from Hacker News

Caddy 0.9 Released with All New Core

by mmlkrx on 7/19/16, 6:27 AM with 74 comments

  • by aexaey on 7/19/16, 8:37 AM

    There are some features in Caddy that are simply outstanding - HTTP/2 and Let's Encrypt integration, to name a few - both pretty much work out-of-the-box with zero-configuration.

    On the other hand, there are still some gaping holes - for example, to block (or allow) a 192.168.0.0/17 IPv4 subnet in Caddy, one needs to do all of below:

    - Install an addon [1];

    - Which used to require recompilation, with 0.9 release you can just click an option during download, yay!;

    - Add 128 ranges to cover this single subnet: 192.168.0.0-255, 192.168.1.0-255, ...192.168.127.0-255. Configuration doesn't support subnets, only ranges. And only ranges in last octet, i.e. 192.168.1.0-255 (meaning 192.168.1.0/24), or implied ranges by trailing octet(s) omission, i.e. 192.168 (meaning 192.168.0.0/16) [2].

    Oh, and ipv6 filtering doesn't exist at all.

    [1] https://caddyserver.com/docs/ipfilter

    [2] Which is mildly confusing notation too, since traditional UNIX inet_aton() call would interpret this as 192.0.0.168. Try typing "ping 192.168" on Linux.

  • by Mojah on 7/19/16, 12:24 PM

    Shameless plug: if you're interested in knowing more about the Caddy webserver, I did an interview with Matt Holt - its creator - a few weeks ago on the SysCast podcast: http://podcast.sysca.st/podcast/1-matt-holt-creator-caddy-we...

  • by djvdorp on 7/19/16, 8:30 AM

    I would love to hear experiences from people/companies using Caddy in production (for example, replacing nginx). The project looks very promising, but for production usage one might also like a decent group of other people using it in production.

  • by embik on 7/19/16, 7:34 AM

    The one thing that bothers me (which is not Caddy's fault at all) is the plugin system. If I understand correctly, I have to recompile Caddy for every plugin I want to use, right? Sounds like a limitation with Go which is really unfortunate.

  • by nemothekid on 7/19/16, 3:00 PM

    I'm awesome to see Caddy come so far. We started using Caddy a little over a year ago, when we needed a replacement for nginx as a reverse proxy that could talk directly to mesos to figure out routing. At the time I rewrote the reverse proxy middleware to get the functionality I needed, but we ended up maintaining our own fork (which is now widely behind), because we needed our own plugins (and a mesos reverse proxy didn't seem useful enough to integrate into caddy core), so its great to see first class support for plugins.

  • by dvdplm on 7/19/16, 7:50 AM

    Can Caddy work as a reverse proxy to other backend services? And if so, can I use QUIC for the backend and plain TCP for the front-end? Would that give me any benefit?

  • by namsral on 7/19/16, 12:47 PM

    API Bootstrapping

    What if you could slap something like Caddy in front of any API and provide authentication, analytics even billing out of the box.

      - Rate limiting
  - Billing
  - Authentication and Authorization using OAuth or JWT
  - Analytics/Metrics
  - Geo Location
  - TLS
  - HTTP2?
  - Image optimization
  - Content minification
  - Gzip
  - Signaling Slack/Push/SMS
  - Caching through cloud storage S3, BlackBlaze B2
  - PostgREST

  • by regecks on 7/19/16, 8:50 AM

    When I went to use Caddy (because I love the idea of it), I was disappointed to find that there was no yum repo.

    Of course, this makes sense because you have to compile the features in.

    But, it would still be nice to have deployment automate-able. Maybe an Ansible role that combines the feature list you need and downloads it via an API.

    It's the major, and only reason I quit and went back to nginx.

  • by electic on 7/19/16, 7:28 AM

    How does this compare to NGINX? Especially around performance and security?

  • by ciconia on 7/19/16, 4:02 PM

    I just replaced nginx with caddy on a staging server. Works flawlessly, very easy to install. The docs could use some improvement though, especially in the way of examples.

  • by Siecje on 7/19/16, 3:49 PM

    Can I use Caddy to provide a single point of authentication for multiple apps when acting as a reverse proxy?

    So a request to a protected resource needs to be authenticated if not then redirect to a URL (login form).

    If login is successful then a token is provided which can be used for authentication.

    If a request is authenticated successfully then it can proxy to the resource.

  • by unethical_ban on 7/19/16, 2:36 PM

    The static site generation was actually really cool, but I get the direction they're going with being a wrapper around secure web services.

  • by kylemathews on 7/19/16, 5:50 PM

    Curious if there's a plugin yet for adding caching headers to static assets?

  • by eberkund on 7/19/16, 3:33 PM

    Is anybody using Caddy on Windows? I use it on OS X via Laravel Valet which is excellent but I am looking for a replacement WAMP stack.