I'm at the point now where I'd rather not even use Caddy for HTTPS because if all I'm doing is reverse proxying.
Haproxy is better performing. Caddy is hostile if you want DNS validation and you don't have one of their 5 blessed DNS provider plugins. The lego-deprecated shim that supports a TON of providers is terrible and I caught it trying to renew perfectly good certificates every time I restart Caddy.
feld /
npub1yc…gujmw
2023-08-20 16:30:47
Author Public Key
npub1yck44z5zqxmwpqzqs75ay6ffjdw843ng9p6mz0lzfff3fgz2djlsngujmwPublished at
2023-08-20 16:30:47Event JSON
{
"id": "7f89f659841cb3dfbcc8e42bc363e57c259d862900467ef95b63c0cc672e990d",
"pubkey": "262d5a8a8201b6e0804087a9d26929935c7ac6682875b13fe24a5314a04a6cbf",
"created_at": 1692549047,
"kind": 1,
"tags": [
[
"proxy",
"https://bikeshed.party/objects/55f1bb7b-d6d0-449b-8e03-b5e1f72f6c49",
"activitypub"
]
],
"content": "I'm at the point now where I'd rather not even use Caddy for HTTPS because if all I'm doing is reverse proxying.\n\nHaproxy is better performing. Caddy is hostile if you want DNS validation and you don't have one of their 5 blessed DNS provider plugins. The lego-deprecated shim that supports a TON of providers is terrible and I caught it trying to renew perfectly good certificates every time I restart Caddy.",
"sig": "ba414f9a0b281cea666f65f54f30538d1e3a06892f2617e4e9e63fb202bf460c1b0706b60ad8e7cbad2f01fa179642de6c603f4c51e582da66e0d52d5fbc9f1a"
}