← Back to Skills Marketplace
ivangdavila

Caddy

by Iván · GitHub ↗ · v1.0.0
linuxdarwinwin32 ✓ Security Clean
1004
Downloads
2
Stars
7
Active Installs
1
Versions
Install in OpenClaw
/install caddy
Description
Configure Caddy as a reverse proxy with automatic HTTPS and simple Caddyfile syntax.
README (SKILL.md)

Caddy Configuration Rules

Automatic HTTPS

  • Caddy provisions SSL certificates automatically — don't manually configure Let's Encrypt unless you have specific needs
  • Domain must resolve to the server publicly for HTTP challenge — use DNS challenge for internal/wildcard certs
  • Ports 80 and 443 must be free — Caddy needs both even for HTTPS-only (80 handles ACME challenges and redirects)
  • Let's Encrypt has rate limits — use staging CA during testing to avoid hitting production limits

Caddyfile Syntax

  • Indentation is significant — blocks are defined by indentation, not braces in shorthand
  • Site blocks need a space before the opening brace: example.com { not example.com{
  • Use caddy fmt --overwrite to fix formatting — catches most syntax issues
  • Validate before applying: caddy validate --config /etc/caddy/Caddyfile

Reverse Proxy

  • Caddy adds X-Forwarded-For, X-Forwarded-Proto, X-Forwarded-Host automatically — don't add them manually
  • WebSocket works out of the box — no special configuration needed
  • Load balancing is automatic with multiple backends — default is random, use lb_policy to change
  • Passive health checks remove failed backends automatically

Docker Networking

  • Use container names as hostnames: reverse_proxy container_name:3000
  • Caddy and backends must share a Docker network — default bridge doesn't support DNS resolution
  • For Docker Compose, service names work as hostnames when on the same network

Configuration Management

  • Use caddy reload not restart — reload applies changes without dropping connections
  • Config changes are atomic — if new config fails validation, old config stays active
  • Test without applying: caddy adapt --config Caddyfile shows parsed JSON output

Certificate Storage

  • Certificates stored in ~/.local/share/caddy by default — preserve this across reinstalls
  • For Docker, mount volumes for /data and /config — losing these means re-requesting all certificates
  • Multiple Caddy instances need shared storage or will fight over certificates

Debugging

  • Enable debug logging: add debug as first line in global options block
  • Check certificate status in /data/caddy/certificates/ directory
  • Common issue: DNS not pointing to server yet — certificates fail silently until domain resolves

Security Headers

  • Caddy doesn't add security headers by default — add X-Frame-Options, X-Content-Type-Options explicitly
  • HSTS is automatic when serving HTTPS — no manual configuration needed

Performance

  • Handles thousands of concurrent connections without tuning
  • HTTP/3 available with servers { protocols h1 h2 h3 }
  • Compression automatic for text content
Usage Guidance
This skill is a safe, instruction-only reference for configuring Caddy. Before using it: ensure the caddy binary on your system is from an official/trusted source; be aware Caddy needs permission to bind ports 80/443 (may require root or CAP_NET_BIND_SERVICE); back up /data and /config if you rely on persisted certificates; use Let's Encrypt staging for testing to avoid rate limits; review any commands the agent executes (caddy validate/format/reload) to confirm they match your system paths and intentions.
Capability Analysis
Type: OpenClaw Skill Name: caddy Version: 1.0.0 The skill bundle is benign. The `_meta.json` file contains standard metadata for the 'caddy' skill. The `SKILL.md` file provides comprehensive documentation and best practices for configuring Caddy as a reverse proxy. It explicitly declares the `caddy` binary as a requirement and contains no executable code, prompt injection attempts, or instructions that would lead to data exfiltration, unauthorized execution, or other malicious activities by an AI agent. All mentioned commands and file paths are standard for Caddy operation.
Capability Assessment
Purpose & Capability
Name/description (Caddy reverse proxy + HTTPS) align with the requirements and instructions: the SKILL.md only references Caddy-specific commands, config paths (/etc/caddy/Caddyfile, /data, /config, ~/.local/share/caddy) and Docker networking relevant to running Caddy. No unrelated binaries, services, or credentials are requested.
Instruction Scope
The runtime instructions stay within the scope of configuring and debugging Caddy: advice on ACME, formatting/validation commands (caddy fmt, caddy validate, caddy adapt), reload vs restart, certificate storage, Docker networking, and debugging paths. It does reference local filesystem paths and ports 80/443, but these are expected and necessary for Caddy operation and not extraneous data-collection or exfiltration steps.
Install Mechanism
Instruction-only skill with no install spec or code to fetch. This is low-risk: nothing will be written or executed by the skill itself beyond instructing the agent to use the existing caddy binary that the environment must provide.
Credentials
No environment variables, credentials, or unrelated config paths are requested. The only required binary is caddy, which is proportionate to the stated functionality of configuring Caddy.
Persistence & Privilege
The skill is not marked always:true and does not request persistent system modifications. It only advises on using system paths that Caddy normally uses; it does not instruct the agent to modify other skills or global agent settings.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install caddy
  3. After installation, invoke the skill by name or use /caddy
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Slug caddy
Version 1.0.0
License
All-time Installs 8
Active Installs 7
Total Versions 1
Frequently Asked Questions

What is Caddy?

Configure Caddy as a reverse proxy with automatic HTTPS and simple Caddyfile syntax. It is an AI Agent Skill for Claude Code / OpenClaw, with 1004 downloads so far.

How do I install Caddy?

Run "/install caddy" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Caddy free?

Yes, Caddy is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Caddy support?

Caddy is cross-platform and runs anywhere OpenClaw / Claude Code is available (linux, darwin, win32).

Who created Caddy?

It is built and maintained by Iván (@ivangdavila); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments