Set up a complete AI services stack with Open WebUI as the main interface,
secured behind Caddy reverse proxy with automatic HTTPS via Namecheap DNS
challenge. Tailscale integration provides secure remote access.
- Configure Open WebUI to connect to Ollama backend
- Set up Caddy with Namecheap DNS plugin for wildcard SSL certificates
- Add Tailscale for secure networking with health checks
- Configure reverse proxy to forward requests to Open WebUI
- Enable proper header forwarding for client IP preservation
- Set up persistent volumes for data, config, and SSL certificates
- Configure JSON logging with rotation for all services
Add persistent volume mounts for caddy config, data, and share directories, and
improve healthcheck settings with longer intervals, timeout, and start period
for better reliability
- Add caddy.env to gitignore for sensitive DNS credentials
- Replace manual SSL certificates with Let's Encrypt DNS challenge using
Namecheap
- Build custom Caddy image with namecheap DNS plugin
- Configure wildcard SSL for *.lan.poldebra.me domain
- Update docker-compose to use custom Caddy build and environment file
Note: we had to downgrade to Caddy 2.9, see
https://github.com/caddy-dns/namecheap/issues/14 for more information
