Come on and fight me…
I just tried out caddy for the first time and found it to be fantastic, I have used both Traefik and Nginx Proxy Manager extensively and although they were both great, the simplicity of the Caddfilr is fantastic. With a few snippets configured, I can add a host with a single line that just defines the port and url, it’s like magic.
Has anyone got any known traps ( or tips) with caddy to make it useful.
The issues I have had previously with Traefik were the need to have multiplelines to configure it (and configure the host and router separately), and the difference between local docker services ( I do like using labels to configure, but with lots of services it gets a bit fragmented and difficult toanahe) and remote services ( had to use the file config).
With NPM, I find using the GUI to configure the servers difficult ( and challenging to keep consistent ) and I had a time that it forgot something ( can’t remember if it was certificates or something else ) and that was the straw that broke the camel’s back for me.
Anyway, currently I am happy with caddy and am not planning on replacing it (at least for a month or two :D ). It would be nice if there was a GUI, but no big drama honestly, and the text config is great.
When I saw the title I got confused with Node Package Manager lol
I’m that weird person who just uses nginx and does the config files in a text editor. Been doing it that way since 2010 or so and I’m too used to it to appreciate proxy manager.
Absolute psychopath.
I’m the weirdo going with haproxy, but that thing is an absolute beast.
Ha, same here. HAProxy plugin running on my opnSense. I should probably try caddy because HAProxy is complete overkill for my requirements.
I mean, if you already have it, why change?
True, but if someone spends 5 hours changing there proxy ( + 10 hours figuring out what you broke and fixing ), then they might save a few minutes down the line configuring new services. self-hosting maths…
You’ve got those carrots in the wrong direction.
Any specific reason you think they should be backwards? I have only limited exposure to the alternatives, but caddy was the easiest for me to set up when I was looking for a reverse proxy.
My main issue with caddy was having to compile in any extensions manually, but you don’t even need to do that anymore.
Eh, personally I just found NPM super easy to set up and manage, especially when it came to setting up letsencrypt etc. Everything just works. Easy to update, easy to manage, easy to take down and spin back up again. My OP had a bit of snark though, I’m not exactly an expert, I’m sure there are very good reasons why the OP and other smart nerds on this community may disagree
I’ve been using Traefik, Caddy sounds interesting but I’m definitely not touching my setup until it breaks lmao. Then maybe I’ll give it a shot.
Caddy was working fine for me until I scaled my homelab and had around 70 running containers. It constantly gave me 502 upstream errors, I tried all I could to isolate the problem (reducing the number of containers, reducing the number services Caddy handles, reworking Caddyfile), but the timeout still occurs with every service, I searched everywhere and couldn’t find a working solution.
Then I tried out Traefik, set up a dynamic file configuration for all my containers, and haven’t had a single 502 since. The dynamic configuration is such a nice thing to have Im never leaving Traefik. Plus it seems more in line with UNIX philosophy as it is modular with the middlewares and plugins.
Man, I started with Apache back in the day which is just nightmarish to manage for simple projects imo, then moved to NGINX, which felt a bit better but still not super intuitive, then NPM, which did make it significantly more user friendly.
Then Caddy came along and swept me off my feet, I still can’t believe it’s as dead simple as it is lol. I tried Traefik for a while because it sounded super interesting and I do love the idea, but it brought a lot of the complexity back with it for admittedly very neat docker integration.
