Today I added support for Let’s Encrypt to eris via DNS-01 challenge. Updated the gcore libdns package I wrote for Caddy, Maddy and now Eris. Add support for yarn’s cache to support # type = bot and optionally # retention = N so that feeds like @tiktok@feeds.twtxt.net work like they did before, and… Updated some internal metrics in yarnd to be IMO “better”, with queue depth, queue time and last processing time for feeds.
↳
In-reply-to
»
@movq i tried ngircd but couldn't figure it out T__T i left it at the web client and bouncer for now but i might toy with an IRC server another time!
⤋ Read More
@movq@www.uninformativ.de noted! i did try something like this but it wouldn’t connect on anything without the SSL stuff, which is normally handled by caddy for me but i can’t use certbot with caddy on so i’m stuck there LOL
↳
In-reply-to
»
@kate I already have my IRC server
⤋ Read More
irc.mills.io running behind Caddy Layer 4. However I don't terminate TLS at the edge in this case.
@prologic@twtxt.net oh yeah i had to build caddy with the L4 plugin to get this support. but i should pop into your server sometime james!!
↳
In-reply-to
»
guys i may be stupid. i confused IRC bouncer with IRC server
⤋ Read More
@bender@twtxt.net oh yeah that’s true, it’s just that i have caddy on a different machine than where i’d host ergo so that’s what worries me :‘)
↳
In-reply-to
»
@kate I already have my IRC server
⤋ Read More
irc.mills.io running behind Caddy Layer 4. However I don't terminate TLS at the edge in this case.
@bender@twtxt.net How do you mean? 🧐 Caddy doesn’t do L4 by default.
↳
In-reply-to
»
@kate I already have my IRC server
⤋ Read More
irc.mills.io running behind Caddy Layer 4. However I don't terminate TLS at the edge in this case.
@prologic@twtxt.net I got confused as one can simply proxy through Caddy. Duh! 😅
↳
In-reply-to
»
@prologic oooh this looks interesting!!! maybe i could play around with it in docker and see how to integrate it with caddy layer4 for TLS + my existing web client and bouncer!!
⤋ Read More
@kate@yarn.girlonthemoon.xyz I already have my IRC server irc.mills.io running behind Caddy Layer 4. However I don’t terminate TLS at the edge in this case.
↳
In-reply-to
»
guys i may be stupid. i confused IRC bouncer with IRC server
⤋ Read More
@kat@yarn.girlonthemoon.xyz you can let Caddy do it, and reuse the same certificates for Ergo (just enter the certificate/key path on Ergo). Once set Caddy will keep them current.
↳
In-reply-to
»
guys i may be stupid. i confused IRC bouncer with IRC server
⤋ Read More
@bender@twtxt.net also an interesting option! i think i’m most worried about the cert stuff because i just let caddy handle that for me so i’m not sure how to get files from certbot for that (i had issues with that yesterday) but i can look into it and just toy around with it
↳
In-reply-to
»
guys i may be stupid. i confused IRC bouncer with IRC server
⤋ Read More
@prologic@twtxt.net oooh this looks interesting!!! maybe i could play around with it in docker and see how to integrate it with caddy layer4 for TLS + my existing web client and bouncer!!
↳
In-reply-to
»
Some A hole has been trying to pull every single Twtxt feed that existed/still exists since forever. How do I know? Welp' They've been querying my Timeline™ instance for all of it, every single twtxt file and twt Hash they can find. 😆🤦 It must have been going on for days and I have just noticed... + it's all coming from the same ASN
⤋ Read More
AS136907 HWCLOUDS-AS-AP HUAWEI CLOUDS
@prologic@twtxt.net This shi_ is as fun as it is frustrating! 😆 the bot is poking at me from a different ASN now, Alibaba’s.
- Short term solution: I’ve geo-locked my Timeline instance since I’m the only one using it (and I only do so for reading twts when I’m away from terminal).
- Long term: I took a look at your Caddy WAF but couldn’t figure things out on my own; until then, I’ll be poking at Caddy-Defender, maybe throw in a Crowdsec for lols… #FUN
hey everyone i’ve spent my whole day trying to set up soju + gamja in docker and now i am down a rabbit hole of building caddy with layer4 support and trying to get TLS for my IRC server and NOTHING IS WORKING
↳
In-reply-to
»
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
⤋ Read More
@kat@yarn.girlonthemoon.xyz think i’ll wait and see if the caddy module proposal gets anywhere bc that sounds like it’d make my life easier lol
i tried deploying anubis (https://github.com/TecharoHQ/anubis) to protect my site superlove but yall i got so stuck with getting it behind caddy that i felt super dumb and gave up for now T_T
↳
In-reply-to
»
... Still reverse proxying an Nginx web server tho 😅
⤋ Read More
Skill Issues of course, but that's going away next as soon as I get my php-fpm shi_ together.
@prologic@twtxt.net I’d stumbled upon #FrankenPHP while reading through #Caddy stuff and thought maybe it’s bit overkill for what i need it for but then again, it will be just a “One container in for two out”, that’s win in my book 😆
↳
In-reply-to
»
FINALLY!! Got #Caddy server up and running and got rid of nginx proxy manager and Mysql database containers 🥳🥳🥳
⤋ Read More
@aelaraji@aelaraji.com FUCK YEAH CADDY
↳
In-reply-to
»
... Still reverse proxying an Nginx web server tho 😅
⤋ Read More
Skill Issues of course, but that's going away next as soon as I get my php-fpm shi_ together.
