Can't quite figure out if #caddyserver itself or my bad understanding of its #json API are my painpoint, but feking grrrrrrr I'm sick of it.

Edit!
And now the twist - its #python mangling my otherwise valid data in flight! At least now I know what to debug.

@semurjengkol oalah, sama-sama #reverseproxy favorit kita ternyata #caddyserver

#Caddy looks pretty neat https://caddyserver.com/

I found out about it reading the #JellyFin docs. Hecka neat.

#CaddyServer #GoLang

#Automad v2 und Caddy laufen gut. Ich bin ein Freund von #Caddyserver.

Server Software Caddy/v2.10.2
PHP Version 8.3.6
PHP Sapi fpm-fcgi
Memory Limit 128M
Disk Usage 13.28M / 2048M

*Borat voice*GREAT SUCCESS

This test is done on the caddy system so I have direct access to the CA.
```
root@caddy-testing:~# openssl genpkey -algorithm RSA -out client.key
root@caddy-testing:~# openssl req -new -key client.key -out client.csr
[fill in fields]
root@caddy-testing:~# openssl x509 -req -in client.csr -CA ./.local/share/caddy/pki/authorities/local/root.crt -CAkey ./.local/share/caddy/pki/authorities/local/root.key -CAcreateserial -out client.crt -days 365 -sha256
root@caddy-testing:~# openssl x509 -in client.crt -outform der | base64 |tr -d '\n' && echo ''
```

Test without certificate:
```
root@caddy-testing:~# curl https://10.125.216.164:2019/config ; echo $?
curl: (56) OpenSSL SSL_read: OpenSSL/3.5.4: error:0A00045C:SSL routines::tlsv13 alert certificate required, errno 0
56
```

with certificate:
```
root@caddy-testing:~# curl -L --cert client.crt --key client.key https://10.125.216.164:2019/config
{"admin":{"config":{"persist":true},"disabled":false,"identity":{"identifiers":["caddy-testing.incus","10.125.216.164"], etc etc]
``

Generating TLS auth certificate for authentication in #caddyserver #API working. Its the standard x509 stuff, I just hadn't found someone that said that and I spent a long time twisting myself in knots.

Hi #caddyserver people
Is there an idiots guide to making #caddy #API compatible public keys?

https://caddyserver.com/docs/json/admin/remote/access_control/

https://caddy.community/t/separation-of-duty-with-caddy-remote-administration/24684#p-86653-remote-administration-4 mentions using `openssl` to output the magic string, but not what sort of `cert-file` it expects to be fed.

I assume I should be generating a key and signing request locally then signing on the caddy side - is that actually the case?

Bon on peut pas faire sans xcaddy ...

#Caddy #CaddyServer

Du coup je suis preneur d'une solution (si elle existe) sans xcaddy pour remplacer ça

ipfilter / {
	rule allow
	database /data/GeoLite.mmdb
	country FR
}

I don't like to serve 404 or 403 errors (unless the 403 is a RickRoll).

The below pie chart shows the last 1000 errors hitting my #Caddyserver and what people are trying to do.

Some look to trigger the Exchange Exporttool, some look for s3cmd.ini and some look for server status/phpinfo.

The clever ones look for rar/zip files or comb my databases to steal my data.

They all get *something* back - after a short delay, of course 😂

New article: How to install Caddy with PHP-FPM on FreeBSD 14.3

https://r1os.com/sites/articles/how-to-install-caddy-on-freebsd-14-3.php

#r1os #freebsd #caddyserver

So, I’ve just replaced #nginx with #caddyserver thanks to @theseer for the talk/workshop at #ipc #phpconference

Added bonus: the config file is 10 lines long and is for two hosts, one acting as a reverse proxy. This is brilliant.

Again and again and for years: Updating a small #mastodon instance that is hosted in docker (and behind #caddyserver) has been very very painless. If you consider setting up a small instance, consider to use #docker.

#Mastoadmin
https://mastodon.social/@MastodonEngineering/115412766853977995

warum hab ich #caddyserver nicht schon früher entdeckt? Echt nices kleines Tool wo ein Reverse Proxy quasi zum zwei Zeiler wird

How to only allow loopback addresses to access the path /metrics, in Caddy.

#Caddy #Caddy2 #CaddyServer

I saw gets on my #caddyserver for zip and rar files. In the spirit of avoiding errors, I serve up "files" in the browser for them.....

🤣

I just added a custom caddy build with the cache handler in front of my `file_server`, which increased the response performance by 50%. Crazy!

#caddy #CaddyServer

Take back control: secure and private self-hosting on Debian with SSH keys, an ufw firewall and a robust fail2ban configuration. Use Docker and Caddy as a reverse proxy to securely provide your self-hosted services.

Step-by-step, minimal, and practical.

https://lukasrotermund.de/posts/simple-private-self-hosting/

#SelfHosting #Privacy #Linux #Debian #Docker #DockerCompose #CaddyServer #Caddy #ReverseProxy #Security #Webhosting #Server #Hosting

@gewt move to #CaddyServer and there won't be a need for #certbot anymore, since it comes with built-in #ACME support and all tools and knobs one could wish for.

It comes with many sane defaults and thereby allows to run quite complex setups - yet only requiring very minimal configs.

https://caddyserver.com/

I have again tried and failed to get my #Nextcloud server to be happy with #caddyserver. It seems others have gotten pretty URLs with a subdomain to work and I got it sort of half-working, in that it's showing a nextcloud page, but with no CSS and an otherwise page not found.

My current ISP blocks port 80, so I have to use dns-01 with apache, which is one of those things that isn't great if I were to abruptly kick the bucket and my wife would eventually lose access to our server.