Went right back to Caddy after I moved away from docker as a whole and I couldn’t be happier, I just find it so pleasant to use. Just pure KISS goodness!So I guess my ranking goes Caddy > Traefik > the rest
It’s interesting how different people have different approaches … I migrate from Caddy to Traefik because I found it magical … Whenever I need to add another selfhosted service I just adapt a docker-compose like this one
version: '3.8' services: homeassistant: container_name: homeassistant image: ghcr.io/home-assistant/home-assistant:stable #image: homeassistant/raspberrypi4-homeassistant:stable volumes: - ./media/:/media - ./config/:/config - /etc/localtime:/etc/localtime:ro environment: - TZ=${TZ} restart: unless-stopped networks: - t2_proxy - backend labels: - traefik.enable=true - traefik.docker.network=t2_proxy - traefik.http.routers.homeassistant.rule=Host(`home.mydomain.bla.bla`) - traefik.http.routers.homeassistant.entrypoints=websecure - traefik.http.routers.homeassistant.tls.certresolver=myresolver - traefik.http.services.homeassistant.loadbalancer.server.port=8123 networks: backend: external: true t2_proxy: external: true
As you can see I just need to change the host and the port in the labels to have a new domain pointing to the right port … I wasn’t able to find an easier way to add a new service to caddy
This! I’ve setup Traefik and use traefik-redis and traefik-kop to pull in labels from my other Raspberry Pis so I can spin up my containers on any of the Docker hosts without having to change anything in the proxy config.
Completely a personal preference, but this is one reason I prefer caddy. I like to keep the configs separate and not clutter up my compose files.
It means I need to update two things when adding a new service (a compose file plus my caddy file), but I like the separation of concerns.
It also makes my proxy config consistent for all services, regardless of whether that run in docket or elsewhere.
I just use dockerized service and I plan to move to k8s so I don’t have (nor plan to) deal with anything besides dockerized services
Yeah, then I can see the appeal of keeping everything in the same configs.
I like to keep the configs separate and not clutter up my compose files.
You can do that with Traefik, I have all my reverse proxy config in a file that hot reloads by Traefik dynamically, so I don’t even have to restart Traefik, or even the compose files (that’s the problem with Traefik labels), just run compose, add service to said dynamic file, save, and the website is now reachable on the browser.
First time I heard of migrating from Caddy to Traefik and not the other way around. The usual complaint about Traefik is that it’s too complicated to manage all of the moving parts. I have only used Caddy with Dockerized setups though so I don’t know what the others are like.
Well, this way it works great for my needs … If I don’t need a service anymore I just remove its docker-compose and
puff
it’s gone the service and the reverse proxy config all in one single atomic thanos-like snap of fingers I wasn’t able to find a way to do the same with Caddy and I don’t get what do you mean with “moving parts”
Yeah, I had lots of service configured like that, and you are correct that it is awesome, however I have other services on other hosts (not on docker swarm either) so I needed to delve into file config quite often, and doing some web dev work, I had services that weren’t dockerized, so I ended up creating dummy services (socat containers) to make them easy. It just got a bit frustrating and taking too much headspace, I was able to setup caddy in about 2 hours one evening, so I am pretty happy so far, and I can see all my hosts in a single file which is great ( I ended up with orphaned routes etc… from containers I forgot about when I was testing things).
As you say, different people come at the same problem and come away with totally different views ( which is pretty great that there are enough option that we can all find something that works for our needs ).
I have only used 2 reverse proxies, so I can say with confidence that SWAG > all /s
At the first time move to Caddy, I had an issue adding Caddy container to all the current docker networks.
How do you tackle that issue?I use
docker-compose
, and basically just end all mydocker-compose.yaml
files withnetworks: default: external: name: proxynet
This redefines the
default
network to a pre-existingproxynet
network. All services that do not specify a network configuration automatically get added to that network. Because this refers to the same network in each file, it is shared even with services defined in other yaml files (which is not the default).The
proxynet
network was created manually usingdocker network create proxynet
.
My setup is running NPM and I can’t complain, but I’ll look into caddy as I’ve seen it mentioned a lot.
I saw it mentioned here, I likely won’t change on my setup until something breaks though. 😂
Caddy is great, I’ve been using it for all greenfield projects.
P. S. Have you checked out the Caddy API?
I am aware of it, haven’t needed to use it, but seems pretty powerful.
Traefik configuration is a bit verbose at times, but middlewares are awesome and you can pry them from my cold dead hands
Honestly if I had everything in docker I’d use traefic, but I found it horrifically complex to do simple things as soon as you need to branch off of your docker host. I’ve just started using Caddy and it is so user friendly I can’t even believe it.