mastodontech.de ist einer von vielen unabhängigen Mastodon-Servern, mit dem du dich im Fediverse beteiligen kannst.
Offen für alle (über 16) und bereitgestellt von Markus'Blog

Serverstatistik:

1,5 Tsd.
aktive Profile

#caddyserver

1 Beitrag1 Beteiligte*r0 Beiträge heute
Scott Williams 🐧<p>I have again tried and failed to get my <a href="https://mastodon.online/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nextcloud</span></a> server to be happy with <a href="https://mastodon.online/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a>. It seems others have gotten pretty URLs with a subdomain to work and I got it sort of half-working, in that it's showing a nextcloud page, but with no CSS and an otherwise page not found.</p><p>My current ISP blocks port 80, so I have to use dns-01 with apache, which is one of those things that isn't great if I were to abruptly kick the bucket and my wife would eventually lose access to our server.</p>
Matt Williams<p>Want to leverage <a href="https://fosstodon.org/tags/MCP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MCP</span></a> (Model Context Protocol) without the hassle? Learn how to set up a powerful <a href="https://fosstodon.org/tags/n8n" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>n8n</span></a> server on <a href="https://fosstodon.org/tags/hostinger" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hostinger</span></a> for <a href="https://fosstodon.org/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://fosstodon.org/tags/automation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>automation</span></a> with <span class="h-card" translate="no"><a href="https://hachyderm.io/@tailscale" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>tailscale</span></a></span> and <a href="https://fosstodon.org/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> </p><p>Save $200+ over 2 years with this method 🔧<br><a href="https://youtu.be/OmWJPJ1CR7M" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/OmWJPJ1CR7M</span><span class="invisible"></span></a></p>
KielKontrovers Blog<p><span class="h-card" translate="no"><a href="https://social.tchncs.de/@simsus" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>simsus</span></a></span> für den Fall finde ich ja den Webserver <a href="https://norden.social/tags/Caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddyserver</span></a> genial, der automatisch verlängert und auch automatisch beantragt:</p><p><a href="https://caddyserver.com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">caddyserver.com/</span><span class="invisible"></span></a></p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@caddy" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>caddy</span></a></span></p>
Raven<p>Caddy Web Server 2.10 released with encrypted ClientHello (ECH) support, post-quantum key exchange, ACME profiles, libdns 1.0 APIs, global DNS config</p><p><a href="https://github.com/caddyserver/caddy/releases/tag/v2.10.0" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/caddyserver/caddy/r</span><span class="invisible">eleases/tag/v2.10.0</span></a></p><p><a href="https://mastodon.bsd.cafe/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> <a href="https://mastodon.bsd.cafe/tags/caddyreverseproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyreverseproxy</span></a> <a href="https://mastodon.bsd.cafe/tags/webserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>webserver</span></a> <a href="https://mastodon.bsd.cafe/tags/reverseproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reverseproxy</span></a> <a href="https://mastodon.bsd.cafe/tags/acme" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>acme</span></a> <a href="https://mastodon.bsd.cafe/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>postquantumcryptography</span></a></p>
Lanie Molinar Carmelo<p>Hi all. Hoping someone in the <a href="https://allovertheplace.ca/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> community can help. I'm trying to set up <a href="https://allovertheplace.ca/tags/Linkwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linkwarden</span></a> in <a href="https://allovertheplace.ca/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> behind <a href="https://allovertheplace.ca/tags/Caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddy</span></a>. The service is running, but I'm unable to create a user account. This is what I see in my browser console when I try:</p><pre><code>register:1 [Intervention] Images loaded lazily and replaced with placeholders. Load events are deferred. See https://go.microsoft.com/fwlink/?linkid=2048113<br>register:1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <br>&lt;input