Issue: #270
Date: January 13, 2026
Status: ✅ COMPLETE - RECOMMEND ADOPTION
This evaluation tested Caddy v2.10 as a TLS termination proxy for the Torrust Tracker stack. The primary success criterion was WebSocket support, which was the critical failure point for Pingoo (issue #234).
Result: ✅ Caddy successfully passes all tests, including WebSocket support.
- Experiment Report - Complete deployment procedure, test results, and technical details
- Security Scan - Docker security scan results for
caddy:2.10 - Production Deployment - Production configuration at
/opt/torrust/(reference for Tera templates) - Conclusion - Evaluation summary, comparison with alternatives, and recommendation
- Configuration Files - All configuration files used in the experiment (secrets redacted)
- WebSocket Support - Works perfectly (Pingoo failed this)
- Automatic HTTPS - Let's Encrypt certificates in ~3-4 seconds
- Simple Configuration - 21 lines (Caddyfile) vs complex nginx+certbot
- All Endpoints Working - Tracker API, HTTP Tracker, Grafana
- Built-in HTTP/3 - QUIC support out of the box
- Automatic Renewal - Zero operational overhead
URL: wss://grafana.torrust-tracker.com/api/live/ws
Status: 101 Switching Protocols
Result: ✅ Dashboard live updates working perfectly
✅ ADOPT CADDY as the TLS termination proxy for Torrust Tracker deployments.
- Create ADR documenting adoption decision
- Update deployer templates with Caddy configuration
- Document in user guide
- Migrate production deployments
- Caddy Official Website
- Caddy Documentation
- Issue #270
- Pingoo Evaluation (not adopted)