Why I Switched from Nginx to Caddy for My Homelab

We earn commissions when you shop through the links on this page, at no additional cost to you.

If you're self-hosting on a VPS—whether it's Hetzner, Racknerd, or DigitalOcean—you need a reverse proxy. It terminates SSL, handles subdomains, and keeps your internal services safe from the outside world.

I used to run Nginx. I also tried Traefik. But honestly? Caddy is the best tool for 95% of homelabbers. It's simple, secure by default, and it automates Let's Encrypt certificates without you ever having to touch a cron job.

Step 1: Install Caddy

On most Debian/Ubuntu VPSes (like the ones I run), this is as easy as:

curl https://caddyserver.com/install | sudo 

This pulls in a static binary and configures it to auto-renew certs. You're good to go.

Step 2: Configure Your Domain

I'll assume you have a domain pointing your A record to the VPS IP. Let's say my site is example.com and I want to host jellyfin.example.com.

Caddyfile {
    example.com {
        reverse_proxy jellyfin:8123 # Internal service name
        
        # SSL automatically configured
    }
}

Create this file at `/etc/caddy/Caddyfile and reload the service:

sudo systemctl reload caddy

Why Caddy Wins for Homelabs

• No Config Hell: Nginx requires you to manually manage certificate paths and cron jobs. Caddy does it automatically.
• Security First: It defaults to HTTP/2, HSTS, and security headers without you asking for them.
• Lightweight: Perfect for a $5 VPS where every megabyte counts.

Dynamic DNS Integration

If you're using Cloudflare Tunnel or Tailscale, Caddy can work with those too. Just add the appropriate block to your Caddyfile and you'll be accessible from anywhere securely.

Have questions? Drop them in the comments!