data-testid=​"password-input" type=​"password" placeholder=​"••••••••••••••" class=​"w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:​border-primary duration-100 bg-base-100" value=​"tyq5ghp!QVH-mva1agc"&gt;<br>register:1 [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://www.chromium.org/developers/design-documents/create-amazing-password-forms) <br>&lt;input data-testid=​"password-confirm-input" type=​"password" placeholder=​"••••••••••••••" class=​"w-full rounded-md p-2 border-neutral-content border-solid border outline-none focus:​border-primary duration-100 bg-base-100" value=​"tyq5ghp!QVH-mva1agc"&gt;<br>Error<br>api/v1/users:1 Request unavailable in the network panel, try reloading the inspected page Failed to load resource: the server responded with a status of 400 () Failed to load resource: the server responded with a status of 400 ()<br></code></pre><p><strong>compose file:</strong></p><pre><code>services:<br> postgres:<br> image: postgres:16-alpine<br> container_name: linkwarden_postgres<br> env_file: .env<br> restart: always<br> volumes:<br> - ./pgdata:/var/lib/postgresql/data<br> networks:<br> - linkwarden_net<br> linkwarden:<br> env_file: .env<br> environment:<br> - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@linkwarden_postgres:5432/postgres<br> restart: always<br> # build: . # uncomment this line to build from source<br> image: ghcr.io/linkwarden/linkwarden:latest # comment this line to build from source<br> container_name: linkwarden<br> ports:<br> - 3009:3000<br> volumes:<br> - ./data:/data/data<br> networks:<br> - linkwarden_net<br> depends_on:<br> - postgres<br><br>networks:<br> linkwarden_net:<br> driver: bridge<br></code></pre><p><strong>Relevant part of .env file:</strong></p><pre><code>NEXTAUTH_URL=https://bookmarks.laniecarmelo.tech/api/v1/auth<br>NEXTAUTH_SECRET=x8az9q9w8ofAxnrVcer2vsPHeMmKSPbf<br><br># Manual installation database settings<br># Example: DATABASE_URL=postgresql://user:password@localhost:5432/linkwarden<br>DATABASE_URL=<br><br># Docker installation database settings<br>POSTGRES_PASSWORD=redacted<br><br># Additional Optional Settings<br>PAGINATION_TAKE_COUNT=<br>STORAGE_FOLDER=<br>AUTOSCROLL_TIMEOUT=<br>NEXT_PUBLIC_DISABLE_REGISTRATION=false<br>NEXT_PUBLIC_CREDENTIALS_ENABLED=true<br></code></pre><p><strong>Caddyfile snippet</strong></p><pre><code>*.laniecarmelo.tech {<br> tls redacted {<br> dns cloudflare redacted<br> }<br><br> header {<br> Content-Security-Policy "default-src 'self' https: 'unsafe-inline' 'unsafe-eval'; <br> img-src https: data:; <br> font-src 'self' https: data:; <br> frame-src 'self' https:; <br> object-src 'none'"<br> Referrer-Policy "strict-origin-when-cross-origin"<br> Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"<br> X-Content-Type-Options "nosniff"<br> X-Xss-Protection "1; mode=block"<br> }<br><br> encode br gzip<br><br> # Bookmarks<br> @bookmarks host bookmarks.laniecarmelo.tech<br> handle @bookmarks {<br> reverse_proxy 127.0.0.1:3009<br> }<br>}<br></code></pre><p>Can anyone help? I have no idea how to fix this.<br><a href="https://allovertheplace.ca/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosted</span></a> <a href="https://allovertheplace.ca/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> <a href="https://allovertheplace.ca/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://allovertheplace.ca/tags/Tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tech</span></a> <a href="https://allovertheplace.ca/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <br><span class="h-card" translate="no"><a href="https://lemmy.ml/c/selfhost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhost</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.world/c/selfhosted" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosted</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/selfhosting" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosting</span></a></span></p>
Lanie Molinar Carmelo<p>Hi everyone,<br><br>I'm encountering an issue with my self-hosted setup using <strong>Caddy 2.9.1</strong> and <strong>Authelia 4.38.19</strong>. All domains except <code>auth.laniecarmelo.tech</code> return a <strong>401 Unauthorized</strong> error. Journald logs suggest issues with insecure schemes (<code>''</code>) instead of <code>https</code> or <code>wss</code>.