#caddy — Public Fediverse posts

So as of yesterday, 90 days have passed with my entire #homelab in a "single stack" all running atop an M1 mac mini. Under 30 watts total power consumption, 4 VMs and dozens of services in containers. Zero issues.

#linux #opensource #macmini #docker #debian #plex #jellyfin #uptimekuma #portainer #lowpower #caddy #selfhost #selfhosting #privacy #sovereignty

Self-Hosting Easypanel and n8n on Ubuntu VPS #caddy #docker #easypanel #n8n #nginx #opensource #selfhosted #selfhosting #ubuntu #vps #Cloud #Guides #VPS

Self-Hosting Easypanel And N8n...

Self-Hosting Easypanel and n8n on Ubuntu VPS #caddy #docker #easypanel #n8n #nginx #opensource #selfhosted #selfhosting #ubuntu #vps #Cloud #Guides #VPS

Self-Hosting Easypanel And N8n...

Self-Hosting Easypanel and n8n on Ubuntu VPS #caddy #docker #easypanel #n8n #nginx #opensource #selfhosted #selfhosting #ubuntu #vps #Cloud #Guides #VPS

Self-Hosting Easypanel And N8n...

Self-Hosting Easypanel and n8n on Ubuntu VPS #caddy #docker #easypanel #n8n #nginx #opensource #selfhosted #selfhosting #ubuntu #vps #Cloud #Guides #VPS

Self-Hosting Easypanel And N8n...

https://www.fogolf.com/1268602/caddy-splash-released-a-premium-2-in-1-step-up-golf-tee-and-divot-repair-tool-usagolf/ Caddy Splash released a premium 2-in-1 step up golf tee and divot repair tool. #usagolf #2in1 #caddy #DIVOT #Golf #GolfBalls #GolfBallsVideos #GolfBallsVlog #GolfBallsYouTube #GolfEquipment #GolfEquipmentVideos #GolfEquipmentVlog #GolfEquipmentYouTube #GolfTee #GolfTees #GolfTeesVideos #GolfTeesVlog #GolfTeesYouTube #PREMIUM #released #repair #Splash #STEP #tee #Tool #USAgolf

https://www.fogolf.com/1268602/caddy-splash-released-a-premium-2-in-1-step-up-golf-tee-and-divot-repair-tool-usagolf/ Caddy Splash released a premium 2-in-1 step up golf tee and divot repair tool. #usagolf #2in1 #caddy #DIVOT #Golf #GolfBalls #GolfBallsVideos #GolfBallsVlog #GolfBallsYouTube #GolfEquipment #GolfEquipmentVideos #GolfEquipmentVlog #GolfEquipmentYouTube #GolfTee #GolfTees #GolfTeesVideos #GolfTeesVlog #GolfTeesYouTube #PREMIUM #released #repair #Splash #STEP #tee #Tool #USAgolf

Im Grunde benötige ich kein Reverse #Proxy um Dienste entsprechend öffentlich zu machen ist für meinen Spaß unnötig. Es geht auch per #Wireguard. Damit wird auch die Sicherheit meiner sensiblen Daten erhöht.

Trotzdem versuche ich dazu zulernen und diesmal ist #Caddy als #OPNsense #Plugin mein neues Tool. Als Proxy eine #DynDNS Adresse und lokal gebunden. Der externe Zugriff dann per Wireguard.

Im Grunde benötige ich kein Reverse #Proxy um Dienste entsprechend öffentlich zu machen ist für meinen Spaß unnötig. Es geht auch per #Wireguard. Damit wird auch die Sicherheit meiner sensiblen Daten erhöht.

Trotzdem versuche ich dazu zulernen und diesmal ist #Caddy als #OPNsense #Plugin mein neues Tool. Als Proxy eine #DynDNS Adresse und lokal gebunden. Der externe Zugriff dann per Wireguard.

Im Grunde benötige ich kein Reverse #Proxy um Dienste entsprechend öffentlich zu machen ist für meinen Spaß unnötig. Es geht auch per #Wireguard. Damit wird auch die Sicherheit meiner sensiblen Daten erhöht.

