Caddy - Reverse proxy

March 17, 2025

docker · networking

Caddy acts as the central reverse proxy for my entire self-hosted environment. It handles incoming traffic, routes requests to the correct services, and automatically manages HTTPS certificates.

It is connected to a shared Docker bridge network (caddy_net) which allows it to communicate with all other services internally.

code

version: "3.8"
services:
caddy:
image: caddy:latest
container_name: caddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- /mnt/nas/caddy/Caddyfile:/etc/caddy/Caddyfile
- /mnt/nas/caddy/data:/data
- /mnt/nas/caddy/config:/config
networks:
- caddy_net
networks:
caddy_net:
external: true
Example Caddyfile
code
actual.example.com {
reverse_proxy actual_server:5006
}
notes.example.com {
reverse_proxy homepage:3000
}
Explanation
  • ports 80/443: Public entry points
  • Caddyfile: Defines routing rules
  • /data: Stores TLS certificates
  • /config: Internal configuration
  • network: Allows communication with backend containers
Notes
  • Automatic HTTPS significantly reduces operational overhead
  • Works seamlessly with Cloudflare Tunnel
  • All services are accessed via container name instead of IP