HostingNetworkServerVirtual Private Server

Configure Caddy as Reverse Proxy for network services in homelab

For a very long time, I have been using Nginx Proxy Manager (NPM) as a Reverse Proxy for web services in my homelab. Many tutorials about NPM have been shared on the blog.

After discovering Caddy and its flexibility, I gradually replaced all the web servers I was using (OLS, Nginx) with Caddy. First, I moved the WordPress websites running on OpenLiteSpeed ​​to run on Caddy.

Next, I replaced Nginx Proxy Manager with Caddy as a reverse proxy for my homelab. This article will document the steps I took to replace NPM with Caddy for my homelab.

I. Create Docker network

First, we will create a virtual Docker network. All Docker-enabled network services on the same host will be connected to this virtual network.

docker network create caddyCode language: Nginx (nginx)

By connecting all to this private network, Caddy can access other web services through the Docker service name, for example: http://memos:5230In addition, I also need to publish the Docker container’s network ports to the public, helping to optimize security.

II. Caddy Configuration

Create new folders for Caddy

mkdir -p ~/caddy/sites-enabled
cd ~/caddyCode language: JavaScript (javascript)

Create file compose.yml with the following Content

services:
  caddy:
    image: caddy:alpine
    container_name: caddy
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./caddy_data:/data
      - ./caddy_config:/config
      - ./sites-enabled:/sites-enabled
networks:
  default:
    name: caddy
    external: trueCode language: YAML (yaml)

Create file Caddyfile

nano CaddyfileCode language: Nginx (nginx)

and save to the following content

:80 {
	respond "Hello, world!"
}
import /sites-enabledCode language: JavaScript (javascript)

With this parameter, Caddyfile will automatically download additional configuration files located in the folder sites-enabled.

Activate Caddy

docker compose up -dCode language: Nginx (nginx)

III. Port Forwarding Configuration

If you set up Caddy on your home Server, you need to access your Router to change the Port Forwarding configuration of port 80/443 (TCP) and 443 (UDP) via the IP address where Caddy is installed.

I will not guide you in this part because each Router has its own configuration. Google and you will get the instructions right away.

IV. Web service configuration

For web services (running on Docker) running on the same server as Caddy, I will add the following networks configuration to connect it to the same private network as Caddy.

networks:
  default:
    name: caddy
    external: trueCode language: YAML (yaml)

Also remove the ports declaration.

For example file compose.yml of the memos will be revised as follows.

services:
  memos:
    image: neosmemo/memos:stable
    container_name: memos
    volumes:
      - ./memos/:/var/opt/memos
    
    
networks:
  default:
    name: caddy
    external: true
Code language: YAML (yaml)

Then re-enable memos to connect it to the new network

docker-compose up -d --force-recreate

V. Create Reverse Proxy Host

Each web service will have its Reverse Proxy configured in a separate configuration file saved in the directory. sites-enabledThis makes configuration management more convenient than configuring everything in one file. Dockerfile only.

1. Web service is located on the same server as Caddy

This case applies to web services located on the same server as Caddy, which have had their network configuration updated as instructed in step IV.

I want to access memos by address https://memos.markknow.comcreate a new file as below. The file name should be named after the domain name for intuitiveness and ease of understanding.

cd ~/caddy
nano sites-enabled/memos.markknow.comCode language: Bash (bash)

Enter the following content

memos.markknow.com {
        reverse_proxy memos:5230
}

2. Web service is located on a different server than Caddy

For web services installed on servers other than Caddy, the configuration file needs to be modified using the form IP:Port.

For example, the configuration for Komga, installed on the server 192.168.1.50 will be as follows

komga.markknow.com {
        reverse_proxy 192.168.1.50:25600
}Code language: YAML (yaml)

3. Restart Caddy

After setting up the reverse proxy configuration files, the caddy directory structure will look similar to the following

.
├── Caddyfile
├── caddy_config
│   └── caddy
├── caddy_data
│   └── caddy
├── compose.yml
└── sites-enabled
    ├── memos.markknow.com
    └── komga.markknow.com
Code language: CSS (css)

To let Caddy update the parameters from the newly created configuration files, restart it with the command

docker exec -w /etc/caddy caddy caddy reloadCode language: Bash (bash)

Wait a few minutes for Caddy to automatically generate an SSL certificate for the domain name, then you can access network services through the declared domain names.


Setting up a Reverse Proxy for your homelab using Caddy is done entirely via the command line. This can be a bit daunting for those new to Linux. But once you get the hang of it, you’ll find it much easier to manage than configuring through a web interface.

Hope you are successful.

Comment Policy: We truly value your comments and appreciate the time you take to share your thoughts and feedback with us.

Note: Comments that are identified as spam or purely promotional will be removed.

To enhance your commenting experience, consider creating a Gravatar account. By adding an avatar and using the same e-mail here, your comments will feature a unique and recognizable avatar, making it easier for other members to identify you.

Please use a valid e-mail address so you can receive notifications when your comments receive replies.

Related posts

Some commands on Linux

Mark Lee

Install Caddy Server – Modern, easy-to-use Web Server

Mark Lee

[Proxmox] Connect CIFS network hard drive to LXC Container

Mark Lee

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More