Comment by RandyOrion

2 months ago

Thank you Let's Encrypt, together with the acme.sh , caddy and the whole ecosystem for TLS.

You simply cannot emphasize the information security enough if all your Internet traffic is audited, censored and manipulated by a number of adversaries supported by (authoritarian) governments and what not.

4 comments

RandyOrion

Reply
8cvor6j844qw_d6  2 months ago

Caddy's way of using plugins seems to require building custom binaries, may I know if that's what you did?

I preferred to use wildcard certs, which requires a plugin for the dns

  • RandyOrion  2 months ago

    Well, I use Arch Linux and the caddy package from pacman just works. You may checkout https://github.com/caddyserver/xcaddy for custom caddy build.

    Besides, I don't use wildcard certs. I use caddy to reverse proxy a number of self-hosting things, and manually assign domain names to each of them. Caddy can handles many certs just fine.

    • 8cvor6j844qw_d6  2 months ago

      I plan to make use of a Caddy on a cheap VPS to expose some self-hosted services behind Tailscale, behind Caddy will be a mix of Raspberry Pi and a occasional hosted VPS when trying things out.

      How's your experience with Caddy regarding memory usage? I am currently serving a static site with 500 MB, but this is with very low to zero traffic.

      1 reply →