Adding too this. The configuration example at the repository reads:

{
	"nick": "Example",
	"description": "alice's twtxt instance!",
	"host": "twtxt.example.com",
	"admin": "alice"
}

Would it make more sense changing nick to instance_name or similar? Usually nick is reserved for users, like here, quark. Right? Also, is host the same FQDN to be used while proxying traffic to the application? That is, using the above configuration, it’s Caddy configuration would be:

twtxt.example.com {
	encode
	reverse_proxy :31212
}

Is that correct?

Honestly for these types of services, there probably isn’t much point, as the layer4 module in Caddy doesn’t do inspection/filtering anyway I think? 🤔

@prologic@twtxt.net I forgot to ask you about this. Did you ended up using TLS with Caddy, or you used something else?

Anyone want to help me alpha/beta test the new WAF I’m building? It’s a Caddy module. 🤔

Today I added support for Let’s Encrypt to eris via DNS-01 challenge. Updated the gcore libdns package I wrote for Caddy, Maddy and now Eris. Add support for yarn’s cache to support # type = bot and optionally # retention = N so that feeds like @tiktok@feeds.twtxt.net work like they did before, and… Updated some internal metrics in yarnd to be IMO “better”, with queue depth, queue time and last processing time for feeds.

@bender@twtxt.net How do you mean? 🧐 Caddy doesn’t do L4 by default.

@prologic@twtxt.net I got confused as one can simply proxy through Caddy. Duh! 😅

@kate@yarn.girlonthemoon.xyz I already have my IRC server irc.mills.io running behind Caddy Layer 4. However I don’t terminate TLS at the edge in this case.

@kat@yarn.girlonthemoon.xyz you can let Caddy do it, and reuse the same certificates for Ergo (just enter the certificate/key path on Ergo). Once set Caddy will keep them current.

@prologic@twtxt.net This shi_ is as fun as it is frustrating! 😆 the bot is poking at me from a different ASN now, Alibaba’s.

1. Short term solution: I’ve geo-locked my Timeline instance since I’m the only one using it (and I only do so for reading twts when I’m away from terminal).
   
2. Long term: I took a look at your Caddy WAF but couldn’t figure things out on my own; until then, I’ll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols… #FUN

@prologic@twtxt.net I’d stumbled upon #FrankenPHP while reading through #Caddy stuff and thought maybe it’s bit overkill for what i need it for but then again, it will be just a “One container in for two out”, that’s win in my book 😆

FINALLY!! Got #Caddy server up and running and got rid of nginx proxy manager and Mysql database containers 🥳🥳🥳

@prologic@twtxt.net I know! I know! 🤣 and it feels like I won’t be either, at least for a while … On the bright #Go side, I’m trying to switch everything (static web stuff and reverse-proxy) to #Caddy

@prologic@twtxt.net +1 for FrankenPHP. And built into caddy is also swell.

password is generated using caddy hash-password

yup! just need to add the webdav extension and configure it up a path and user/pass. caddy handles everything else.

Joplin + Caddy WebDAV over here.

I setup Joplin with caddy as the WebDAV server. Works okay. The e2e encryption can get messed up sometimes. Supports markdown and images.

@prologic@twtxt.net @thewismit not sure.. im using Caddy instead of nginix