Trotzdem versuche ich dazu zulernen und diesmal ist #Caddy als #OPNsense #Plugin mein neues Tool. Als Proxy eine #DynDNS Adresse und lokal gebunden. Der externe Zugriff dann per Wireguard.

Домашний сервер без белого IP: безопасная публикация сервисов через VPS, обратный SSH-туннель и Caddy

Как безопасно опубликовать домашний сервер без белого IP и проброса портов: домашний сервер сам устанавливает исходящее SSH-соединение к VPS, на VPS создаётся локальный endpoint обратного SSH-туннеля, а внешний доступ к сервисам отдаётся через Caddy по HTTPS. Backend-порты вроде Nextcloud, Home Assistant или Jellyfin не открываются напрямую в интернет, а остаются доступными только через loopback и reverse proxy. Отдельное внимание уделено hardening: ограниченный пользователь tunneluser, SSH-ключи, autossh, systemd, UFW, проверка sshd_config и диагностика типовых ошибок. Поехали

https://habr.com/ru/articles/1038422/

#ssh #vps #linux #caddy #nextcloud

VPS-бастион: доступ к домашнему серверу без белого IP

У вас дома крутятся полезные сервисы: Home Assistant, Jellyfin, code-server или Nextcloud. Или вы только собираетесь их запустить. Пока вы дома, всё открывается по локальному IP. Но стоит выйти за пределы квартиры, и сервисы пропадают. Причина: провайдер выдал серый IP-адрес, то есть применяет CGNAT. Белый адрес получить либо нельзя (примерно, как советский дефицит), либо он стоит дополнительных денег.

https://habr.com/ru/articles/1038186/

#VPS #SSHтуннель #проброс_портов #CGNAT #серый_IP #домашний_сервер #удаленный_доступ #autossh #systemd #Caddy

Imagine my pride when the eldest of my two #children, aged 12, said she'd like to learn #HTML and #CSS and build her own #staticSite.

I briefly considered pointing her at e.g. #NekoWeb, but then realised: hey - I've got a #NAS and a full fibre connection: I could #selfhost something "like" the Nekode editor, right?

A couple of dozen lines of #Caddy and Docker configuration later, she had a working browser-based #VSCode with drag-drop file support that publishes directly to her domain. Super easy. Highly recommended.

Here's how I did it:
🔗 https://danq.me/selfhosted-static-site-editor

Just learned that Certificate Transparency logs are a thing... I hate it. One day, and a private subdomain is crawled by AI scrapers. These bas***ds...

At least some of them are being trapped by iocaine

#LetsEncrypt #CertificateTransparency #FckAI #FuckLLMs #caddy #iocaine

Just learned that Certificate Transparency logs are a thing... I hate it. One day, and a private subdomain is crawled by AI scrapers. These bas***ds...

At least some of them are being trapped by iocaine

#LetsEncrypt #CertificateTransparency #FckAI #FuckLLMs #caddy #iocaine

Just learned that Certificate Transparency logs are a thing... I hate it. One day, and a private subdomain is crawled by AI scrapers. These bas***ds...

At least some of them are being trapped by iocaine

#LetsEncrypt #CertificateTransparency #FckAI #FuckLLMs #caddy #iocaine

Just learned that Certificate Transparency logs are a thing... I hate it. One day, and a private subdomain is crawled by AI scrapers. These bas***ds...

At least some of them are being trapped by iocaine

#LetsEncrypt #CertificateTransparency #FckAI #FuckLLMs #caddy #iocaine

Just learned that Certificate Transparency logs are a thing... I hate it. One day, and a private subdomain is crawled by AI scrapers. These bas***ds...

At least some of them are being trapped by iocaine

#LetsEncrypt #CertificateTransparency #FckAI #FuckLLMs #caddy #iocaine

https://www.europesays.com/be-fr/109870/ Pourquoi Aldi cache désormais le prix de certaines promos #affaires #aldi #architecture #BE #BEFr #Belgique #Belgium #Business #caddie #caddy #chariot #commerce #de #discount #Économie #Economy #editorial #enseigne #entreprise #firm #logo #magasin #poundstretcher #signboard #store #supermarché #supermarket #thimble #trolley

Mercure 0.24.1 is out, riding on Caddy 2.11.3.

