Merge pull request #10 from fullmetalsheep/feature/update-faq

2026-02-19 18:14:15 +08:00 · 2025-10-09 21:01:24 +02:00 · 2025-10-09 21:01:24 +02:00 · 3dd8cb481c
commit 3dd8cb481c
parent 879a528346 8da0fdcfbf
1 changed files with 50 additions and 0 deletions
--- a/docs/FAQ.md
+++ b/docs/FAQ.md
@ -241,7 +241,57 @@ hide:
            - traefik.http.services.foo.loadbalancer.serverstransport=ignorecert@file
            - traefik.http.services.foo.loadbalancer.server.scheme=https
        ```
+  
+    === "Caddy"

+        When reverse proxying an HTTPS backend that uses a self-signed certificate, Caddy will normally reject it because it cannot verify the certificate authority. 
+
+        To skip this verification we can modify site entry of the [caddyfile](https://caddyserver.com/docs/quick-starts/caddyfile) as shown below:
+
+    !!! note
+        Replace `calibre.xxx.com` with your domain and `172.xxx.xxx.xxx:8181` with your backend service IP and port.
+
+
+    ```caddyfile
+    calibre.xxx.com {
+        reverse_proxy https://172.xxx.xxx.xxx:8181 {
+            transport http {
+                tls
+                tls_insecure_skip_verify
+            }
+        }
+    }
+    ```
+
+    ???+ tip "Bonus Tip 1: Caddy Snippets"
+        If you find yourself needing to do this for multiple services, you can also define a [caddy snippet](https://caddyserver.com/docs/caddyfile/concepts#snippets) and reuse it in your caddyfile like so:
+
+        ```caddyfile
+        (allow_insecure_ssl) {
+            transport http {
+                tls
+                tls_insecure_skip_verify
+            }
+        }
+        calibre.xxx.com {
+            reverse_proxy https://172.xxx.xxx.xxx:8181 {
+                import allow_insecure_ssl
+            }
+        }
+        ```
+
+    ???+ tip "Bonus Tip 2: caddy-docker-proxy"
+        If you use [caddy-docker-proxy](https://github.com/lucaslorentz/caddy-docker-proxy), you can simply apply the following labels to your docker-compose yaml file:
+
+        ```yaml
+        labels:
+            caddy: calibre.xxx.com
+            caddy.reverse_proxy: "{{upstreams https 8181}}"
+            caddy.reverse_proxy.transport: http
+            caddy.reverse_proxy.transport.tls:
+            caddy.reverse_proxy.transport.tls_insecure_skip_verify:
+        ```
+        
 ??? faq "Why does LinuxServer.io recommend to use docker-compose over Portainer?"

    ##### Why does LinuxServer.io recommend to use docker-compose over Portainer? { #portainer }