Partner Content How to reverse proxy in Caddy v2

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).
This content was added by a IT Bible partner. See more information about our partner program here.
Have you ever wanted to setup a reverse proxy that is super simple to setup and maintain (with SSL by default)? Its pretty simple with Caddy v2,


  • Install your OS (check out my video on installing Ubuntu here)
  • Install Caddyv2 (check out my post on installing Caddy here)
  • Port 80 and 443 open on your firewall pointed at your Server
  • DNS record pointed to your public IP

Default Configuration​

When you first install Caddy, you will get a blank Caddyfile like below
# The Caddyfile is an easy way to configure your Caddy web server.
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.

:80 {
        # Set this path to your site's directory.
        root * /usr/share/caddy

        # Enable the static file server.

        # Another common task is to set up a reverse proxy:
        # reverse_proxy localhost:8080

        # Or serve a PHP site through php-fpm:
        # php_fastcgi localhost:9000

# Refer to the Caddy docs for more information:

Configure Reverse Proxy​

Its really, really simple, I used the default port 80 rule to forward any un-handled requests back to IT Bible.
nano /etc/caddy/Caddyfile
:80 {
        redir # Just added this line to handle requests that aren't defined
} { # this handles the reverse proxy for and forwards the request to our Mattermost server
} { # this handles the reverse proxy to the wiki at
} { # this handles all the requests to my uptime kuma docker container

Bring it all up​

Now all you need to do is run systemctl reload caddy.service and this will generate all of your SSL certificates with letsencrypt and starts the reverse proxy.