CaddyManager 0.0.1 - a web ui to manage multiple Caddy instances

Hey all, I made a post a while back asking for Caddy Configs on reddit (r/selfhosted) as I’ve been putting time into developing a UI for Caddy. The reception was overwhelming and beyond motivating to continue working on it and whilst I wasn’t able to get as much progress in as I initially wanted, I did decide to publish what is currently there with more features planned over the upcoming months!

CaddyManager is a web UI for managing multiple Caddy Servers - Currently in an “Alpha” state, being that all features that are currently in there work, but will become better in the near future!

screenshots

Standout features

  • Connect to multiple Caddy Servers and pull their configs, update them, redeploy them

  • Basic templates and form based configuration, create a new reverse proxy, api gateway, load balancer and more through a form instead of lines of json/yaml/caddyfile code

  • API keys, securely interact with the backend of CaddyManager through RESTful apis, securely utilising API Keys - there’s also docs available.

  • Multi-user, the system is multi-user, with two distinct roles (right now), admin and user.

  • Audit logging, as this is something that I’ve already started using in an enterprise setting, audit logging was a must-have. Track actions throughout the system with ease!

How to deploy

Are you an adventurous user that wouldn’t mind trying some new things? Then backup your caddy setup, open up port :2019 (or something else) in your server and head over to the example compose stack in the GitHub repo or the website

3 docker containers, yeap, that’s currently what it needs! We’ll be running MongoDB as database, a backend service, and a frontend service. If you already have a MongoDB running, feel free to tie it into that.

For an example Docker Compose, go to the website or GitHub repo - default user and password are: “admin” and “caddyrocks”

Information

Github repository here: https://github.com/caddymanager/caddymanager
Quick website here: Caddy Manager - Open Source Web UI for managing Caddy!
Dockerhub here: https://hub.docker.com/u/caddymanager

What’s next?

Plenty of features I wanna work in, but I think the key focus next few weeks will be on accessibility and UI, mainly a proper dark mode as well as screen-reader capabilities, as well as fixing bugs that people might find.

After that I’ll start working on some more exciting features like a proper dashboard, bulk actions, configuration versioning, git/s3 import/export, OIDC and more intelligent templating.

For the current roadmap: Caddy Manager - Open Source Web UI for managing Caddy!

Known issues

I’m still making a proper list but for now:

  1. when deploying you have to manually set the backend IP and expose it to the user instead of the frontend proxying it itself to the backend.
  2. No dark mode is a problem
  3. Forms and input fields are in need of some css lovin’
  4. Sometimes you have to “refresh” datasources after logging in as the last error is still preventing them from showing.
  5. Code cleanups, quite a bit of leftovers from “in-between” work/bugfixes still in the codebase, some touchups are needed here.

Time investment

As with any open source project, this stuff can be a bit scary, however, we’re starting to use this tooling at my work as well, which gives me some more resources to work with! The project itself will get continued development until the full feature list from the roadmap is built in - after that it’ll either go into maintenance mode or will receive continued development based on community engagement!

The project is MIT licensed, so feel free to fork, but would love to hear people’s ideas and thoughts, feel free to fill up the Github issues!

ps. This is my first time open sourcing anything - feel free to drop any feedback you might have, or things I should have done and missed, googling for “what to do when open sourcing your project” only takes you so far..

6 Likes

Love it! I had a few users who asked me about UI for Caddy. I’ll point them at your project :ok_hand: Impressive feat :slight_smile:

I haven’t had a chance to run the app and play with it. I’m yet to read the code thoroughly to understand how you do some parts, but I see you’re using basic auth with the admin API endpoint of Caddy yet this is not something Caddy supports. This syntax is not supported in Caddy. How are you able to do this?

3 Likes

Thanks for the compliment and having a look at the code!
It seems you’ve found a bit of late night craze of hunting through various ways of making this as secure as possible, I assumed that basic auth was possible but apparently I haven’t tested it properly because it doesn’t.. I’ll make a note to remove this and perhaps dive a bit deeper on enforce_origin as a security option to encourage users to use. Either way this is still part of the “generate server” functionality that I originally started working on but is not currently used anywhere in the application (some cleanups are due) other than a lingering api endpoint.

Check the Identity and Remote Administration parts of the article.

Basically, the admin endpoint natively supports mTLS. You can use that. Have a common CA for the servers to trust, and get a client cert from that CA to use in CaddyManager.

4 Likes

This is huge, thanks! I’ve been breaking my head about how to encourage security of the admin endpoint to users, I’ll be sure to utilise this in the next release. In the meantime I’ve removed the basic auth options - feeling a bit silly now :sweat_smile:

3 Likes