</p><p><strong>Details:</strong></p><ul><li><strong>Setup:</strong> Caddy as reverse proxy, Authelia for authentication</li><li><strong>Domains:</strong> AdGuard Home, Forgejo, LinkAce, MiniFlux, TheLounge, Homepage, Beszel, Glances, Uptime Kuma, Tandoor Recipes, BookStack, Watchtower, Portainer</li><li><strong>Logs:</strong><br>Authelia:<br><code>Feb 24 21:01:47 stormux authelia[2932]: level=error msg="Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported"</code>Caddy:<br><code>Feb 24 21:19:41 stormux caddy[48845]: {"msg":"handled request","method":"GET","host":"adguard.laniecarmelo.tech","status":200}</code></li></ul><p><strong>Configurations:</strong> </p><ul><li>Full Caddyfile and Authelia config: <a href="https://gist.github.com/Lanie-Carmelo/fce9a7d6c984fc816475afee430f54a8" rel="nofollow noopener" target="_blank">GitHub Gist</a></li></ul><p><strong>Curl Output:</strong><br><br>HTTP Request:</p><pre><code>$ curl home.laniecarmelo.tech -v<br>&lt; HTTP/1.1 308 Permanent Redirect<br>&lt; Location: https://home.laniecarmelo.tech/<br></code></pre><p>HTTPS Request:</p><pre><code>$ curl https://home.laniecarmelo.tech -v<br>&lt; HTTP/2 401 <br>&lt; content-type: text/plain; charset=utf-8<br>&lt; server: Caddy<br>401 Unauthorized<br></code></pre><p>Does anyone know what might be causing this? I suspect it could be related to <code>forward_auth</code> or trusted proxies.</p><p>Thanks in advance! 🙏 </p><p><a href="https://allovertheplace.ca/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> <a href="https://allovertheplace.ca/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> <a href="https://allovertheplace.ca/tags/Authelia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authelia</span></a> <a href="https://allovertheplace.ca/tags/ReverseProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReverseProxy</span></a> <a href="https://allovertheplace.ca/tags/TechHelp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechHelp</span></a> <a href="https://allovertheplace.ca/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://allovertheplace.ca/tags/HomeLab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HomeLab</span></a><br><span class="h-card" translate="no"><a href="https://lemmy.ml/c/selfhost" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhost</span></a></span> <span class="h-card" translate="no"><a href="https://a.gup.pe/u/selfhosting" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosting</span></a></span> <span class="h-card" translate="no"><a href="https://lemmy.world/c/selfhosted" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>selfhosted</span></a></span></p>
Lanie Molinar Carmelo<p><strong>🚨 Help Needed: <a href="https://allovertheplace.ca/tags/CORS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CORS</span></a> and <a href="https://allovertheplace.ca/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudflare</span></a> Access Issues with <a href="https://allovertheplace.ca/tags/Nextflux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nextflux</span></a> + <a href="https://allovertheplace.ca/tags/MiniFlux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MiniFlux</span></a> Setup 🚨</strong></p><p>Hi everyone! I’m struggling with a <a href="https://allovertheplace.ca/tags/SelfHosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosted</span></a> setup and could really use some advice from the self-hosting community. Lol I've been trying to figure this out for hours with no luck. Here’s my situation:</p><p><strong><strong>Setup</strong></strong></p><ul><li><strong>MiniFlux</strong>: Running in <a href="https://allovertheplace.ca/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> on a <a href="https://allovertheplace.ca/tags/RaspberryPi500" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RaspberryPi500</span></a> (<a href="https://allovertheplace.ca/tags/Stormux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Stormux</span></a>, based on <a href="https://allovertheplace.ca/tags/ArchLinuxARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArchLinuxARM</span></a>).</li><li><strong>Nextflux</strong>: Hosted on Cloudflare Pages.</li><li><strong>Reverse Proxy</strong>: <a href="https://allovertheplace.ca/tags/Caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddy</span></a> (installed via AUR).</li><li><strong>Cloudflare Access</strong>: Enabled for security and SSO.</li><li><strong>Cloudflared</strong>: Also installed via AUR.</li><li><strong>CORS Settings in Cloudflare Access</strong>: Configured to allow all origins, methods, and headers.</li></ul><p><strong><strong>What’s Working</strong></strong></p><ul><li>MiniFlux is accessible from my home network after removing restrictive CORS settings in both Caddy and MiniFlux.</li><li>Nextflux is properly deployed on Cloudflare Pages.</li></ul><p><strong><strong>The Problem</strong></strong></p><p>Nextflux cannot connect to MiniFlux due to persistent CORS errors and authentication issues with Cloudflare Access. Here are the errors I’m seeing in the browser console:</p><ol><li><strong>CORS Error</strong>:<code>Access to fetch at 'https://rss.laniecarmelo.tech/v1/me' from origin 'https://nextflux.laniecarmelo.tech' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.