This seems too straightforward, what’s the catch?
Like how secure is it? Should I be turning it off (and disabling the port forwarding) when not using it?
Do I need any additional security? Mainly just want to use it for Jellyfin
Thanks
This seems too straightforward, what’s the catch?
Like how secure is it? Should I be turning it off (and disabling the port forwarding) when not using it?
Do I need any additional security? Mainly just want to use it for Jellyfin
Thanks
Totally agree.
The main problem is it’s all written as a reference – for people who already understand what/how, who need to just refresh their memory of the actual syntax.
There’s very little explanatory stuff for people who need more than that. I had to read the same stuff multiple times, traversing many (or often, the same!) links, make notes, and then form a mental picture of what is going on.
Caddy maintainer here, if you could point to specific sections you find confusing, that would help. We rarely receive actionable feedback about the docs, so it’s hard for us to make improvements.
One thing that threw me in the beginning was that the docs didn’t show examples in context. As an example, if you look at the basicauth docs it shows:
basicauth /secret/* { Bob $2a$14$Zkx19XLiW6VYouLHR5NmfOFU0z2GTNmpkT/5qqR7hx4IjWJPDhjvG }... }
Where can I use this? Globally? In the top-level of the virtualhost definition? If I’m reverse proxying, do I put it inside the reverse_proxy stanza? I used Apache for years and the docs always stated what context directives could be used in, eg.
https://httpd.apache.org/docs/2.4/mod/core.html#acceptpathinfo
You’re meant to read https://caddyserver.com/docs/caddyfile/concepts#structure first, which explains that directives always go within a site block, and can sometimes be nested within other special directives like
handle
androute
.Something I encountered last week.
http:\\
or port:80
in the address. Otherwise caddy will listen by default for only https.It was no biggie, that forum post is literally the second google result for
auto_https
and does good job, but you asked and I have it fresh in memory…Thanks, that’s helpful. Yeah the docs for
auto_https
should explain up-front that this only affects the feature called “Automatic HTTPS” and does not change the default port/procotol of Caddy, which is always HTTPS unless otherwise specified (i.e. by usinghttp://
as a site address prefix, or:80
as a suffix).at the moment my caddy setup is stable; I am recounting my experience from memory.
It may be useful to consider what I said in a broader perspective – i.e., what you have is an excellent reference but it does not help discovery of task-oriented solutions.
Sorry I am unable to express the problem better than that. Will keep an eye out in future if I can get more concrete and open an issue or something.
😬 Well, that’s not helpful. Without specific feedback, there’s nothing we can do to improve the docs. It’s exhausting to read vague complaints about the docs, because it’s 90% of the feedback we get.
But yes, please do reach out (open a GitHub issue, comment on the forums etc) if you do notice something that doesn’t meet your expectations in the docs.
What I think they meant is more “how to achieve X or Y” focused documentation, rather than just explaining how features A or B work. The former approach explains what you should use and how to do it, the latter only documents what each variable does.
To use an analogy: I could probably build a bicycle from the individual parts based on a tutorial with that goal in mind, but not based on the individual technical descriptions of each part.
/u/xkcd__386 is that what you meant?
I understand what they meant, but it’s broad/vague, and not specific/actionable.
We do have a tutorials section in the docs, and we have the https://caddyserver.com/docs/caddyfile/patterns page which are that.
Our question is how are those lacking? Just saying “more please” doesn’t help because we don’t know what the need is. We can’t imagine every single possible usecase, because it’s actually infinite. Caddy is a “general purpose webserver” which means “it can do just about anything”.
Help us by telling us what specifically what usecase is important to you. We don’t have telemetry, we need users to tell us.
Right, gotcha. I can’t help you there since I don’t use Caddy.
The tutorials section is very basic; I am not talking at that level. The patterns page is closer to the level of complexity that one needs help with, and it does cover several items, but you have 30-40 directives, many with several options, global options, and so on, so there’re bound to be gaps.
In the other comment you said this is “90% of the feedback we get”, and I can certainly understand the frustration – people want documentation to magically solve their specific problem quickly, without having to read anything extraneous to it, which is clearly impossible.
As I said before, I’ll keep it in mind next time I need to do something if I can’t find it easily in the docs I’ll at least highlight the effort it took, what I searched/read/found, etc., so you have something concrete.
Spot on.
Of course from their point of view that’s “not helpful”. Maybe I’ll spend some time looking at it to come up with something, if I have time.
I found the practical use cases helpful, probably should expand that cookbook.
E.g. I’ve found this sort of construct helpful (not sure how safe using {host} here is though):
It is hard to understand the whole thinking behind the config system, with directives, matchers, placeholders, invisible reordering of rules, and all the other concepts. And to add to the complication, Caddyfile and API are completely distinct systems and it is not very clearly explained [that one really ought to be using Caddyfile and ignoring the API for most use cases]. And that distros do ship Caddyfile-based systemd service now (some also API-based, and perhaps with root-only control socket to add to the confusion).
I did dig into it to really understand how it works but that took a couple of weeks to digest, which is a lot for someone who only needs a simple server/proxy.