curl http://localhost:2019/metrics

metrics /metrics {
    disable_openmetrics
}

caddy_http_request_count_total{handler="reverse_proxy",server="srv0"}

caddy_http_request_duration_seconds{handler="file_server",server="srv0"}

caddy_http_request_size_bytes{handler="reverse_proxy",server="srv0"}

caddy_http_response_size_bytes{handler="reverse_proxy",server="srv0"}

caddy_http_requests_in_flight{server="srv0"}

caddy_reverse_proxy_upstreams_request_count_total{upstream="10.0.0.1:8080"}

caddy_reverse_proxy_upstreams_healthy{upstream="10.0.0.1:8080"}

caddy_reverse_proxy_upstreams_request_duration_seconds{upstream="10.0.0.1:8080"}

caddy_tls_handshakes_total{conn_policy="0"}

caddy_tls_client_cert_count{conn_policy="0"}

caddy_admin_http_requests_total{handler="config",path="/config/"}

caddy_admin_http_request_errors_total{handler="config",method="POST",path="/config/"}

rate(caddy_http_request_count_total[5m])

sum(rate(caddy_http_request_count_total{status=~"5.."}[5m]))

histogram_quantile(0.95, 
  rate(caddy_http_request_duration_seconds_bucket[5m])
)

caddy_reverse_proxy_upstreams_healthy

groups:
  - name: caddy
    interval: 30s
    rules:
      # High error rate
      - alert: CaddyHighErrorRate
        expr: |
          rate(caddy_http_request_count_total{status=~"5.."}[5m]) > 0.05
        for: 5m
        labels:
          severity: warning
        annotations:
          summary: "High 5xx error rate on {{ $labels.server }}"
          
      # Upstream down
      - alert: CaddyUpstreamDown
        expr: caddy_reverse_proxy_upstreams_healthy == 0
        for: 1m
        labels:
          severity: critical
        annotations:
          summary: "Upstream {{ $labels.upstream }} is down"
          
      # High response time
      - alert: CaddyHighLatency
        expr: |
          histogram_quantile(0.95,
            rate(caddy_http_request_duration_seconds_bucket[5m])
          ) > 1.0
        for: 5m
        labels:
          severity: warning
        annotations:
          summary: "High response latency on {{ $labels.server }}"
          
      # Certificate expiring
      - alert: CaddyCertificateExpiringSoon
        expr: |
          (caddy_tls_certificate_not_after_timestamp - time()) / 86400 < 7
        labels:
          severity: warning
        annotations:
          summary: "Certificate {{ $labels.subject }} expires in less than 7 days"

import (
    "github.com/prometheus/client_golang/prometheus"
    "github.com/caddyserver/caddy/v2"
)

var myCounter = prometheus.NewCounterVec(
    prometheus.CounterOpts{
        Namespace: "caddy",
        Subsystem: "mymodule",
        Name:      "operations_total",
        Help:      "Total number of operations",
    },
    []string{"type"},
)

func init() {
    caddy.RegisterModule(MyModule{})
}

func (m *MyModule) Provision(ctx caddy.Context) error {
    registry := ctx.GetMetricsRegistry()
    if registry != nil {
        registry.MustRegister(myCounter)
    }
    return nil
}

{
    # Enable metrics on admin endpoint (default)
    admin localhost:2019
}

# Public metrics endpoint with authentication
metrics.internal.example.com {
    # Restrict to internal network
    @metrics {
        path /metrics
        remote_ip 10.0.0.0/8
    }
    
    handle @metrics {
        metrics {
            disable_openmetrics false
        }
    }
    
    handle {
        respond 404
    }
    
    # Optional: Add authentication
    basicauth {
        prometheus $2a$14$...
    }
}

# Main application with instrumentation
app.example.com {
    # All requests are automatically instrumented
    reverse_proxy backend:8080 {
        # Health checks also generate metrics
        health_uri /health
        health_interval 30s
    }
    
    # Log for correlation with metrics
    log {
        output file /var/log/caddy/app.log
        format json
    }
}