Recently I came across Caddy. “Caddy 2 is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go” as stated on their website. It boasts many features like reverse-proxy, load balancing and what caught my eye was automatic HTTPS cert renewal.
How I usually renew my HTTPS cert now is by using certbot with traefik/nginx . I prefer traefik’s configuration compared to nginx but sometime feel it a little troublesome.
Caddy does seems very promising and I am considering to swap out traefik with Caddy in production deployment just because it’s much straightforward to setup.
Previously I wrote an article on on exposing local ports using NGINX and FRP. The configuration for NGINX was a little long as it didn’t have automatic HTTPS certs.
In this article, I will show you how to use Caddy as an alternative to setup even faster.
With reference to the image above, lets download the required files on the server first.
Required Server Files
Caddy — I’m using Cloudflare as my dns. There are modules for other providers like digitalocean to automatically create the acme challenge token. For cloudflare, follow this link and put the token into the Caddyfile under TOKEN
*.remote.me {
reverse_proxy localhost:8081
tls {
dns cloudflare TOKEN
}
}Fast Reverse Proxy (FRP) — Create a config.ini with the following settings.
[common]
bind_port = 7000
vhost_http_port = 8081
subdomain_host = remote.meYou can start caddy with the following command. You should see caddy getting the certs for your domain.
caddy run --watchAnd run frp server with the following command.
frps -c config.iniRequired Client Files
Fast Reverse Proxy (FRP) — Create a config.ini with the following settings.
[common]
server_addr = remote.me
server_port = 7000[web]
type = http
local_port = 80
subdomain = test
Lets establish the connection with our server.
frpc -c config.iniOf course, lets not forget our local webserver which should run on port 80 as stated in config.ini under local_port = 80
python -m http.server 80Now if we point our browser to https://test.remote.me, we will be able to access our web server!
