Switch from NGINX to Caddy

This content originally appeared on DEV Community and was authored by David Y Soards

Simplify your reverse proxy setup

I switched the reverse proxy on my Ubuntu server from NGINX to Caddy and it really simplified things.
Below are the steps I took:

Install Caddy

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

Check that the install worked

sudo service caddy status

If NGINX is installed, you'll probably see an error that port 80 is already in use at first.

I replaced all the individual files in conf.d with a single Caddyfile. It's also possible to use the sites-available / sites-enabled pattern, but I don't see the benefit.

Before

# root.conf

server {
        listen 80 default_server;
        listen [::]:80 default_server;
        server_name _;
        location / {
                return 404;
        }
}

# website1.conf

server {
    listen 80;
    listen [::]:80;
    server_name website1.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }

    location /api {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }

    location /auth {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }

}

# website2.conf

server {
    listen 80;
    listen [::]:80;
    server_name website2.com;

    location / {
        proxy_pass http://localhost:8081;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }

    location /api {
        proxy_pass http://localhost:3001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }
}

After

sudo nano /etc/caddy/Caddyfile

# Caddyfile

rootdomain.com {
        respond 404
}

0.000.00.000:80 {
        redir https://rootdomain.com{uri}
}


# site 1

website1.com {
        reverse_proxy :8080
        reverse_proxy /api/* :3000
        reverse_proxy /auth/* :3000
}


# site 2

website2.com {
        reverse_proxy :8081
        reverse_proxy /api/* :3001
        basic_auth {
                username $hashed$.password4321
        }
}

Not bad, eh?

Restart Caddy

sudo systemctl reload caddy

Fix SSL Config

I'm using Cloudflare for DNS which turns on their proxy by default. After updating to Caddy with it's built in SSL (an amazing feature btw), I got an ERR_TOO_MANY_REDIRECTS error in the browser. The solution was to change Cloudflare's SSL Config to "Full (Strict)". The problem seems to be fairly common and I found the answer here on the Caddy Community site.

Navigate to Websites in the sidebar > choose the site.
Then choose SSL/TLS in the sidebar > click Configure.
Under Custom SSL/TLS > select Full (Strict).

Remove NGINX

sudo apt remove nginx
sudo apt-get remove --purge nginx*

# maybe
sudo rm -rf /etc/nginx
sudo rm -rf /etc/init.d/nginx
sudo rm -rf /var/log/nginx
sudo rm -rf /var/cache/nginx/
sudo rm -rf /usr/sbin/nginx

Thanks for reading! 👋

This content originally appeared on DEV Community and was authored by David Y Soards

Print Share Comment Cite Upload Translate Updates

APA

David Y Soards | Sciencx (2024-09-11T19:08:33+00:00) Switch from NGINX to Caddy. Retrieved from https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/

MLA

" » Switch from NGINX to Caddy." David Y Soards | Sciencx - Wednesday September 11, 2024, https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/

HARVARD

David Y Soards | Sciencx Wednesday September 11, 2024 » Switch from NGINX to Caddy., viewed ,<https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/>

VANCOUVER

David Y Soards | Sciencx - » Switch from NGINX to Caddy. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/

CHICAGO

" » Switch from NGINX to Caddy." David Y Soards | Sciencx - Accessed . https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/

IEEE

" » Switch from NGINX to Caddy." David Y Soards | Sciencx [Online]. Available: https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/. [Accessed: ]

rf:citation

» Switch from NGINX to Caddy | David Y Soards | Sciencx | https://www.scien.cx/2024/09/11/switch-from-nginx-to-caddy/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.