1. The problem I’m having:
New caddy user, recently migrated from nginx, looking for tips to improve my plex and jellyfin proxies (improve as in performance and security). Brief testing shows that both plex and jellyfin are accessible externally but not had the chance to thoroughly test yet. Can I improve security or turn off any buffering that caddy may do for example? Any other tips greatfully received 
A lot of other plex and jellyfin posts or 3rd party tutorials seem a few years old and related to caddy v1.
2. Error messages and/or full log output:
No errors
3. Caddy version:
v2.6.4
4. How I installed and ran Caddy:
a. System environment:
Arch linux (LTS kernel), docker compose
c. compose file:
caddy:
image: caddy:latest
container_name: caddy
restart: always
network_mode: host
ports: #not needed as running in host mode, but here for completeness
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- <redacted local path>/Caddyfile:/etc/caddy/Caddyfile
- <redacted local path>:/data
- <redacted local path>:/config
volumes:
caddy_data:
external: true
caddy_config:
d. My complete Caddy config:
Redacted Caddyfile:
{
email <redacted>.com
}
px.<redacted>.com {
encode gzip zstd
header {
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
Referrer-Policy no-referrer-when-downgrade
#X-XSS-Protection 1
X-XSS-Protection "1; mode=block"
Referrer-Policy "same-origin"
Feature-Policy "self"
}
reverse_proxy localhost:32400
log {
output file /config/px.log {
roll_size 10MB
roll_keep 5
roll_keep_for 240h
}
}
}
jf.<redacted>.com {
reverse_proxy localhost:8096
}
5. Links to relevant resources:
none
