Looking for any views on using Caddy [2]. Looks very interesting indeed for using a reverse proxy that sets up certificates automatically [https:] for you and does away with having to port forward addresses. Noticed Jay doesn’t mention Caddy on his YouTube channel. Not yet anyway!
Never heard of Caddy2, but what does it do more special than letsencrypt’s certbot? Either way, for reverse proxies, I prefer haproxy if I can help it (though I’ve ran nginx and apache before in production too). Lately OCI container people have gravitated towards traefik (which has automation for finding your websites in your OCI container cluster).
I have been interested in Caddy for a while but haven’t used it in production yet. For a number of years I’ve used Traefik2 as a reverse proxy on my Docker hosts and I like to use the DNS-01 challenge to get Letencrypt Certificates as this will also work for internal services which aren’t exposed to the web. I tried to test a similar setup with Caddy a couple of weeks ago but didn’t manage to get it working - to do the DNS01 challenge, you have to download or compile a version of Caddy with a plugin for your specific DNS provider whereas Traefik does this out of the box.
The Caddy configuration syntax I think is a bit more concise than Traefik. Both projects are well documented but even as an advanced technical user I find them quite difficult to understand - it took me quite a while to refine my Traefik set up and I’m by no means 100% clear on all aspects of what Traefik is capable of. I suspect I would find the same with Caddy.
If you are setting up Caddy internet facing as a web server or reverse proxy and you are using the normal TNS challenge for Letsencrypt then that is fairly straightforward. I’m interested to experiment with it more as a webserver to server apps like Wordpress or Nextcloud as I think it could be more performant and secure compared to Apache.