Edge behind Caddy

In one sentence

A handle_path block reverse-proxies the Octet prefix to the edge, with automatic HTTPS and WebSocket support out of the box.

Caddy is the simplest accurate setup: it provisions Let's Encrypt certificates automatically and proxies WebSockets without extra configuration. This assumes apiUrl: 'https://yourapp.com/octet'.

Caddyfile

yourapp.com {
    # ... your existing site config ...

    handle_path /octet/* {
        reverse_proxy 127.0.0.1:8080 {
            header_up X-Forwarded-For {remote_host}
        }
    }
}

handle_path strips the matched /octet prefix, so /octet/v1/signals reaches the edge as /v1/signals (and /octet/v1/ws as /v1/ws). Caddy upgrades the WebSocket automatically. header_up X-Forwarded-For {remote_host} gives the edge the source IP.

Connection-termination note

As with any reverse proxy, Caddy terminates the browser's connection here, so the connection-level timing signal reflects the Caddy↔edge hop rather than the browser. The integration still works on the remaining signals; for the strongest result, minimise the hops in front of this host and confirm the termination topology with Octet during onboarding. Avoid putting a separate TLS-terminating CDN/LB in front — see Cloud LB / CDN.

Where to go next

Deploy the Edge. Env vars and the termination rule.
Fetch the Verdict. Read the result on your backend.

Caddyfile​

Connection-termination note​

Where to go next​

Caddyfile

Connection-termination note

Where to go next