For a very long time, I have been using Nginx Proxy Manager (NPM) as a Reverse Proxy for web services in my homelab. Many tutorials about NPM have been shared on the blog.
After discovering Caddy and its flexibility, I gradually replaced all the web servers I was using (OLS, Nginx) with Caddy. First, I moved the WordPress websites running on OpenLiteSpeed to run on Caddy.
Next, I replaced Nginx Proxy Manager with Caddy as a reverse proxy for my homelab. This article will document the steps I took to replace NPM with Caddy for my homelab.
I. Create Docker network
First, we will create a virtual Docker network. All Docker-enabled network services on the same host will be connected to this virtual network.
docker network create caddyCode language: Nginx (nginx)By connecting all to this private network, Caddy can access other web services through the Docker service name, for example: http://memos:5230In addition, I also need to publish the Docker container’s network ports to the public, helping to optimize security.
II. Caddy Configuration
Create new folders for Caddy
mkdir -p ~/caddy/sites-enabled
cd ~/caddyCode language: JavaScript (javascript)Create file compose.yml with the following Content
services:
caddy:
image: caddy:alpine
container_name: caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./caddy_data:/data
- ./caddy_config:/config
- ./sites-enabled:/sites-enabled
networks:
default:
name: caddy
external: trueCode language: YAML (yaml)Create file Caddyfile
nano CaddyfileCode language: Nginx (nginx)and save to the following content
:80 {
respond "Hello, world!"
}
import /sites-enabledCode language: JavaScript (javascript)With this parameter, Caddyfile will automatically download additional configuration files located in the folder sites-enabled.
Activate Caddy
docker compose up -dCode language: Nginx (nginx)III. Port Forwarding Configuration
If you set up Caddy on your home Server, you need to access your Router to change the Port Forwarding configuration of port 80/443 (TCP) and 443 (UDP) via the IP address where Caddy is installed.
I will not guide you in this part because each Router has its own configuration. Google and you will get the instructions right away.
IV. Web service configuration
For web services (running on Docker) running on the same server as Caddy, I will add the following networks configuration to connect it to the same private network as Caddy.
networks:
default:
name: caddy
external: trueCode language: YAML (yaml)Also remove the ports declaration.
For example file compose.yml of the memos will be revised as follows.
services:
memos:
image: neosmemo/memos:stable
container_name: memos
volumes:
- ./memos/:/var/opt/memos
networks:
default:
name: caddy
external: true
Code language: YAML (yaml)Then re-enable memos to connect it to the new network
docker-compose up -d --force-recreateV. Create Reverse Proxy Host
Each web service will have its Reverse Proxy configured in a separate configuration file saved in the directory. sites-enabledThis makes configuration management more convenient than configuring everything in one file. Dockerfile only.
1. Web service is located on the same server as Caddy
This case applies to web services located on the same server as Caddy, which have had their network configuration updated as instructed in step IV.
I want to access memos by address https://memos.markknow.comcreate a new file as below. The file name should be named after the domain name for intuitiveness and ease of understanding.
cd ~/caddy
nano sites-enabled/memos.markknow.comCode language: Bash (bash)Enter the following content
memos.markknow.com {
reverse_proxy memos:5230
}2. Web service is located on a different server than Caddy
For web services installed on servers other than Caddy, the configuration file needs to be modified using the form IP:Port.
For example, the configuration for Komga, installed on the server 192.168.1.50 will be as follows
komga.markknow.com {
reverse_proxy 192.168.1.50:25600
}Code language: YAML (yaml)3. Restart Caddy
After setting up the reverse proxy configuration files, the caddy directory structure will look similar to the following
.
├── Caddyfile
├── caddy_config
│ └── caddy
├── caddy_data
│ └── caddy
├── compose.yml
└── sites-enabled
├── memos.markknow.com
└── komga.markknow.com
Code language: CSS (css)To let Caddy update the parameters from the newly created configuration files, restart it with the command
docker exec -w /etc/caddy caddy caddy reloadCode language: Bash (bash)Wait a few minutes for Caddy to automatically generate an SSL certificate for the domain name, then you can access network services through the declared domain names.
Setting up a Reverse Proxy for your homelab using Caddy is done entirely via the command line. This can be a bit daunting for those new to Linux. But once you get the hang of it, you’ll find it much easier to manage than configuring through a web interface.
Hope you are successful.
Comment Policy: We truly value your comments and appreciate the time you take to share your thoughts and feedback with us.
Note: Comments that are identified as spam or purely promotional will be removed.
To enhance your commenting experience, consider creating a Gravatar account. By adding an avatar and using the same e-mail here, your comments will feature a unique and recognizable avatar, making it easier for other members to identify you.
Please use a valid e-mail address so you can receive notifications when your comments receive replies.
