CosmicAC Logo
Deploy CosmicAC

Caddy Web Server Setup for CosmicAC

Install and configure Caddy as a reverse proxy for CosmicAC, including Tailscale TLS certificate integration and route configuration.

Caddy Web Server Setup for CosmicAC

Caddy is used as a reverse proxy to route traffic to the application components.

Install Caddy (Run as root/sudo)

# Install Caddy via apt
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https curl

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg

curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list

sudo apt update
sudo apt install caddy

# Verify installation
caddy version

Configure Tailscale for Caddy Certificates

To allow Caddy to obtain HTTPS certificates from Tailscale, add the following to /etc/default/tailscaled:

# Add Caddy certificate permission to Tailscale
echo 'TS_PERMIT_CERT_UID=caddy' | sudo tee -a /etc/default/tailscaled

# Restart Tailscale to apply changes
sudo systemctl restart tailscaled

This allows Caddy to automatically obtain and renew TLS certificates for your *.ts.net domain.

Configure Caddy

Create the Caddyfile at /etc/caddy/Caddyfile:

stg-cosmicac.tail8a2a3f.ts.net {
    # API routes -> app-node (port 3000)
    handle_path /api/* {
        reverse_proxy :3000
    }

    # Inference routes -> proxy-inference (port 8000) with streaming
    handle_path /inference/* {
        reverse_proxy :8000 {
            flush_interval -1
            transport http {
                read_buffer 0
                write_buffer 0
            }
        }
    }

    # Everything else -> UI (port 5173)
    reverse_proxy * :5173
}

Apply the configuration:

# Edit the Caddyfile
sudo nano /etc/caddy/Caddyfile

# Or create it directly
sudo tee /etc/caddy/Caddyfile << 'EOF'
stg-cosmicac.tail8a2a3f.ts.net {
    handle_path /api/* {
        reverse_proxy :3000
    }

    handle_path /inference/* {
        reverse_proxy :8000 {
            flush_interval -1
            transport http {
                read_buffer 0
                write_buffer 0
            }
        }
    }

    reverse_proxy * :5173
}
EOF

# Validate the configuration
sudo caddy validate --config /etc/caddy/Caddyfile

# Reload Caddy
sudo systemctl reload caddy

Caddy Service Management

# Start Caddy
sudo systemctl start caddy

# Enable Caddy to start on boot
sudo systemctl enable caddy

# Check status
sudo systemctl status caddy

# View logs
sudo journalctl -u caddy -f

# Reload after config changes
sudo systemctl reload caddy

Route Configuration Reference

RouteBackendPortDescription
/api/*app-node3000API endpoints
/inference/*proxy-inference8000Inference with streaming support
* (default)cosmicac-ui5173Frontend UI

Note: The flush_interval -1 and buffer settings on /inference/* enable real-time streaming for inference responses.

Node.js Environment Setup

Previous Page

Repository Setup

Next Page

On this page

Install Caddy (Run as root/sudo)
Configure Tailscale for Caddy Certificates
Configure Caddy
Caddy Service Management
Route Configuration Reference