</code></li><li><p><strong>Cloudflare Access Redirection</strong>:</p><pre><code>Request redirected to 'https://lifeofararebird.cloudflareaccess.com/cdn-cgi/access/login/rss.laniecarmelo.tech'.<br></code></pre></li><li><p><strong>Failed to Fetch</strong>:</p><pre><code>Failed to fetch: TypeError: Failed to fetch.<br></code></pre></li></ol><p><strong><strong>What I’ve Tried</strong></strong></p><ol><li><p><strong>Service Token Authentication</strong>:</p><ul><li>Generated a service token in Cloudflare Access for Nextflux.</li><li>Added <code>CF-Access-Client-Id</code> and <code>CF-Access-Client-Secret</code> headers in Caddy for <code>rss.laniecarmelo.tech</code>.</li><li>Updated Cloudflare Access policies to include a bypass rule for this service token.</li></ul></li><li><p><strong>CORS Configuration</strong>:</p><ul><li>Tried permissive settings (<code>Access-Control-Allow-Origin: *</code>) in both Caddy and MiniFlux.</li><li>Configured Cloudflare Access CORS settings to allow all origins, methods, and headers.</li></ul></li><li><p><strong>Policy Adjustments</strong>:</p><ul><li>Created a bypass policy for my home IP range and public IP.</li><li>Added an "Allow" policy for authenticated users via email/login methods.</li></ul></li><li><p><strong>Debugging Logs</strong>:</p><ul><li>Checked Cloudflared logs, which show requests being blocked due to missing access tokens (<code>AccessJWTValidator</code> errors).</li></ul></li></ol><p><strong><strong>Current State</strong></strong></p><p>Despite these efforts:</p><ul><li>Requests from Nextflux are still being blocked by Cloudflare Access or failing due to CORS issues.</li><li>The browser console consistently shows "No 'Access-Control-Allow-Origin' header" errors.</li></ul><p><strong><strong>Goals</strong></strong></p><ol><li>Allow Nextflux (hosted on Cloudflare Pages) to connect seamlessly to MiniFlux (behind Cloudflare Access).</li><li>Maintain secure access to MiniFlux for other devices (e.g., my home network or mobile devices).</li></ol><p><strong><strong>My Environment</strong></strong></p><ul><li>Raspberry Pi 500 running Arch Linux ARM.</li><li>Both Caddy and Cloudflared are installed via AUR packages.</li><li>MiniFlux is running in Docker with the following environment variables:<code>CLOUDFLARE_SERVICE_AUTH_ENABLED=trueCLOUDFLARE_CLIENT_ID=&lt;client-id&gt;CLOUDFLARE_CLIENT_SECRET=&lt;client-secret&gt;</code></li></ul><p><strong><strong>Relevant Logs</strong></strong></p><p>From <code>cloudflared</code>:</p><pre><code>ERR error="request filtered by middleware handler (AccessJWTValidator) due to: no access token in request"<br></code></pre><p>From the browser console:</p><pre><code>Access to fetch at 'https://rss.laniecarmelo.tech/v1/me' has been blocked by CORS policy.<br></code></pre><p><strong><strong>Questions</strong></strong></p><ol><li>Is there a better way to configure CORS for this setup?</li><li>Should I be handling authentication differently between Nextflux and MiniFlux?</li><li>How can I ensure that requests from Nextflux include valid access tokens?</li></ol><p>Any help or advice would be greatly appreciated! 🙏</p><p><a href="https://allovertheplace.ca/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SelfHosting</span></a> <a href="https://allovertheplace.ca/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudflare</span></a> <a href="https://allovertheplace.ca/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> <a href="https://allovertheplace.ca/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Docker</span></a> <a href="https://allovertheplace.ca/tags/RSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RSS</span></a> <a href="https://allovertheplace.ca/tags/CORS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CORS</span></a> <a href="https://allovertheplace.ca/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://allovertheplace.ca/tags/ArchLinuxARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArchLinuxARM</span></a> <a href="https://allovertheplace.ca/tags/CloudflarePages" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudflarePages</span></a> <a href="https://allovertheplace.ca/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://allovertheplace.ca/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>technology</span></a></p>
lil5 :golang: 🚲 🇳🇱<p>http://www.myproject.localhost:8080/<br>http://app.myproject.localhost:8080/<br>http://api.myproject.localhost:8080/</p><p>TIL you can add subdomains to localhost &amp; it will just work!</p><p>Great for throwing a <a href="https://fosstodon.org/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> in between you and your development containers, let it route to all the different services by domain.</p><p><a href="https://fosstodon.org/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebDev</span></a></p>
