DEV Community

Cover image for Switch from NGINX to Caddy
David Y Soards
David Y Soards

Posted on • Edited on • Originally published at blog.soards.me

Switch from NGINX to Caddy

#vps #caddy #nginx #linux

Simplify your reverse proxy setup

I switched the reverse proxy on my Ubuntu server from NGINX to Caddy and it really simplified things.
Below are the steps I took:

Install Caddy 

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list sudo apt update sudo apt install caddy
Enter fullscreen mode Exit fullscreen mode

Check that the install worked 

sudo service caddy status
Enter fullscreen mode Exit fullscreen mode

If NGINX is installed, you'll probably see an error that port 80 is already in use at first.

I replaced all the individual files in conf.d with a single Caddyfile. It's also possible to use the sites-available / sites-enabled pattern, but I don't see the benefit. I actually really like having all the config in one file. It's very easy to work with.

Before 

# root.conf server { listen 80 default_server; listen [::]:80 default_server; server_name _; location / { return 404; } }
Enter fullscreen mode Exit fullscreen mode 
# website1.conf server { listen 80; listen [::]:80; server_name website1.com; location / { proxy_pass http://localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } location /api { proxy_pass http://localhost:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } location /auth { proxy_pass http://localhost:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } }
Enter fullscreen mode Exit fullscreen mode 
# website2.conf server { listen 80; listen [::]:80; server_name website2.com; location / { proxy_pass http://localhost:8081; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; auth_basic "Restricted Content"; auth_basic_user_file /etc/nginx/.htpasswd; } location /api { proxy_pass http://localhost:3001; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_cache_bypass $http_upgrade; } }
Enter fullscreen mode Exit fullscreen mode

After 

sudo nano /etc/caddy/Caddyfile
Enter fullscreen mode Exit fullscreen mode 
# Caddyfile rootdomain.com { respond 404 } 0.000.00.000:80 { redir https://rootdomain.com{uri} } # site 1 website1.com { reverse_proxy :8080 reverse_proxy /api/* :3000 reverse_proxy /auth/* :3000 } # site 2 website2.com { reverse_proxy :8081 reverse_proxy /api/* :3001 basic_auth { username $hashed$.password4321 } }
Enter fullscreen mode Exit fullscreen mode

Not bad, eh?

Restart Caddy 

sudo systemctl reload caddy
Enter fullscreen mode Exit fullscreen mode

Fix SSL Config

I'm using Cloudflare for DNS which turns on their proxy by default. After updating to Caddy with it's built in SSL (an amazing feature btw), I got an ERR_TOO_MANY_REDIRECTS error in the browser. The solution was to change Cloudflare's SSL Config to "Full (Strict)". The problem seems to be fairly common and I found the answer here on the Caddy Community site.

Navigate to Websites in the sidebar > choose the site.
Then choose SSL/TLS in the sidebar > click Configure.
Under Custom SSL/TLS > select Full (Strict).

Image description

Image description

Remove NGINX 

sudo apt remove nginx sudo apt-get remove --purge nginx* # maybe sudo rm -rf /etc/nginx sudo rm -rf /etc/init.d/nginx sudo rm -rf /var/log/nginx sudo rm -rf /var/cache/nginx/ sudo rm -rf /usr/sbin/nginx
Enter fullscreen mode Exit fullscreen mode

Thanks for reading! 👋

Top comments (0)