
Caddy Server Is Acquired By Apilayer - theBashShell
https://www.ardanlabs.com/news/2020/08/caddy-server-is-acquired/
======
mholt
Hi HN. Here's my own announcement with some details:
[https://caddy.community/t/caddy-and-certmagic-have-new-
owner...](https://caddy.community/t/caddy-and-certmagic-have-new-ownership-no-
changes-to-licensing-or-development/9754?u=matt)

Please note that there are no changes to licensing, and this transfer actually
happened about six months ago.

I'm quite happy about this. We're already seeing some great things. For
example, in Caddy 2.2 there will be native ZeroSSL ACME support (with Let's
Encrypt still being the default, because ZeroSSL requires EAB) -- which is
appealing because ZeroSSL doesn't have tight rate limits like Let's Encrypt
does. It's also good to diversify the ACME CA ecosystem a little bit.

I'm also less stressed and outputting better quality work this year. (Compare
the code base from Caddy 1 with that of Caddy 2 and you'll see what I mean.)

We have more committed maintainers as well due to its growth and stability,
which I'm very grateful to all who contribute!

~~~
narrationbox
Congratulations Matt! Big fans of Caddy here at Narration Box. The reverse
proxy setup and strong defaults are unmatched and are a joy to use. My
favourite feature is the Cloudflare Let's Encrypt DNS-01 challenge
integration, it makes adding TLS to internal networks a lot easier for devices
like the iPhone/iPad where the cert store is heavily locked down.

~~~
g8oz
I'd love to see a write up on this setup.

~~~
narrationbox
It is coming soon. We all post it here and on twitter when it's ready.

[https://twitter.com/narrationbox](https://twitter.com/narrationbox)

------
tpetry
Caddy is a really nice server but the documentation for v2 is kind of strange.
Every documented config setting is for the new json format, but there is
almost no information or examples for a complete json config. And all complete
examples are with the old Caddyfile which has now no documentation anymore.

~~~
brainzap
Agree, migrating was very painful

~~~
sethammons
I changed over months and months ago to v2. It was painful, but docs were
being written at the time, and the community was able to help me with most of
my problems. The one last problem I've not solved yet is having caddy 2 work
with bitwarden whereby bitwarden's ssl does not conflict with caddy 2. I was
unable to figure out how to work with it, so my bitwarden ssl expires every
month or two and I have to manually update the ssl by bringing down my
personal site for a couple of minutes.

~~~
m_sahaf
Can you share what your setup is like? I have bitwarden_rs self-hosted with
Caddy in the front doing TLS termination and proxying the request to
Bitwarden_rs and haven't experienced any issues for more than a year and half
now. There are many ways in how Caddy can be configured (e.g. maybe even just
keeping the certs updated, but not serving any HTTP requests [0]). Feel free
to drop a thread on the Caddy forum and we can help you out!

[0] [https://caddy.community/t/using-caddy-to-keep-
certificates-r...](https://caddy.community/t/using-caddy-to-keep-certificates-
renewed/7525)

~~~
sethammons
My setup if fully outlined here:
[https://sethammons.com/posts/bitwarden_with_caddy/](https://sethammons.com/posts/bitwarden_with_caddy/)

If I don't get any traction on help here, I'll be sure to jump over to the
community posts. Thanks!

~~~
m_sahaf
Bitwarden's docs say it's possible to bring your own certs[0]. The Bitwarden
marketplace image on DigitalOcean asks whether you want it to manage its own
certs or not. From minor googling, it seems you can change your mind later by
modifying a yaml file[1]. HN threading isn't best format for support. If this
still doesn't help, let's move the discussion elsewhere.

[0] [https://bitwarden.com/help/article/install-on-
premise/](https://bitwarden.com/help/article/install-on-premise/)

[1]
[https://gist.github.com/kylerchin/00e6990706183ddb0e0e792a1c...](https://gist.github.com/kylerchin/00e6990706183ddb0e0e792a1ce56822#file-
config-yml-L33)

------
nklmilojevic
Hi Matt and the team behind Caddy - I would say that we are very happy with it
in MailerLite ([https://www.mailerlite.com](https://www.mailerlite.com)). We
have a feature that is called landing domains, which gives the user
possibility to use custom domains for their landing pages built through us. We
also provide a free SSL certificate for it and previously have used nginx with
some custom LetsEncrypt implementation. With Caddy and its ask point we just
created a simple microservice which is hit each time there is a request to
Caddy to issue the certificate, returns status 200, and we are good to go. It
has been marvellous to use in our k8s setup with Redis plugin.