Raven<p>Today I switched my web server from Apache httpd to Caddy on FreeBSD 14. I've never seen a simpler web server. All you need is one Caddyfile to manage Caddy itself and all websites.</p><p><a href="https://mastodon.bsd.cafe/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> <a href="https://mastodon.bsd.cafe/tags/freebsd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>freebsd</span></a></p>
Mirko Lenz<p>For anyone wanting to add custom plugins/modules to <a href="https://fosstodon.org/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> on <a href="https://fosstodon.org/tags/NixOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NixOS</span></a>: <span class="h-card" translate="no"><a href="https://hachyderm.io/@vbernat" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>vbernat</span></a></span> released a flake to do this via xcaddy in a fixed-output derivation. Switched to it on my server today and works perfectly! More details in his blog post:</p><p><a href="https://vincent.bernat.ch/en/blog/2024-caddy-nix-plugins" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vincent.bernat.ch/en/blog/2024</span><span class="invisible">-caddy-nix-plugins</span></a></p>
lil5 :golang: 🚲 🇳🇱<p><a href="https://caddy.community/t/set-cookie-manipulation-in-reverse-proxy/7666/15" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">caddy.community/t/set-cookie-m</span><span class="invisible">anipulation-in-reverse-proxy/7666/15</span></a></p><p><a href="https://fosstodon.org/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> is able to alter cookies that are passed between a reverse proxy, removing pesky browser restriction</p>
Emanuele Panz<p>"I recreated the server, now with encrypted disks, and restored the application. Can you check why it is not running?"</p><p>Spent considerable time checking the <a href="https://phpc.social/tags/Symfony" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Symfony</span></a>, <a href="https://phpc.social/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> and <a href="https://phpc.social/tags/phpfpm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phpfpm</span></a> configs: nothing could explain such errors, including not respecting any config change.</p><p>It was the usual suspect: <a href="https://phpc.social/tags/selinux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selinux</span></a>, which was non properly configured</p><p>Bonus point: took the time to quickly upgrade to PHP 8.3 and Symfony 6.4; not bad for an application last deployed on December 2022 ☺</p>
Kévin Dunglas<p>On December 5 and 6, I'll be in Vienna for SymfonyCon! I'll be explaining how HTTP compression works and how to use the latest developments in the field (Brotli, Zstandard...) to make your <span class="h-card" translate="no"><a href="https://mastodon.social/@symfony" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>symfony</span></a></span> applications even faster.</p><p>Of course, we'll also talk about how <a href="https://mastodon.social/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a> and <a href="https://mastodon.social/tags/FrankenPHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FrankenPHP</span></a> can help (as always)!</p>
Elias Probst<p><span class="h-card" translate="no"><a href="https://chaos.social/@alios" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>alios</span></a></span> I don't know whether there's a module for a fully declarative self-contained CA in <a href="https://mastodon.social/tags/nixpkgs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nixpkgs</span></a>, but you could run your own CA using "services.step-ca" and retrieve certs via <a href="https://mastodon.social/tags/ACME" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ACME</span></a> (either through the corresponding applications' support or using "security.acme").</p><p>If you're using <a href="https://mastodon.social/tags/CaddyServer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CaddyServer</span></a>, you also might want to simply use its built-in support to run an ACME CA (also based on smallstep) or utilize its ACME support to automatically retrieve certs at runtime for all defined hosts.</p>
