kotori icon indicating copy to clipboard operation
kotori copied to clipboard

Published 20 hours ago verified publisher icon daq-tools

Add documentation - Caddy reverse proxy

Open danb35 opened this issue 4 years ago • 3 comments

I see that your docs include a page for setup behind a Nginx reverse proxy (https://getkotori.org/docs/setup/nginx.html), but I think it'd be nice to include instructions for using Caddy as well. I use it in a number of applications, and the big benefits I see are (1) it automatically manages TLS, including obtaining and renewing certificates from Let's Encrypt, and implementing a sensible and secure TLS configuration (the defaults give an A rating using https://github.com/drwetter/testssl.sh); and (2) much shorter and simpler configuration files (the complete server configuration for this application, including all the TLS stuff, can be as short as 10 lines).

The one downside is that in many cases it needs to be built from source--though as it's written in Go, that isn't as big of an issue as it could be.

I've written up a draft of a guide--feel free to adopt it wholesale, modify as appropriate, link to it, or whatever: https://www.familybrown.org/dokuwiki/doku.php?id=advanced:kotori_caddy

danb35 avatar Dec 10 '20 18:12 danb35

Hi again,

thanks a stack for this contribution. I will be happy to link to it from Kotori's documentation or might even include the snippets there.

Are you aware that Kotori also optionally sports a HTTP API, defaulting to localhost:24642? It would be nice to also include that into those snippets.

With kind regards, Andreas.

On 10 December 2020 19:03:45 CET, danb35 [email protected] wrote:

I see that your docs include a page for setup behind a Nginx reverse proxy (https://getkotori.org/docs/setup/nginx.html), but I think it'd be nice to include instructions for using Caddy as well. I use it in a number of applications, and the big benefits I see are (1) it automatically manages TLS, including obtaining and renewing certificates from Let's Encrypt, and implementing a sensible and secure TLS configuration (the defaults give an A rating using https://github.com/drwetter/testssl.sh); and (2) much shorter and simpler configuration files (the complete server configuration for this application, including all the TLS stuff, can be as short as 10 lines).

The one downside is that in many cases it needs to be built from source--though as it's written in Go, that isn't as big of an issue as it could be.

I've written up a draft of a guide--feel free to adopt it wholesale, modify as appropriate, link to it, or whatever: https://www.familybrown.org/dokuwiki/doku.php?id=advanced:kotori_caddy

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/daq-tools/kotori/issues/36

-- Sent from my mind. This might have been typed on a mobile device, so please excuse my brevity.

amotl avatar Dec 10 '20 18:12 amotl

Are you aware that Kotori also optionally sports a HTTP API, defaulting to localhost:24642? It would be nice to also include that into those snippets.

I hadn't run across that yet, but from a quick look at the docs, it looks like all calls to the API would begin with /api/, right? In that case, it should be very easy to add--you'd just have two reverse_proxy lines, like this:

        reverse_proxy /api/* localhost:24642
        reverse_proxy localhost:3000

This should (untested as yet) send any requests for /api/foo to port 24642, and everything else to port 3000.

danb35 avatar Dec 10 '20 18:12 danb35

Thanks! I will give that a short testdrive when dedicating this a respective section within the documentation.

On 10 December 2020 20:00:13 CET, danb35 [email protected] wrote:

Are you aware that Kotori also optionally sports a HTTP API, defaulting to localhost:24642? It would be nice to also include that into those snippets.

I hadn't run across that yet, but from a quick look at the docs, it looks like all calls to the API would begin with /api/, right? In that case, it should be very easy to add--you'd just have two reverse_proxy lines, like this:

       reverse_proxy /api/* localhost:24642
       reverse_proxy localhost:3000

This should (untested as yet) send any requests for /api/foo to port 24642, and everything else to port 3000.

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/daq-tools/kotori/issues/36#issuecomment-742727368

-- Sent from my mind. This might have been typed on a mobile device, so please excuse my brevity.

amotl avatar Dec 11 '20 20:12 amotl