# Caddy Reverse Proxy - [Caddy Reverse Proxy](#caddy-reverse-proxy) - [Install Caddy](#install-caddy) - [Ansible](#ansible) - [Manual](#manual) - [Adding a new Caddy Record](#adding-a-new-caddy-record) ## Install Caddy ### Ansible You'll need a secrets/Caddyfile with your caddy config. `secrets/Caddyfile` example: ```conf https://something.reeseapps.com:443 { reverse_proxy internal.reeselink.com:8000 } https://something-else.reeseapps.com:443 { reverse_proxy internal-other.reeselink.com:8080 } ``` The playbook limits the installer to `hosts: caddy` so make sure you have a caddy host in your inventory. Now you can install the Caddy service with something like: ```bash ansible-playbook \ -i ansible/inventory.yaml \ active/podman_caddy/install_caddy.yaml ``` See ansible playbook [install_caddy.yaml](/active/podman_caddy/install_caddy.yaml) ### Manual As root ```bash mkdir /etc/caddy vim /etc/caddy/Caddyfile ``` Caddy will automatically provision certificates if the server DNS points to the correct IP and is accessible on the ports specifified. All you need to do is put `https` in the caddy conf. Example: ```conf # Gitea https://gitea.reeseapps.com:443 { reverse_proxy podman.reeselink.com:3000 } # Jellyfin https://jellyfin.reeseapps.com:443 { reverse_proxy podman.reeselink.com:8096 } ``` ```bash vim /etc/containers/systemd/caddy.container ``` ```conf [Unit] Description=Caddy [Container] AddCapability=NET_ADMIN ContainerName=caddy Image=docker.io/caddy:2 Network=host SecurityLabelDisable=true Volume=/etc/caddy:/etc/caddy Volume=caddy_data:/data Volume=caddy_config:/config [Service] Restart=always [Install] WantedBy=default.target ``` ```bash systemctl daemon-reload systemctl restart caddy ``` ## Adding a new Caddy Record Before you can create a Caddyfile you need records that point to your server. You can either create them manually in your DNS provider of choice or use the provided ddns service: 1. Update the [ddns caddy records](/active/podman_ddns/secrets/caddy_records.yaml) 2. (Optional) Update the Caddyfile at `active/podman_caddy/secrets/Caddyfile` 3. Run the [caddy ansible playbook](/active/podman_caddy/caddy.md#install-caddy)