HTTPS Setup

Configure HTTPS with automatic SSL certificates using Caddy.

Using Caddy (Recommended)

Caddy automatically obtains and renews SSL certificates.

1. Install Caddy

# Debian/Ubuntu
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update
sudo apt install caddy

2. Configure Caddyfile

# /etc/caddy/Caddyfile
docka.example.com {
    reverse_proxy localhost:8080

    # WebSocket support for agent connections
    @websockets {
        header Connection *Upgrade*
        header Upgrade websocket
    }
    reverse_proxy @websockets localhost:8080
}

3. Start Caddy

sudo systemctl enable caddy
sudo systemctl start caddy

Using Nginx

server {
    listen 443 ssl http2;
    server_name docka.example.com;

    ssl_certificate /etc/letsencrypt/live/docka.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/docka.example.com/privkey.pem;

    location / {
        proxy_pass http://127.0.0.1:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
    }
}
← Configuration Troubleshooting →