# Caddy Reverse Proxy

## Install Caddy

As root

```bash
mkdir /etc/caddy
vim /etc/caddy/Caddyfile
```

Caddy will automatically provision certificates if the server DNS points to the correct IP
and is accessible on the ports specifified. All you need to do is put `https` in the caddy conf.

```conf
# Nextcloud
https://nextcloud.reeseapps.com:443 {
    reverse_proxy podman.reeselink.com:11000
}

https://nextcloud.reeseapps.com:8443 {
    reverse_proxy podman.reeselink.com:11001 {
        transport http {
            tls_insecure_skip_verify
        }
    }
}

# Gitea
https://gitea.reeseapps.com:443 {
    reverse_proxy podman.reeselink.com:3000
}
```

```bash
vim /etc/containers/systemd/caddy.container
```

```conf
[Unit]
Description=Caddy

[Container]
AddCapability=NET_ADMIN
ContainerName=caddy
Image=docker.io/caddy:2
Network=host
SecurityLabelDisable=true
Volume=/etc/caddy:/etc/caddy
Volume=caddy_data:/data
Volume=caddy_config:/config

[Service]
Restart=always

[Install]
WantedBy=default.target
```

```bash
systemctl daemon-reload
systemctl start caddy
```