Convert nginx config to caddyfile for minio site replication

oracion · November 19, 2025, 10:08am

1. The problem I’m having:

I want to use caddy as load balancer fo my minio’s multi-node setup. I found a guide from minio blog with this nginx config:

upstream minio_server {
    server server-1.minio.local:9000;
    server server-2.minio.local:9000;
    server server-3.minio.local:9000;
}

server {
    listen   	80 default_server;

    ignore_invalid_headers off;
    client_max_body_size 0;
    proxy_buffering off;
    proxy_request_buffering off;

    location / {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        proxy_connect_timeout 300;
        proxy_http_version 1.1;
        proxy_set_header Connection "";
        chunked_transfer_encoding off;

        proxy_pass http://minio_server;
    }
}

How do i convert it to caddyfile? I tried converting it (caddyfile below), run mc admin replicate add <alias1> <alias2> with the alias being the caddy’s server, but it returns remote service endpoint unavailable. But if i run mc admin info <alias>, it works fine, so I’m guessing i convert the nginx config wrongly.

2. Error messages and/or full log output:

n/a

3. Caddy version:

v2.10.2 h1:g/gTYjGMD0dec+UgMw8SnfmJ3I9+M2TdvoRL/Ovu6U8=

4. How I installed and ran Caddy:

a. System environment:

systemd

b. Command:

c. Service/unit/compose file:


[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target

[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile --force
TimeoutStopSec=5s
LimitNOFILE=1048576
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE

[Install]
WantedBy=multi-user.target

d. My complete Caddy config:

My current caddyfile that i try to convert:

minio.mydomain.com {
  tls internal
  request_body {
    max_size 0
  }
  reverse_proxy minio-1.mydomain.com:9000 minio-2.mydomain.com:9000 {
     flush_interval -1
     health_uri /minio/health/live
     lb_policy round_robin
     lb_try_duration 10s
  }
}

5. Links to relevant resources:

oracion · November 26, 2025, 4:52am

For anyone having this same issue, the problem is in self-signed certificate. When using site replication, minio itself is the one connecting to caddy. By adding --certs-dir in minio startup argument and adding caddy’s root ca to /CAs, the site replication succeed.