I'm also really happy that you improved startup time with 2.2.0rc1, because we
had problems as our setup is massive (over 8000 domains and certificates). It
took 17m previously when we redeployed the app for the pods to startup, now it
takes ~30s which is quite ok as we also have autoscaling in place.

As of the docs, I also find it a bit confusing, coming from v1. :) I use Caddy
for my personal stuff as well and it was quite a learning curve to get the
same setup I had before work in v2, but as you said, it is one-time only so it
is okay.

Keep up the great work!

~~~
mholt
Thanks for your feedback! That's great to know. The startup times were
recently improved in collaboration with one of our corporate sponsors, Fathom
Analytics.

The remaining duration is likely due to the speed of the storage backend
and/or CPU, but I'd need to see a profile to know with more certainty. 8000
certificates is a lot of decoding/encoding and crypto operations. Caddy can
handle it, but the hardware has to be up to snuff too. Post in our forum and
we can look for ways to optimize it even more once we know where the
bottleneck is.

~~~
nklmilojevic
Thank you! Will do.

------
ksec
Ok.

1\. It is now 404

2\. Apliayer ( [https://apilayer.com](https://apilayer.com) )

3\. What has Ardanlabs got to do with Apilayer?

4\. What is the relationship between Caddy, Ardanlabs, and Apilayer?

Edit: May be just change the link to

[https://caddy.community/t/caddy-and-certmagic-have-new-
owner...](https://caddy.community/t/caddy-and-certmagic-have-new-ownership-no-
changes-to-licensing-or-development/9754?u=matt)

~~~
hundchenkatze
1 - Ardan Labs changed the url to
[https://www.ardanlabs.com/news/2020/08/caddy-server-
acquired...](https://www.ardanlabs.com/news/2020/08/caddy-server-acquired-by-
apilayer/)

2, 3 - Based on the Cruchbase page for Apilayer, they were acquired by Ardan
Labs yestday.(?) [https://www.crunchbase.com/organization/apilayer-
ltd](https://www.crunchbase.com/organization/apilayer-ltd)

Or maybe the two companies bought Caddy together? I'm not really sure. > Ardan
Labs announces they have secured the acquisition of Caddy Server with
Apilayer.

~~~
mholt
Honestly that Crunchbase page looks automatically generated by a bot. It's not
accurate.

~~~
hobofan
Even if it's not automatically generated, Crunchbase is (or was?) a
crowdsourced wiki, and one of the worst ones at that, with next to no quality
control and moderation.

------
FlyingSnake
As a heavy Nginix user could someone shed some light on why Caddy is a better
alternative? Serious replies only, please.

~~~
francislavoie
\- Built-in ACME client, automated certificate management

\- Simpler configuration language, the Caddyfile

\- Single static binary, no external dependencies

\- Built with Go, so memory safety is essentially solved

\- Very pluggable if you need to add additional behaviour (simple Go module
plugin system)

\- Config API with graceful reloads

\- Plenty more, just scroll through the homepage to get an idea:
[https://caddyserver.com/](https://caddyserver.com/)

~~~
calcifer
The parent comment asked why Caddy is _better_ than Nginx but I'm not sure
some of these are applicable.

> Built with Go, so memory safety is essentially solved

Has there been any memory safety issues with Nginx?

> Very pluggable if you need to add additional behaviour

Nginx is easily extendable and has far, _far_ larger plugin ecosystem than
Caddy.

> Config API with graceful reloads

So does nginx, with "nginx -s reload"

~~~
mholt
> Has there been any memory safety issues with Nginx?

Yes, of course. For example, nginx uses openssl, so it was vulnerable to
Heartbleed, something Caddy can never be vulnerable to. Part of the point of
Caddy is to stop deploying C code to the edge.

> Nginx is easily extendable and has far, far larger plugin ecosystem than
> Caddy.

Nginx is also 4x older. I'd say for just a few years we're doing pretty good
with our very young plugin ecosystem. A lot of this depends on the community.
If you want it, make it so!

