When I saw the title I got confused with Node Package Manager lol
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
You've got those carrots in the wrong direction.
Any specific reason you think they should be backwards? I have only limited exposure to the alternatives, but caddy was the easiest for me to set up when I was looking for a reverse proxy.
My main issue with caddy was having to compile in any extensions manually, but you don't even need to do that anymore.
Eh, personally I just found NPM super easy to set up and manage, especially when it came to setting up letsencrypt etc. Everything just works. Easy to update, easy to manage, easy to take down and spin back up again. My OP had a bit of snark though, I'm not exactly an expert, I'm sure there are very good reasons why the OP and other smart nerds on this community may disagree
I'm that weird person who just uses nginx and does the config files in a text editor. Been doing it that way since 2010 or so and I'm too used to it to appreciate proxy manager.
Absolute psychopath.
I've been using Traefik, Caddy sounds interesting but I'm definitely not touching my setup until it breaks lmao. Then maybe I'll give it a shot.
Caddy was working fine for me until I scaled my homelab and had around 70 running containers. It constantly gave me 502 upstream errors, I tried all I could to isolate the problem (reducing the number of containers, reducing the number services Caddy handles, reworking Caddyfile), but the timeout still occurs with every service, I searched everywhere and couldn't find a working solution.
Then I tried out Traefik, set up a dynamic file configuration for all my containers, and haven't had a single 502 since. The dynamic configuration is such a nice thing to have Im never leaving Traefik. Plus it seems more in line with UNIX philosophy as it is modular with the middlewares and plugins.
It's interesting how different people have different approaches ... I migrate from Caddy to Traefik because I found it magical ... Whenever I need to add another selfhosted service I just adapt a docker-compose like this one
version: '3.8'
services:
homeassistant:
container_name: homeassistant
image: ghcr.io/home-assistant/home-assistant:stable
#image: homeassistant/raspberrypi4-homeassistant:stable
volumes:
- ./media/:/media
- ./config/:/config
- /etc/localtime:/etc/localtime:ro
environment:
- TZ=${TZ}
restart: unless-stopped
networks:
- t2_proxy
- backend
labels:
- traefik.enable=true
- traefik.docker.network=t2_proxy
- traefik.http.routers.homeassistant.rule=Host(`home.mydomain.bla.bla`)
- traefik.http.routers.homeassistant.entrypoints=websecure
- traefik.http.routers.homeassistant.tls.certresolver=myresolver
- traefik.http.services.homeassistant.loadbalancer.server.port=8123
networks:
backend:
external: true
t2_proxy:
external: true
As you can see I just need to change the host and the port in the labels to have a new domain pointing to the right port ... I wasn't able to find an easier way to add a new service to caddy
This! I’ve setup Traefik and use traefik-redis and traefik-kop to pull in labels from my other Raspberry Pis so I can spin up my containers on any of the Docker hosts without having to change anything in the proxy config.
Completely a personal preference, but this is one reason I prefer caddy. I like to keep the configs separate and not clutter up my compose files.
It means I need to update two things when adding a new service (a compose file plus my caddy file), but I like the separation of concerns.
It also lets makes my proxy config consistent for all services, regardless of whether that run in docket or elsewhere.
I just use dockerized service and I plan to move to k8s so I don't have (nor plan to) deal with anything besides dockerized services
Yeah, then I can see the appeal of keeping everything in the same configs.
I like to keep the configs separate and not clutter up my compose files.
You can do that with Traefik, I have all my reverse proxy config in a file that hot reloads by Traefik dynamically, so I don't even have to restart Traefik, or even the compose files (that's the problem with Traefik labels), just run compose, add service to said dynamic file, save, and the website is now reachable on the browser.
Yeah, I had lots of service configured like that, and you are correct that it is awesome, however I have other services on other hosts (not on docker swarm either) so I needed to delve into file config quite often, and doing some web dev work, I had services that weren't dockerized, so I ended up creating dummy services (socat containers) to make them easy. It just got a bit frustrating and taking too much headspace, I was able to setup caddy in about 2 hours one evening, so I am pretty happy so far, and I can see all my hosts in a single file which is great ( I ended up with orphaned routes etc.. from containers I forgot about when I was testing things).
As you say, different people come at the same problem and come away with totally different views ( which is pretty great that there are enough option that we can all find something that works for our needs ).
First time I heard of migrating from Caddy to Traefik and not the other way around. The usual complaint about Traefik is that it's too complicated to manage all of the moving parts. I have only used Caddy with Dockerized setups though so I don't know what the others are like.
Well, this way it works great for my needs ... If I don't need a service anymore I just remove its docker-compose and puff
it's gone the service and the reverse proxy config all in one single atomic thanos-like snap of fingers
I wasn't able to find a way to do the same with Caddy and I don't get what do you mean with "moving parts"
Man, I started with Apache back in the day which is just nightmarish to manage for simple projects imo, then moved to NGINX, which felt a bit better but still not super intuitive, then NPM, which did make it significantly more user friendly.
Then Caddy came along and swept me off my feet, I still can't believe it's as dead simple as it is lol. I tried Traefik for a while because it sounded super interesting and I do love the idea, but it brought a lot of the complexity back with it for admittedly very neat docker integration.
Went right back to Caddy after I moved away from docker as a whole and I couldn't be happier, I just find it so pleasant to use. Just pure KISS goodness!
So I guess my ranking goes Caddy > Traefik > the rest
At the first time move to Caddy, I had an issue adding Caddy container to all the current docker networks.
How do you tackle that issue?
I use docker-compose
, and basically just end all my docker-compose.yaml
files with
networks:
default:
external:
name: proxynet
This redefines the default
network to a pre-existing proxynet
network. All services that do not specify a network configuration automatically get added to that network. Because this refers to the same network in each file, it is shared even with services defined in other yaml files (which is not the default).
The proxynet
network was created manually using docker network create proxynet
.
I'm the weirdo going with haproxy, but that thing is an absolute beast.
Ha, same here. HAProxy plugin running on my opnSense. I should probably try caddy because HAProxy is complete overkill for my requirements.
I mean, if you already have it, why change?
True, but if someone spends 5 hours changing there proxy ( + 10 hours figuring out what you broke and fixing ), then they might save a few minutes down the line configuring new services. self-hosting maths....
My setup is running NPM and I can't complain, but I'll look into caddy as I've seen it mentioned a lot.
I saw it mentioned here, I likely won't change on my setup until something breaks though. 😂
Caddy is great, I've been using it for all greenfield projects.
P. S. Have you checked out the Caddy API?
I am aware of it, haven't needed to use it, but seems pretty powerful.
I have only used 2 reverse proxies, so I can say with confidence that SWAG > all /s
Honestly if I had everything in docker I'd use traefic, but I found it horrifically complex to do simple things as soon as you need to branch off of your docker host. I've just started using Caddy and it is so user friendly I can't even believe it.
Traefik configuration is a bit verbose at times, but middlewares are awesome and you can pry them from my cold dead hands