Musselman Development

Moving From Nginx to Caddy

3 mins ยท

Today was a long day. On days like these I seek out something that I find meditative to work on. More often than not I gravitate towards improving my self-hosted infrastructure. One pain point I have always had was the many moving parts that I had to run manually when setting up a new service. Today I decided I have had enough of the hassle and did something about it.

My Original Setup (Nginx)

In my original setup, which I started using around four weeks into my self-hosting journey, I decided to use Nginx. I cannot explain why I chose it at the time other than the good likelihood that it was recommended to my by my roommate at the time. Here is a breakdown of the steps I would take to setup a new service to make it publicly accessible.

  1. Set up the Service in my HomeLab
  2. Forward the port using a ReverseProxyOverVPN (RPoVPN)
  3. Go to my domain registrars DNS management panel
  4. Add an A record for the subdomain I wanted to use
  5. Wait a moment for the record to propagate
  6. cd to the sites-available directory (usually found at /etc/nginx/sites-available)
  7. Copy a configuration file to the new subdomain name
  8. Remove the SSL related lines, change the domain name, and then the reverse proxy port
  9. Link the file to the sites sites-enabled directory (/etc/nginx/sites-enabled)
  10. Validate the file using nginx -t
  11. Use Certbot to request SSL certs
  12. Restart the Nginx service
  13. Adjust the security settings depending on if any issues arise that cant be fixed otherwise

As you can likely guess, this process took both a good deal of time and patience. It’s not impossible to do, but it is a labor-intensive task that I often did not look forward to unless I was extremely excited about the service I was setting up.

My New Setup (Caddy)

Today was the day I decided to move on to greener pastures. After reviewing the many options available to me, I decided to go with Caddy. The motivating factors for selecting it were its simple configuration syntax, and automatic SSL certifications. While there is an option to split configuration for each domain into separate files, since the syntax was so concise and simple I chose to take the monolithic approach. With the transition to Caddy my new process is much simpler.

  1. Set up the Service in my HomeLab
  2. Forward the port using a ReverseProxyOverVPN (RPoVPN)
  3. Create a new subdomain block in /etc/caddy/Caddyfile and add in the port I forwarded
  4. Restart the Caddy service

With that the new service should be publicly accessible and open to public use. Later today I hope to further optimize setting up new services using a shell script and some ssh magic. Once again if you have any questions please reach out to me using one of the methods in the authors block below.

Tags: Blogging CI/CD Web Development KISS Caddy Nginx