On my new hobby project I use Cowboy standalone.
The certificate issuing is done with
As lego could not access the in use ports 443 & 80, I use a DNS challenge.
Cert renewal is triggered via a recurring task with
System.cmd/3 within the OTP application.
By the way as the OTP release does not run as
root on my setup, I also port forward 443 & 80 to 4443 & 4080 with the usage of
So for my little single application I don’t see a benefit in running a reverse proxy in front.
Also to keep the number of moving parts low.
In case you have real high traffic for your application, running a reverse proxy for offsite handling your TLS handshakes could be the reason why to do so.
For my company we currently run Nginx as reverse proxy.
But also thinking about to try Caddy now.
Even if Nginx makes really really no trouble at all.