I’m busy setting up some self hosted websites using IPv6 on a home server. This on its own requires a post, however, just wanted to document my experience trying out a new reverse proxy.
Usually I would head for nginx but I came across a few articles talking about this “Caddy” server and how it’s super easy to get started with minimal config. This sounded great as configuring nginx and reading its documentation can sometimes be a pain, especially with SSL. Yes, nginx is really powerful but I just wanted to simplify my setup as much as possible. On the topic of SSL, caddy apparently helps setup SSL/TLS on the fly with certificate authorities as long as your configured host name has a valid Top-Level Domain, e.g. my-site.com.
To expose an app that’s running on port 5000 on my server, I can configure a reverse proxy with Caddy using the following config:
adhir-server:5010 {
tls internal
reverse_proxy localhost:5000
}Here I’m making use of a host name that’s available on my local network for testing and I’m still able to configure TLS as long as it’s marked as internal.
To run Caddy with this config can be done as follows:
sudo caddy run --config Caddyfile For moving this setup to production I’ll setup a linux service as explained in this article https://caddyserver.com/docs/running
Apart from reverse proxy usage, I’ll be looking at setting up a load balancer for this site which Caddy seems to be capable of. Since my home server is just a single desktop pc for now, I didn’t want to go down the route of containers adding the extra weight for orchestration on the box. At some point I’ll look into setting up multiple PCs with something like OpenStack for more abstract computing and server needs.
The best thing about Caddy? It’s written in Go-lang versus nginx and apache been written in C. I love C/C++, but, with the industry moving towards memory-safe languages for enterprise software, it only makes sense to follow suite and not find myself rushing to patch some obscure memory related bug in core components.