You can use php-fpm via php_fastcgi in #Caddy
FINALLY!! Got #Caddy server up and running and got rid of nginx proxy manager and Mysql database containers 🥳🥳🥳
↳
In-reply-to
»
hmmm? 🤔
⤋ Read More
@prologic@twtxt.net I know! I know! 🤣 and it feels like I won’t be either, at least for a while … On the bright #Go side, I’m trying to switch everything (static web stuff and reverse-proxy) to #Caddy
↳
In-reply-to
»
Cool! 😎 So I can now block ASN(s) 🤣 (And I bet no-one noticed anything)
⤋ Read More
@prologic@twtxt.net i would be very interested in this as a caddy user who needs a WAF probably lol
How in da fuq do you actually make these fucking useless AI bots go way?
proxy-1:~# jq '. | select(.request.remote_ip=="4.227.36.76")' /var/log/caddy/access/mills.io.log | jq -s '. | last' | caddy-log-formatter -
4.227.36.76 - [2025-01-05 04:05:43.971 +0000] "GET /external?aff-QNAXWV=&f=mediaonly&f=noreplies&nick=g1n&uri=https%3A%2F%2Fmy-hero-ultra-impact-codes.linegames.org HTTP/2.0" 0 0
proxy-1:~# date
Sun Jan 5 04:05:49 UTC 2025
😱
Having a lot of fun with Coraza today. A Web Application Firewall library written in Go that also happens to have a Caddy module.
↳
In-reply-to
»
@prologic YAYYY fuck cloudflare!!! caddy+wireguard amazing combo
⤋ Read More
@prologic@twtxt.net oh yeah i had to do a custom caddy build for that once but then i reverted because i didn’t need it anymore (well i kinda do but for now i’m just manually doing it instead of wildcard certs/TLS on demand i’m lazy af). otherwise i love caddy
↳
In-reply-to
»
I am now proud to say, that as of this moment, I am off of Clownflare 🤣 Still using Cloudflare for DNS, but no longer proxying through their services or terminating TLS at their edge. Instead, all my sites and services now terminate TLS on my own edge proxy running Caddy+Wireguard (so all ingress is actually egress 🤣) 🥳 #Clownflare #Cloudflare
⤋ Read More
@prologic@twtxt.net YAYYY fuck cloudflare!!! caddy+wireguard amazing combo
I am now proud to say, that as of this moment, I am off of Clownflare 🤣 Still using Cloudflare for DNS, but no longer proxying through their services or terminating TLS at their edge. Instead, all my sites and services now terminate TLS on my own edge proxy running Caddy+Wireguard (so all ingress is actually egress 🤣) 🥳 #Clownflare #Cloudflare
↳
In-reply-to
»
Been curious about how people on Pubnix instances do manage their feed, if they have access to log? Sent in a req to join one still no res.
⤋ Read More
Idk about other pubnixes but i can freely edit caddy config (or change webserver and use other config format)
↳
In-reply-to
»
@doesnm Fot a sample access log? Which tool are you using?
⤋ Read More
@doesnm@doesnm.p.psf.lt Do you have a sample Caddy log file you can supply? I’ll see if we can improve the tool 👌
how to parse caddy access log with useragent tool? seems it dont detect anything in json
Starting a couple of new projects (geez where do I find the time?!):
HomeTunnel:
HomeTunnel is a self-hosted solution that combines secure tunneling, proxying, and automation to create your own private cloud. Utilizing Wireguard for VPN, Caddy for reverse proxying, and Traefik for service routing, HomeTunnel allows you to securely expose your home network services (such as Gitea, Poste.io, etc.) to the Internet. With seamless automation and on-demand TLS, HomeTunnel gives you the power to manage your own cloud-like environment with the control and privacy of self-hosting.
CraneOps:
craneops is an open-source operator framework, written in Go, that allows self-hosters to automate the deployment and management of infrastructure and applications. Inspired by Kubernetes operators, CraneOps uses declarative YAML Custom Resource Definitions (CRDs) to manage Docker Swarm deployments on Proxmox VE clusters.
↳
In-reply-to
»
Joplin + Caddy WebDAV over here.
⤋ Read More
yup! just need to add the webdav extension and configure it up a path and user/pass. caddy handles everything else.
↳
In-reply-to
»
I’m this close to making an Android app for managing a shopping list.
⤋ Read More
↳
In-reply-to
»
Still undecided between TiddlyWiki, DokuWiki, Bear, Benotes, Memos, my blog software, standardnotes, apple notes and more. I like them all quite a bit, but standardnotes, the only one that has reall multiplatform is so fucking complicated to host on your own and then they have this stupid offline subscription thing that allows rich text or the block editor that works like notion. I also found codex docs which is really really nice. Unfortunately they lack proper authentication. 1 / 2
⤋ Read More
I setup Joplin with caddy as the WebDAV server. Works okay. The e2e encryption can get messed up sometimes. Supports markdown and images.
@prologic@twtxt.net @thewismit not sure.. im using Caddy instead of nginix