> So does nginx, with "nginx -s reload"

I think he was referring to a REST/JSON API that isn't unix-specific.

~~~
calcifer
Good point about openssl!

> Nginx is also 4x older.

I know, but the GP claimed Caddy's plugin ecosystem was an advantage over
Nginx, which just isn't true.

> I think he was referring to a REST/JSON API that isn't unix-specific.

Got it, thanks. Though I wonder how many people actually need a REST API for
config reloads given practically everyone runs servers on Linux.

~~~
joshmanders
You'd be surprised how helpful having a REST API for config reloads is when
you're serving more than a simple static site.

------
rhacker
Does it make sense to announce that a company has "acquired" an open source
project? Wouldn't it make sense to title and write the article that the
company that writes most (or all) of the code was acquired? "Light Code Labs,
LLC."

~~~
mholt
Light Code Labs was not acquired; just the Caddy and CertMagic projects and
their assets.

~~~
krn
Would it be safe to say then, that Apilayer has simply acquired the trademarks
and the domain name of an open-source project?

Edit: If the entire project is licensed under Apache License 2.0, what does
acquiring the copyright give? The ability to change the license going forward?

~~~
renewiltord
And the copyright, dude. And literally what else is there? That's the project
itself.

------
RcouF1uZ4gsC
Just wanted to say that I love CaddyServer. It is super easy to use with
minimal boilerplate. The automatic https support it uses LetsEncrypt to
acquire a cert for the domain it is hosting is awesome and one of my favorite
features!

Congratulations on the acquisition!

~~~
mholt
Thanks! It's great to hear the positive experiences too.

------
hundchenkatze
It seems Ardan Labs changed the url to
[https://www.ardanlabs.com/news/2020/08/caddy-server-
acquired...](https://www.ardanlabs.com/news/2020/08/caddy-server-acquired-by-
apilayer)

~~~
ardan_bkennedy
The original URL was put back [https://www.ardanlabs.com/news/2020/08/caddy-
server-is-acqui...](https://www.ardanlabs.com/news/2020/08/caddy-server-is-
acquired/)

------
guggle
Thank you for Caddy ! It's been my default HTTP server for a few months and so
far the user experience is stellar.

------
jarym
I must admit I saw this when it was first announced and I didn’t get why it
was better but seeing it again and having more time on my hands I intend to
experiment a bit further.

Congratulations to the author for their success - it is clear they’ve created
a community of happy users and probably worked really hard to get here.

------
thomasfromcdnjs
Caddy is the best way to get junior devs up to speed. And the reverse proxy is
amazing. And it is easy to know what caddy is doing compared to nginx etc

------
pcein
The first time I used caddy (came to it from nginx), I was blown away by how
simple it was to get up and running (letsencrypt etc...). Thank you for
creating something wonderful, and congratulations!

------
alextselikas
I talked to matt when Caddy 2 launched and was very helpful. Caddy is a great
piece of software!

------
atonse
Didn't they already join forces a while back? Am I missing something here?

And what does this do for Caddy as an open source server? Will it fork into a
confusing mess of features like nginx did?

Update: According to mholt's post above, the gist:

\- happened 6 months ago

\- everything is still Apache 2.0

~~~
mholt
I was hired by Ardan Labs last year to develop Caddy 2. Ardan is still the
exclusive partner for business/enterprise support (which I recommend for
companies using Caddy). I now work on Caddy full-time through support from
apilayer (the new owner) and other sponsors. This should be a more stable and
long-term arrangement that benefits everyone, especially the user base /
community!

The last six months should give you some idea.

And no, I'd rather quit than make a mess of the project.

~~~
atonse
Great, and congrats again on the arrangement. Definitely more sustainable.

------
fb03
What does this means for Caddy? Are we gonna need to fork or are they gonna
simply keep developing it in an open way? I wasn't able to grok this info from
the post in the link.

Thanks in Advance.

~~~
freedomben
Looks like the license won't change, and now there's an easy way to get a
paycheck[1]

[1]: [https://caddy.community/t/caddy-and-certmagic-have-new-
owner...](https://caddy.community/t/caddy-and-certmagic-have-new-ownership-no-
changes-to-licensing-or-development/9754?u=matt)

~~~
fb03
amazing! thank you

------
gigatexal
so is this an acqui-hire?

------
dzonga
is there anything for caddy, like nginx nchan ?

~~~
francislavoie
Not currently, no. It shouldn't be too hard to implement a plugin that does
something similar though! If there's an existing pubsub solution in golang, it
could be integrated into Caddy.

