New to Caddy - Trying to get a wildcard certificate (reddthat.com)

submitted 1 year ago by d4nm3d@reddthat.com to c/selfhost@lemmy.ml

14 comments fedilink hide all child comments

I've been trying to get a wildcard certificate for my domain for use in Caddy..

i've got caddy installed and working fine but it seems i need to build caddy manually to include the cloudflaredns module?

My issue is that i installed caddy using apt.. so i'm not really sure what i'm meant to do now..

Does anyone have any suggestions?

you are viewing a single comment's thread
view the rest of the comments

[-] Perhyte@lemmy.world 0 points 1 year ago

Docker is also a bit tricky, because to use a custom binary you need to build a custom image. But if you don't mind manually installing updates it's not too bad.

[-] d4nm3d@reddthat.com 0 points 1 year ago

I had it running but it didn't seem to be issuing wildcards.. but afterwards i realised that whilst i had told it to use the cloudflare API.. i don't think at any stage i'd actually told it to issue wildcards.. i guess i need to figure out how to do that...

I'm questioning my need though really.. i think the docs say it's not recommended unless you're dealing with thousands of subdomains..

[-] Perhyte@lemmy.world 0 points 1 year ago

It will only issue wildcards if you have any sites named like *.yourdomain.com, i.e. it needs to see the *. to know to issue wildcards.

The relevant parts of my Caddyfile look like this:

{
	# TLS settings.
	acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
	email {env.ACME_EMAIL}
}

# Proxy a subdomain to a backend server.
# Usage: `import proxy subdomain backendHost`
(proxy) {
	@sub-{args.0} host {args.0}.{$DOMAIN}
	handle @sub-{args.0} {
		reverse_proxy http://{args.1}
	}
}

# Put everything in the same block to get a wildcard certificate.
*.{$DOMAIN} {
	# Handle particular subdomains.
	import proxy changedetection changedetection:5000
	import proxy uptime uptime-kuma:3001
	import proxy whoami whoami

	# Fallback message (unknown subdomain).
	handle {
		error "This subdomain is not currently in use." 404
	}
}

The (alias) snippet at the top is used in the site block to tell it how to use a particular subdomain.

(I've removed some Authelia stuff and handling the apex domain)

{$DOMAIN} fills in my base domain from the environment, and {env.*} does the same for my credentials (but without putting it in the JSON config).

[-] d4nm3d@reddthat.com 1 points 1 year ago

Amazing.. .thank you!

this post was submitted on 10 Jun 2023

2 points (75.0% liked)

Self Hosted - Self-hosting your services.

11419 readers

1 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

No harassment
crossposts from c/Open Source & c/docker & related may be allowed, depending on context
Video Promoting is allowed if is within the topic.
No spamming.
Stay friendly.
Follow the lemmy.ml instance rules.
Tag your post. (Read under)

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.

Cross-posting

!everything_git@lemmy.ml is allowed!
!docker@lemmy.ml is allowed!
!portainer@lemmy.ml is allowed!
!fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
!selfhosted@lemmy.ml is allowed!

If you see a rule-breaker please DM the mods!

founded 3 years ago

MODERATORS

Zoe8338@lemmy.ml

dogmuffins@lemmy.ml

testman@lemmy.ml