chris@strafpla.net<p>Because the excellent (and beloved for a decade or so) <a href="https://mstdn.strafpla.net/tags/reeder" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>reeder</span></a> by <span class="h-card" translate="no"><a href="https://gloria.social/@rizzi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>rizzi</span></a></span> does not support <a href="https://mstdn.strafpla.net/tags/TLSClientAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TLSClientAuth</span></a> for feeds* I spent a few hours on Yak-Shaving and on learning about <a href="https://mstdn.strafpla.net/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> <a href="https://mstdn.strafpla.net/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a>-<a href="https://mstdn.strafpla.net/tags/resolved" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>resolved</span></a> and - in the end - about <a href="https://mstdn.strafpla.net/tags/iCloudPrivateRelay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iCloudPrivateRelay</span></a>.<br>If a local request is handled like an external request it may be because ... it's coming in as an external request.<br>___<br>* I’m sure I’m the only one left on the planet who has rss feeds with Client Certificates, so this is fine!</p>
l4p1n<p>Time to try <a href="https://furry.engineer/tags/Caddy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Caddy</span></a> as the main reverse proxy :fox_think: </p><p>The first few things will be my blog (because the root domain is a bit of a mess with Matrix and the RSS feed redirection)</p><p><a href="https://furry.engineer/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a></p>
Mitex Leo<p>After a lot of trial and error, I finally got object storage configured for this instance. I had originally planned to use Backblaze, but ended up going with Linode Object Storage. Unfortunately, the guides I found online didn't work for me, and I also had to make the switch from Caddy to Nginx. I'm thinking about writing a blog post to share my experience.</p><p><a href="https://mitexleo.one/tags/mastoadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastoadmin</span></a> <a href="https://mitexleo.one/tags/fedimin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fedimin</span></a> <a href="https://mitexleo.one/tags/fediadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fediadmin</span></a> <a href="https://mitexleo.one/tags/s3" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>s3</span></a> <a href="https://mitexleo.one/tags/linode" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>linode</span></a> <a href="https://mitexleo.one/tags/backblaze" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>backblaze</span></a> <a href="https://mitexleo.one/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>nginx</span></a> <a href="https://mitexleo.one/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> <a href="https://mitexleo.one/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastodon</span></a></p>
Mitex Leo<p>I'm using Caddy and couldn't find a guide to set up object cache proxying. Can someone please provide a Caddyfile for this? I'm using Backblaze for storage.</p><p><a href="https://mitexleo.one/tags/mastoadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastoadmin</span></a> <a href="https://mitexleo.one/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mastodon</span></a> <a href="https://mitexleo.one/tags/fediadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fediadmin</span></a> <a href="https://mitexleo.one/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a></p>
Yiorgos Adamopoulos<p>I wrote a blog about <a href="https://infosec.exchange/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> and <a href="https://infosec.exchange/tags/wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordpress</span></a></p><p><a href="https://managing.blue/2024/04/13/caddy-and-wordpress/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">managing.blue/2024/04/13/caddy</span><span class="invisible">-and-wordpress/</span></a></p>
Emanuele Panz<p>Thank you <span class="h-card" translate="no"><a href="https://fosstodon.org/@mo8it" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mo8it</span></a></span> for your <a href="https://phpc.social/tags/codeberg" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>codeberg</span></a> repository with examples on how to use <a href="https://phpc.social/tags/podman" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>podman</span></a> and its integration with <a href="https://phpc.social/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> and <a href="https://phpc.social/tags/quadlets" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>quadlets</span></a> 🚀</p><p>I am still digging into the overall configuration and services setup, with <a href="https://phpc.social/tags/caddyserver" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>caddyserver</span></a> in place of <a href="https://phpc.social/tags/traefik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>traefik</span></a> as ingress point</p><p>The puzzling bits of <a href="https://phpc.social/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a> and its user services not being able to show the logs on joirnalctl by default is giving me headaches: why can the user start services but only root has access to their logs?! 🤔</p>