We contributed native OTLP metrics push to Caddy upstream. Mercure hubs can now ship metrics straight to your OpenTelemetry collector. No Prometheus scrape job needed. Drop

metrics {
otlp
}

into your Caddyfile and the standard OTEL_* env vars do the rest.

Pairs with the OTel tracing landed in 0.24, so traces + metrics work end-to-end against any OTLP backend.

https://github.com/dunglas/mercure/releases/tag/v0.24.1

#opensource #mercure #caddy #opentelemetry

Mercure 0.24.1 is out, riding on Caddy 2.11.3.

We contributed native OTLP metrics push to Caddy upstream. Mercure hubs can now ship metrics straight to your OpenTelemetry collector. No Prometheus scrape job needed. Drop

metrics {
otlp
}

into your Caddyfile and the standard OTEL_* env vars do the rest.

Pairs with the OTel tracing landed in 0.24, so traces + metrics work end-to-end against any OTLP backend.

https://github.com/dunglas/mercure/releases/tag/v0.24.1

#opensource #mercure #caddy #opentelemetry

Mercure 0.24.1 is out, riding on Caddy 2.11.3.

We contributed native OTLP metrics push to Caddy upstream. Mercure hubs can now ship metrics straight to your OpenTelemetry collector. No Prometheus scrape job needed. Drop

metrics {
otlp
}

into your Caddyfile and the standard OTEL_* env vars do the rest.

Pairs with the OTel tracing landed in 0.24, so traces + metrics work end-to-end against any OTLP backend.

https://github.com/dunglas/mercure/releases/tag/v0.24.1

#opensource #mercure #caddy #opentelemetry

Mercure 0.24.1 is out, riding on Caddy 2.11.3.

We contributed native OTLP metrics push to Caddy upstream. Mercure hubs can now ship metrics straight to your OpenTelemetry collector. No Prometheus scrape job needed. Drop

metrics {
otlp
}

into your Caddyfile and the standard OTEL_* env vars do the rest.

Pairs with the OTel tracing landed in 0.24, so traces + metrics work end-to-end against any OTLP backend.

https://github.com/dunglas/mercure/releases/tag/v0.24.1

#opensource #mercure #caddy #opentelemetry

Mercure 0.24.1 is out, riding on Caddy 2.11.3.

We contributed native OTLP metrics push to Caddy upstream. Mercure hubs can now ship metrics straight to your OpenTelemetry collector. No Prometheus scrape job needed. Drop

metrics {
otlp
}

into your Caddyfile and the standard OTEL_* env vars do the rest.

Pairs with the OTel tracing landed in 0.24, so traces + metrics work end-to-end against any OTLP backend.

https://github.com/dunglas/mercure/releases/tag/v0.24.1

#opensource #mercure #caddy #opentelemetry

Single binary php server built on top of #caddy, now i can try out apps written in php for self hosting. @itz_mr_evil will be excited by this

https://frankenphp.dev/

Single binary php server built on top of #caddy, now i can try out apps written in php for self hosting. @itz_mr_evil will be excited by this

https://frankenphp.dev/

Single binary php server built on top of #caddy, now i can try out apps written in php for self hosting. @itz_mr_evil will be excited by this

https://frankenphp.dev/

Single binary php server built on top of #caddy, now i can try out apps written in php for self hosting. @itz_mr_evil will be excited by this

https://frankenphp.dev/

Enabled HSTS with includeSubDomains and preload.

The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.

Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.

#HSTS #WebSecurity #Caddy #SelfHosting

Enabled HSTS with includeSubDomains and preload.

The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.

Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.

#HSTS #WebSecurity #Caddy #SelfHosting

Enabled HSTS with includeSubDomains and preload.

The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.

Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.

#HSTS #WebSecurity #Caddy #SelfHosting

Enabled HSTS with includeSubDomains and preload.

The cost is real and one-way: every current and future subdomain must serve HTTPS or become unreachable. Removal from the preload list is in browser-release hands, not yours.

