Caddy for Oracle Compute with Custom Domain configuration.

Caddy for Oracle Compute with Custom Domain configuration.

Caddy Server is an easy-to-use web server, lightning fast and easy to configure.

What can it do?

Here are 3 things it can do

Automatic HTTPS Encryption:

Caddy simplifies the process of enabling HTTPS for your websites. It automatically obtains and manages SSL/TLS certificates using Let's Encrypt, ensuring secure and encrypted connections without the hassle of manual certificate management.

Reverse Proxying:

You can use Caddy as a reverse proxy to route incoming requests to backend web applications or services. It provides easy-to-configure reverse proxy capabilities, making it a great choice for load balancing, API gateways, and securely exposing internal services.

Static File Serving:

Caddy can serve static files and websites with ease. It includes features like automatic index file generation, support for HTTP/2, and efficient file compression. This makes it suitable for hosting static websites and web applications.

I do Oracle, what can it do for me?

Basically, with a custom domain, or set of subdomains, you can acess all your kit. A 23c DB, an APEX instance, an ORDS API, a WordPress site, a Node.js Server... ok, you get the idea... anything on your VNIC from your Custom Domain.

I also like it can do HTTPS to HTTP with let's encrypt certifications auto-generated and auto-updated. You

Basically, write on the config file, and caddy does the rest.

This Guide

This guide will use the local installation of Caddy. I had too many issues with a rooted/rootless Docker container with reserved ports, even after attempts to circumvent these blocks. For now, it appears a local install is best. Caddy can run nicely in the background too

This tutorial outputs a simple message although, please see the section called "Caddyfile examples" for accessing typical Oracle OCI services. I'll keep this section updated.

Open the Ports

  1. Bash/Terminal into your machine

  2. Configure your Firewall

     SERV="$PERM --service=https"
     sudo firewall-cmd $PERM --new-service=caddys_port
     sudo firewall-cmd $SERV --set-short="caddy_port ports"
     sudo firewall-cmd $SERV --set-description="caddy_port port exceptions"
     sudo firewall-cmd $SERV --add-port=$YOURPORT/tcp
     sudo firewall-cmd $PERM --add-service=caddys_port
     sudo firewall-cmd --zone=public --add-service=caddys_port --permanent
     sudo firewall-cmd --permanent --zone=public --add-service=http
     sudo firewall-cmd --permanent --zone=public --add-service=https
     sudo firewall-cmd --reload
  3. In your Compute Instance, Right-click the VCN hyperlink and open the link in a new tab

  4. Click on Security Lists

  5. Click on Default Security List

  6. Click Add Ingress Rule for a CIDR of and a port of 80. See picture below.

  7. Click Add Ingress Rule at the bottom

  8. Repeat the steps for ports 443 & 2019.

Configure DNS

Point a sub/domain to your Unix box. Here I have an A subdomain called micro pointing at the IP address of my box

Install Caddy locally

  1. Type the following

     sudo dnf install 'dnf-command(copr)' -y
     sudo dnf copr enable @caddy/caddy -y
     sudo dnf install caddy -y
  2. Elevate ports

     sudo setcap cap_net_bind_service=+ep $(which caddy)

Configure a Caddyfile

  1. Type the following

     nano Caddyfile
  2. Paste in the following. For example, im adding my subdomain of or you can just add for the whole domain. {
              respond "hello, im Caddy"
  3. CTRL+X to Save the file

Run Caddy

Test caddy by running

sudo caddy run

or, once you are happy with how you've configured the Caddyfile, you can start it in the background

sudo caddy start
# to stop it, just type..
# sudo caddy stop

Test it out

Not Working? see the troubleshooting section.

Example Caddyfiles

Output plain text {
         respond "SNES > GENESIS"

Reverse Proxy to a Docker Container on port 8080 {
         reverse_proxy localhost:8080

Access APEX on Autonomous DB {
         # TODO


To stop too many redirects On Cloudflare To change your encryption mode in the dashboard:

  1. Log in to the Cloudflare dashboard and select your account and domain.

  2. Go to SSL/TLS.

  3. Choose encryption mode FULL (strict)