Oliver Atkinson

Caddy Over Nginx

Friendship ended with Nginx, Now Caddy is my best friend.

(Note: It might be good to know what a reverse proxy is.)

If you have followed Luke Smith’s website tutorials you know that he recommends Nginx. And that’s just what I had been using on all my servers because it was the first reverse-proxy I picked up. I could just copy and modify my old configs for new sites and I was good to go! I did also used Apache for a bit in college for some projects (LAMP stack or something) but that doesn’t really count. Apache and Nginx feel about the same to use.

But just recently (while being very productive at work), I found Caddy, a reverse-proxy written in Go that is Nginx but better in every way.

So let’s take a look at why you need to be using Caddy instead of Nginx.

Configs

Take the config for this site (Nginx):

server {
    server_name oliveratkinson.net ;

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;

        proxy_pass http://localhost:8000;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/friendlyfire.oliveratkinson.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/friendlyfire.oliveratkinson.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = oliveratkinson.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80 ;

    server_name oliveratkinson.net ;
    return 404; # managed by Certbot
}

Now take a look at the updated config for this site using caddy:

oliveratkinson.net {
        reverse_proxy :8000
}

These configs do the exact same thing!

But instead of 31 lines of config it’s 3! Caddy also auto-magically handles https for you so you no longer need certbot to get Let’s Encrypt certificates for you site. I haven’t researched it but I would imagine that Caddy uses something similar to certbot under the hood.

Another feature (that technically Nginx has - but Caddy does better) is a single config for multiple sites. While Nginx does technically do this, the config is so long that it makes it quite hard to read, thus forcing you to split up the files. But with Caddy’s 3-line config, I can now put all my sites right next to each other cleanly!

Monitoring

Nginx can - again - technically do monitoring, but it is really hard, I have an attempt at it in this repo. But Caddy - as we are used to by now - has a better way of doing this. With a simple config I was able to have Prometheus scrape Caddy for metrics then have Grafana display the Prometheus logs. Much less shenanigans than whatever Nginx does with their Nginx+ or whatever paid product they have.

Remember to KISS - use Caddy.