Caddy vs Nginx Proxy Manager vs Traefik: Reverse Proxy Showdown (Real Let’s Encrypt HTTPS)

In this video we compare the 3 most homelab friendly reverse proxies the practical way: Caddy vs Nginx Proxy Manager (NPM) vs Traefik. We run the same test container (whoami) behind each proxy and request a real Let’s Encrypt certificate using HTTP-01, so you can see what the setup and workflow actually feels like. Links - Guide: https://github.com/HomeSecExplorer/videos/blob/main/CaddyVsNpmVsTraefik.md What you’ll learn - What a reverse proxy does (TLS/HTTPS, routing, optional auth, allowlists, logging) - The fastest way to get trusted HTTPS in a homelab - When to pick Caddy vs NPM vs Traefik - How HTTP-01 works (and why port 80 must be reachable from the internet) - A quick security checklist for reverse proxies Quick “pick this if” guide - Pick Caddy if you want the simplest “it just works” HTTPS and a clean config file - Pick NPM if you want a GUI and click-ops for hosts + certificates - Pick Traefik if your services change often and you want Docker labels (and Kubernetes later) Requirements (for this exact lab) - Linux host with Docker + Docker Compose - A domain that resolves publicly to your WAN IP (DDNS is fine) - Port forward TCP 80 to your proxy host (required for Let’s Encrypt HTTP-01) - Optional: port forward TCP 443 to your proxy host (for public HTTPS) Comment below: Which proxy are you using and why? Timestamps: 00:00 Intro 01:54 Quick “pick this if” decision guide 02:30 Baseline test service: whoami container 03:32 Caddy 04:46 Nginx Proxy Manager 06:36 Traefik 08:08 Which one should you use? 08:46 Info and Outro Doc's https://github.com/HomeSecExplorer Social's https://bento.me/homesecexplorer