this post was submitted on 10 Jun 2023
2 points (100.0% liked)

Self Hosted - Self-hosting your services.

11419 readers
2 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules

Important

Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!

Cross-posting

If you see a rule-breaker please DM the mods!

founded 3 years ago
MODERATORS
 

I've been trying to get a wildcard certificate for my domain for use in Caddy..

i've got caddy installed and working fine but it seems i need to build caddy manually to include the cloudflaredns module?

My issue is that i installed caddy using apt.. so i'm not really sure what i'm meant to do now..

Does anyone have any suggestions?

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 0 points 1 year ago (1 children)

It will only issue wildcards if you have any sites named like *.yourdomain.com, i.e. it needs to see the *. to know to issue wildcards.

The relevant parts of my Caddyfile look like this:

{
	# TLS settings.
	acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
	email {env.ACME_EMAIL}
}

# Proxy a subdomain to a backend server.
# Usage: `import proxy subdomain backendHost`
(proxy) {
	@sub-{args.0} host {args.0}.{$DOMAIN}
	handle @sub-{args.0} {
		reverse_proxy http://{args.1}
	}
}

# Put everything in the same block to get a wildcard certificate.
*.{$DOMAIN} {
	# Handle particular subdomains.
	import proxy changedetection changedetection:5000
	import proxy uptime uptime-kuma:3001
	import proxy whoami whoami

	# Fallback message (unknown subdomain).
	handle {
		error "This subdomain is not currently in use." 404
	}
}

The (alias) snippet at the top is used in the site block to tell it how to use a particular subdomain.

(I've removed some Authelia stuff and handling the apex domain)

{$DOMAIN} fills in my base domain from the environment, and {env.*} does the same for my credentials (but without putting it in the JSON config).

[โ€“] [email protected] 1 points 1 year ago

Amazing.. .thank you!