<![CDATA[
# Caddy Reverse Proxy
Here's an example of an insecure file server running on digital ocean:
```
python3 -m http.server 8080
```
Let's pretend we want to quickly secure this using https and a password. How would you do it?
First head over to duckdns.org and register a subdomain to the ip address of your server.
You should now be able to connect to your site via http://[yoursubdomain].duckdns.org:8080.
While functional this is open to the world and potentially dangerous.
Let's restrict it so it can only be accessed locally.
Control+c to quit out, and then bind it to 127.0.0.1
```
python3 -m http.server --bind 127.0.0.1 8080
```
Now using a socks proxy or vpn to the digital ocean server you could still access it, but the world won't be able to.
Have no fear though this is where Caddy comes into play, Caddy is a very easy to deploy reverse proxy that will make this world accessible again.
```
wget https://github.com/caddyserver/caddy/releases/download/v2.7.5/caddy_2.7.5_linux_amd64.tar.gz
tar xf caddy_2.7.5_linux_amd64.tar.gz
./caddy reverse-proxy --from yoursubdomain.duckdns.org --to :8080
```
And just like that we have a https certificate and the website is accessible from the internet again.
No weird configs, no nginx, apache, or haproxy servers needed.
To password protect this we'll need to create a config with a password
Control+c to quit the program
Set a user, password, and subdomain
```
CADDYUSER="admin"
CADDYPASS=`./caddy hash-password -p REPLACEPASSWORD`
SUBDOMAIN="yoursubdomain"
```
And create the config file (the file name is important)
```
cat > Caddyfile << EOF
$SUBDOMAIN.duckdns.org {
reverse_proxy * 127.0.0.1:8080
basicauth {
$USER $CADDYPASS
}
}
EOF
```
```
./caddy run
```
And that's it, give it a whirl, connect via https and login using username and the password you created.
## Note
If you don't use the Caddyfile file name you'll need to convert the file to JSON
```
./caddy adapt --config yourfile --validate --pretty
```
and copy the JSON out to its own file and pass it as a command line flag
```
./caddy run --config yourfile.json
```
]]>