Caddy is a reverse proxy with automatic HTTPS via Let’s Encrypt and a config format an order of magnitude simpler than nginx. For a single-service Ollama deployment on our dedicated GPU hosting, Caddy is often the right tool.
Contents
Install
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl
curl -fsSL https://dl.cloudsmith.io/public/caddy/stable/gpg.key | \
sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt | \
sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update && sudo apt install caddyCaddyfile
api.yourdomain.com {
reverse_proxy localhost:11434 {
flush_interval -1
transport http {
read_timeout 1h
write_timeout 1h
}
}
}That’s it. Caddy handles certificate issuance and renewal automatically. flush_interval -1 disables output buffering – required for SSE streaming. Timeouts accommodate long LLM responses.
Auth
Simple token auth:
api.yourdomain.com {
@authorized header Authorization "Bearer your-secret-key"
handle @authorized {
reverse_proxy localhost:11434 {
flush_interval -1
}
}
respond 401
}More sophisticated: use Caddy’s built-in basic auth or plug in an external OIDC module.
Versus nginx
| Concern | Caddy | nginx |
|---|---|---|
| Config complexity | Very low | Moderate |
| TLS | Automatic | Manual / certbot |
| Performance | Good | Slightly better at scale |
| Ecosystem | Smaller | Larger |
For single-service simple deployments, pick Caddy. For complex multi-service routing or when your ops team already uses nginx, stick with nginx.
Ollama on UK Dedicated Hosting
Caddy + Ollama preconfigured with TLS and domain routing.
Browse GPU Servers
