together:

sudo nano /etc/caddy/Caddyfile
sudo systemctl restart caddy

Enter the following in the Caddyfile:

dozzle.myverycooldomain.duckdns.org:443 {
	reverse_proxy localhost:1124
}

Press ctrl x, press y, press enter, and the Caddy server restarts if you indeed issued the commands together. Now go to dozzle.myverycooldomain.duckdns.org for test run.