Using Caddy as reverse proxy for Ghost

Thought I would try something a little different after migrating to a new server and decided to use Caddy rather than Nginx as the reverse proxy and skipped over the offer to set up Nginx in the Ghost CLI setup.

Took a few attempts to get the Caddyfile correct (the Caddyfile hosts the config for everything), but this is what worked in the end:

  GNU nano 7.2                        Caddyfile                                 
mytechblog.com {
        root * /var/www/mytechblog
        file_server

        reverse_proxy localhost:2368
}

www.mytechblog.com {
        root * /var/www/mytechblog
        file_server

        reverse_proxy localhost:2368
}

Points:

www and / are different paths hence the rule has to be configured for both endpoitns
→ replace var/www/mytechblog with the root of your Ghost installation (!)
→ Caddy automatically provisions the self-signed certs needed for this to work on HTTPS
→ Config worked out of the box for me behdind Cloudflare

3 Likes

I think using caddy as file_server here is a big security issue here.

This allows mytechblog.com/config.production.json to be served, right?

Is Caddy being used in place of Nginx or on a separate server acting as a reverse proxy for a number of separate network hosts?

I have a 1G Fiber service with a static IP address and a firewall router managing a LAN network with VM’s on a ProxMox PVE8.2.2 cluster and a DNS server that allows many A records to be hosted. Caddy 2.7.6 manages the routing to each host by A record.

Are you using Caddy on the Ghost server itself?