How do I install Caddy on Proxmox

1. The problem I’m having:

I’m presently running Proxmox with NginX Proxy Manager (NPM) and would like to switch to Caddy.

My NPM is on a LXC, and serves as Reverse Proxy to approx 10 other applications installed as LCXs such as Plex, Vault Warden. NPM and all apps are installed on in their respective LXCs with docker.

All my services are hosted locally; and I have no intention of exposing them.

How do I implement this via Caddy; I did try using the docker-compose file but then says I have to create a Caddyfile. What do I even put in this file so that it’s able to use the DuckDNS API token.

Couldn’t get past running the docker-compose file as it gave some errors.

Also, what is xcaddy what does this do; I glanced something called CaddyServer and it mentioned I need to install this. I didn’t see this mentioned in the docker-compose section.

2. Error messages and/or full log output:

After running the docker-compose.yaml file; I received a strange error. Difficult to type here but I’ve read somewhere that a Caddyfile folder is created instead of an actual File. How do I create the Caddyfile which the docker guides speaks of.

3. Caddy version:

Latest i’m assuming.

4. How I installed and ran Caddy:

Couldn’t get past the docker-compose file.

a. System environment:

Proxmox with the intention of running Caddy on its own LXC.

b. Command:

None

c. Service/unit/compose file:

The default docker-compose file.

d. My complete Caddy config:

The default docker-compose file ?

5. Links to relevant resources:

Is there more streamlined documentation on the website; as each line has a link and so on so forth. Looking to read a consolidated guide without having to go back and forth between multiple links.

Please show what you actually tried. Post the configs you tried, the errors and/or logs you got when trying it. Be specific.

What do you mean? Just copy-paste it.

xcaddy is a tool separate from Caddy which is used to produce custom builds of Caddy. See Build from source — Caddy Documentation which explains further.

You’ll be using that if you need Caddy plugins. You mentioned DuckDNS, so you’ll likely need this plugin GitHub - caddy-dns/duckdns: Caddy module: dns.providers.duckdns

Why use docker-compose?

I am sure you’ll be fine with running this behind an LXC Container by just installing it via APT (and than changing the binaries if needed with xcaddy or via the website).

I’ve not tried much of the container version of Caddy besides building my own caddy binaries with the builder.

My recommendation is to go slow, install caddy via apt in a LXC Container for Debian 12 to mess around with until you understand the config.

plex.domain.internal {
      tls internal
      reverse_proxy plexipandport
}

Hi Thanks for the help; I believe I’ll look to another platform / solution. I came to Caddy thinking (from what I read elsewhere) that its easy to setup, but it isn’t.

Tried the debian install and go it to run; now I want to have my local sites use HTTPS such as Plex, Vault Warden, Emby, NextCloud, however there are no instructions on the website. Where / when / how does DuckDNS fit in, what is xcaddy how to install it (do i even need it); can’t figure it out.

The documentation here is like you’re on Page 1 → on the 2nd line there’ll be a hyperlink will tell you to go to Page 110 and on the 3rd line then Page 99, then Page 25 etc etc.

It’s relatively easy to setup, but I do find that once you start to deviate from the normal and easy configurations it gets a bit harder to understand certain things.

If I am being completely honest, a lot of these answers are on the documentation page, google and any GPT Ai.

Feel free to still ask for help but you should in fact provide examples of what you’ve done with your Caddyfile and other settings.

Hi thanks for your response; this is my setup

1. Proxmox
2. OPNSense virtualized
3. A DMZ VLAN, running NginX Proxy Manager (NPM) virtualized in its own LXC. I have obtained SSL Certificates from DuckDNS.
4. An Apps VLAN, running for e.g. Plex, Emby, NextCloud and 10+ other apps on their own LXC / IPs

My personal devices phones / tablets are only permitted to access NPM (via Firewall rules already setup) which in turn provides access to Emby, NextCloud by typing a domain plex.myname.duckdns.org.

How do I set this up in Caddy; for now I’ve only been able to install it using the Debian commands. Where do I go from there; the documentation doesn’t seem to point in any direction.

Also how do I get CrowdSec to parse / monitor Caddy log files for added security.

I meant, configuration settings for Caddy not for Nginx.

A lot of the things you are mentioning I have currently running, feel free to post the configuration files for your Caddy Proxy Server.

You’re looking for Caddyfile Quick-start — Caddy Documentation.

After that, there’s some useful links at the bottom of the page, including Caddyfile Concepts — Caddy Documentation.

These will give you an overview of how to create a Caddyfile.

It fits in if you want to you use DNS validation for your certificates. LetsEncrypt has a good explanation of what that is here: Challenge Types - Let's Encrypt

DNS validation is useful for people who run Caddy behind a firewall or otherwise inaccessible to the internet, or if the public DNS doesn’t point to Caddy, or if they want wildcard certificates.

Francis linked you information on that one up above:

You might need it if you want to build your own custom Caddy…

…for the purpose of using the DuckDNS API to take advantage of DNS validation.

You could alternatively download the binary directly from the website.

Definitely check out the Caddyfile Quick-start I linked above to teach you the basics.

Just like the DuckDNS API requires a custom plugin, the Crowdsec bouncer for Caddy is also a custom plugin. You will need to either use xcaddy or download a custom binary from the website with these modules included. It can be as simple as ticking the boxes on the download page, if you need it.

The module is located at GitHub - hslatman/caddy-crowdsec-bouncer: A Caddy module that blocks malicious traffic based on decisions made by CrowdSec. and you should find instructions for its usage there.

Thanks a lot; but i gave up;

I’m not good at this; but entirely sure i’m not the only person facing issues. Wish the documentation was better; and read like a tutorial, rather than assuming one knew everything before hand

The main website has a link right above the fold pointing to the documentation.

The main page of the documentation explains how to configure Caddy and refers you to the Caddyfile docs, which show what a Caddyfile looks like and how it works - and is packed with links to tutorials, examples, and technical information ranging from absolute beginner to expert level.

Apart from linking you to the Caddyfile, the main documentation shows you the Getting Started guide, which is a full ride step-by-step crash course in Caddy usage.

The main documentation also links to installation instructions for Docker, which have a link in turn to some comprehensive Docker Compose guidance, where it is also explained how to employ a Caddyfile and links back to more in-depth Caddyfile documentation.

While I personally think the documentation writers have gone above and beyond to ensure all of the information you need is available to you in as easily-accessible a manner as possible just from reading the main page of the documentation, I think any reasonable person would agree that continual improvement to those docs is a key aspect of user-friendly software. So - if you have any constructive, actionable feedback for the documentation, I assure you that it will be seriously and thoughtfully considered.

Although you’ve given up, this thread may yet serve as a resource for those who find themselves reading this in future, if they find themselves asking similar questions as you have.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.