2.0 KiB
2.0 KiB
title, description, tags, category, created, updated
| title | description | tags | category | created | updated | |||
|---|---|---|---|---|---|---|---|---|
| Caddy | Tool overview for Caddy as a web server and reverse proxy with automatic HTTPS |
|
tools | 2026-03-14 | 2026-03-14 |
Caddy
Summary
Caddy is a web server and reverse proxy known for automatic HTTPS and a simple configuration model. In self-hosted environments, it is often used as an easy-to-operate edge or internal reverse proxy for web applications.
Why it matters
For many homelab and small infrastructure setups, Caddy offers a faster path to a secure reverse proxy than more manual alternatives. It is especially effective when a small team wants readable configuration and low TLS management overhead.
Core concepts
- Caddyfile as the high-level configuration format
- Automatic HTTPS and certificate management
reverse_proxyas the core upstream routing primitive- Site blocks for host-based routing
- JSON configuration for advanced automation cases
Practical usage
Caddy commonly fits into infrastructure as:
Client -> Caddy -> upstream application
Typical uses:
- Terminating TLS for self-hosted apps
- Routing multiple hostnames to different backends
- Serving simple static sites alongside proxied services
Best practices
- Keep hostnames and upstream targets explicit
- Use Caddy as a shared ingress layer instead of publishing many app ports
- Back up Caddy configuration and persistent state if certificates or ACME state matter
- Keep external base URLs aligned with proxy behavior
Pitfalls
- Assuming automatic HTTPS removes the need to understand DNS and port reachability
- Mixing public and private services without clear routing boundaries
- Forgetting that proxied apps may need forwarded header awareness
- Leaving Caddy state or config out of the backup plan