A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.
Resources:
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Here is two enteries from my Caddyfile:
ip.domain.tld:80 {
respond "{client_ip}" 200
}
git.domain.tld {
reverse_proxy forgejo:3000
}
This is all I need and Caddy will handle the rest. I have created a network with podman/docker that I add to any container that I need to reverse proxy to.
What's your issue exactly?
Personally, I set up Caddy with subdomains like radarr.local.example.tld, added a DNS entry on my domain so that *.local.example.tld points to the local IP of Caddy, then followed this guide so that Caddy issues TLS certificates using the DNS challenge (since the subdomains don't point to anything accessible from Internet) along with the caddy-docker-proxy plug-in to easily manage upstreams.
The issue is I'm diving right rather than taking the time to learn.
Caddy-docker-proxy looks promising, thanks!
What do you use caddy for without domains?
Here's a good source for nextcloud https://hub.docker.com/_/nextcloud/
that's a good point. I've only used caddy for handling certs for all the docker containers on my server. for local uses, you generally don't need certs, although there are some apps that communicate with an offsite db that requires a secure connection.
I also use Traefik, and once you have it set up it's really great. Getting it set up is a different story. My advice would be to follow the install guide as closely as you can and don't start adding to it until it's stable.
You don't need to own a domain to use a reverse proxy by the way, you just need to configure your router to recognize whatever domain you choose and route it to the container.
Lately, I've been playing around with Tailscale and you don't even need a domain or open ports to connect to your containers from outside your local network.
I recently wrote a Caddyfile for a Dockerized Ruby on Rails application in a Kubernetes cluster using Traefik. Traefik connects to Caddy via h2c and Caddy talks to Puma in Ruby on Rails via HTTP/1.1 over UNIX socket.
I bring this all up because I think h2c is very underutilized and this led to a huge increase in performance.
I've never heard of h2c but it seems useful. I use docker swarm with a few nodes. But for internal communication all the containers can communicate with each other using docker's built-in DNS.
I run Traefik in front of Caddy for a few different applications including Nextcloud.
How about traefik?
That was an option. Someone told me caddy was super easy to set up!
Once you figure out how traefik is configured, this is super logical and easy. Also, you can use it with podman and qublet on fedora, so you can manage it all with systemd.
https://theobservum.com/posts/2023/2023-04-15_traefik/
Tldr; Traefik is looking at all containers and scans for labels (attributes on containers). If certain labels are set, Traefik adjust itself. So the trick is how to set those labels, which both docker compose and qublet make easy, but qublet doesn't need a compatibility package and comes natively with podman.
I've run caddy and traefik. Personally, I prefer caddy, but both are likely completely fine for your use case.
Traefik has the advantage that it can be configured with docker compose files, while caddy needs its Caddyfile as a seperate configuration.
Without using a domain a reverse proxy doesn't really make sense to use, since you're just using direct IP addresses.
Why use Caddy at all then? Tailscale would work just as well, with the added bonus that you could access it outside your LAN without exposing it to the clearnet.