I’m Loving Caddy’s simple but deep config possibilities and everything managed as a simple to use API that comes out of the box, and would like to start using it. However, I’m one of those, theory-first guys, so please help me understand what would happen when I start using Caddy.
I’m currently hosting multiple copies of a Symfony PHP app with Apache2, all behind an HAProxy reverse proxy.
Each copy of the stack lives inside a LXC container (The PHP App + MySQL + Apache + FPM and so on…)
I’m terminating SSL connections and hosting the certs at the HAProxy, so the connections from the Internet are SSL/443 to the HAProxy and from the HAP to each container it’s plain/80.
This is because I need to use layer 7 for the HAProxy to redirect to the proper container based on the domain using domain based ACLs.
What are you trying to do?
I would like to understand what specific configuration will I need to use if I want to swap Apache for Caddy in my current setup.
I would like to know what architectural changes to the current setup would be needed if configuration is not enough. Fort example, changing the HAProxy for a Reverse Proxy Caddy?
I am in fact quite curious about any major advantages or drawbacks in migrating from Reverse HAP to RP Caddy?
Hope it’s not too much of a noob question, I’ve watched a few videos and read a few blog posts but could not find specific answers to my questions…
Sorry @francislavoie, I am certain that you want to help me, but I am now more lost than before asking.
So the answer is “yes”.
The answer is “Yes” to what question?
PHP example: Common Caddyfile Patterns — Caddy Documentation
I have read from top to bottom the page on the URL you gave me, 3 times, and I can’t find any configuration or any hint related to my setup.
you can use reverse_proxy to load balance between multiple app instances.
I do not plan on load balancing, and I am already using a reverse proxy (HAP) to send traffic to my containers.
You might want to consider using https://frankenphp.dev/
I am considering Caddy at this point in time, what makes you think frankenphp will work better than Caddy for my use case?
To “can I replace Apache and/or HAProxy with Caddy”. The answer is yes, Caddy can fulfill the purposes of both those servers.
I’m not sure how this doesn’t help you. There’s a config right at that link for serving a PHP app with Caddy, using php_fastcgi. That’s all you need for Caddy + PHP-FPM
What I’m saying is Caddy can replace HAProxy as your load balancer if you like. That’s a separate thing from running your individual apps.
Like Matt said, FrankenPHP is a distribution of Caddy which also includes a statically compiled build of PHP, so this one binary is both your PHP runtime and your webserver. One process, does both. Replaces your Apache + PHP-FPM setup with one container.
Yes, the entire config is malleable via the API. You need to craft requests that point to the specific part of the config that you want to modify, or push a whole new config with only the part you want changed.
But if you’re using a Caddyfile, you should not use the API. It’s not compatible, because Caddyfile produces a JSON config, and the JSON config is what Caddy actually runs with. So if you try to use the API to manipulate your JSON config, you’ll never be able to reflect the changes back to your Caddyfile (it’s a one-way conversion) unless you change your Caddyfile yourself by hand (or with your own scripting) as well. And that’s not a rabbithole you should go down.
And one more question, How do you define ACL’s or how do you send the traffic to the specific server/container? Where to find this in the documentation?
You’re better off starting with a Caddyfile IMO at least to get a sense of where things go in your JSON config. It produces relatively idiomatic JSON config, so it’s the easiest way to learn. Use the caddy adapt -p command to produce the JSON config.