Whatbox Logo

Wiki > Caddy Server Reverse Proxy

"Caddy, sometimes clarified as the Caddy web server, is an open source, HTTP/2-enabled web server written in Go. It uses the Go standard library for its HTTP functionality. One of Caddy's most notable features is enabling HTTPS by default. It is the first general-purpose web server to do so without requiring extra configuration"

This guide is to help setup a reverse proxy for your slot with free SSL security from Lets Encrypt. You will need your own domain and it will need to be managed by Cloudflare. There are other ways to get this working but this guide will assume you own a domain and have it in your own Cloudflare account.

Installation

Downloading the server

  1. Create Caddy's directory

     mkdir ~/caddy
    
  2. Change to the directory

     cd ~/caddy
    
  3. Download the latest version of the Caddy server software

     wget -O caddy "https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fcaddy-dns%2Fcloudflare"
    
  4. Make it executable

     chmod +x caddy
    

Configuration

  1. Create the configuration file

     touch ~/caddy/Caddyfile
    
  2. Edit the config

     nano ~/caddy/Caddyfile
    
  3. Copy in the example config, don't forget to replace YOUR_API_KEY with the API key you created for the zone of the domain you're using in Cloudflare

     {
     http_port 13056
     https_port 22528
     }
     **my.domain.com** {
     tls {
     dns cloudflare **YOUR_API_KEY**
     }
     reverse_proxy localhost:**port of exposed service**
     }
    
  4. Adust the **bold** values to enter the correct information. More proxy sites can be added by adding additional my.domain.com (a different subdomain) blocks as long as formatting is kept.

Starting the server

  1. Users do no not have root access so a few changes need to be made to ensure things can run.

  2. Now run the server in screen, random ports have been set for your use.

     screen -dmS caddy ~/caddy/caddy run --config ~/caddy/Caddyfile
    
  3. You will need to accept the terms on the first run and provide your email address for Lets Encrypt

     screen -r caddy
     
     then *ctrl + a*, then *d* to exit the screen but not stop it running
    
  4. Service should be available at

     https://my.domain.com:22528