Accepted because the site is HTTPS-only by intent and Caddy provisions certs for every subdomain automatically via Let's Encrypt.

#HSTS #WebSecurity #Caddy #SelfHosting

Small #psa: #caddy has a #journald friendly log format now 🥳

https://github.com/caddyserver/caddy/pull/7623

#caddyserver

Small #psa: #caddy has a #journald friendly log format now 🥳

https://github.com/caddyserver/caddy/pull/7623

#caddyserver

Small #psa: #caddy has a #journald friendly log format now 🥳

https://github.com/caddyserver/caddy/pull/7623

#caddyserver

Small #psa: #caddy has a #journald friendly log format now 🥳

https://github.com/caddyserver/caddy/pull/7623

#caddyserver

Small #psa: #caddy has a #journald friendly log format now 🥳

https://github.com/caddyserver/caddy/pull/7623

#caddyserver

v2.11.3

This release improves several aspects of Caddy with minor features, bug fixes, and security patches. Thank you to everyone and their bots who contributed to help make this release the best one yet! Security patches: fastcgi: Carrying over a patch...

https://github.com/caddyserver/caddy/releases/tag/v2.11.3

#caddyserver #caddy

Matthew Holt released #Caddy version 2.11.3. https://caddyserver.com/

Matthew Holt released #Caddy version 2.11.3. https://caddyserver.com/

Matthew Holt released #Caddy version 2.11.3. https://caddyserver.com/

Matthew Holt released #Caddy version 2.11.3. https://caddyserver.com/

Matthew Holt released #Caddy version 2.11.3. https://caddyserver.com/

Skipped Permissions-Policy on the static site.

It disables browser APIs (camera, mic, geolocation) the site doesn't use. Disabling something you're not using doesn't protect you from anything.

Embedding YouTube with fullscreen would also mean carving exceptions back in. More config for zero gain.

The scanner score drops one notch. The site is no less safe.

#WebSecurity #Caddy #StaticSite

Skipped Permissions-Policy on the static site.

It disables browser APIs (camera, mic, geolocation) the site doesn't use. Disabling something you're not using doesn't protect you from anything.

Embedding YouTube with fullscreen would also mean carving exceptions back in. More config for zero gain.

The scanner score drops one notch. The site is no less safe.

#WebSecurity #Caddy #StaticSite

Skipped Permissions-Policy on the static site.

It disables browser APIs (camera, mic, geolocation) the site doesn't use. Disabling something you're not using doesn't protect you from anything.

Embedding YouTube with fullscreen would also mean carving exceptions back in. More config for zero gain.

The scanner score drops one notch. The site is no less safe.

#WebSecurity #Caddy #StaticSite

v2.11.3

Release v2.11.3

https://github.com/caddyserver/caddy/releases/tag/v2.11.3

#caddyserver #caddy

OK my StyloBot hours begin (after my two contracts).
Today is getting the new SideCar mode in shape for the draft article.
This is what lets Node, Caddy etc...work with it in high performance modes. So .NET service running over gRPC in 1-2ms for a bot decision.

SO also building a small SDK with Typescript (client and server) & Go (Caddy) implementations. And it has a neat 'template' mode which accepts liquid templates and renders HTML controls allowing a hybrid rendering mode.

Makes it really useful beyond .net (so the behavioural UX idea from ASp.NET works everywhere https://www.mostlylucid.net/blog/behaviour-aware-ux.

#stylobot #dotnet #caddy #frauddetection

OK my StyloBot hours begin (after my two contracts).
Today is getting the new SideCar mode in shape for the draft article.
This is what lets Node, Caddy etc...work with it in high performance modes. So .NET service running over gRPC in 1-2ms for a bot decision.

SO also building a small SDK with Typescript (client and server) & Go (Caddy) implementations. And it has a neat 'template' mode which accepts liquid templates and renders HTML controls allowing a hybrid rendering mode.

Makes it really useful beyond .net (so the behavioural UX idea from ASp.NET works everywhere https://www.mostlylucid.net/blog/behaviour-aware-ux.

#stylobot #dotnet #caddy #frauddetection