New to Caddy - Trying to get a wildcard certificate
New to Caddy - Trying to get a wildcard certificate
I've been trying to get a wildcard certificate for my domain for use in Caddy..
i've got caddy installed and working fine but it seems i need to build caddy manually to include the cloudflaredns module?
My issue is that i installed caddy using apt.. so i'm not really sure what i'm meant to do now..
Does anyone have any suggestions?
You're viewing part of a thread.
Thank you for this.. i need to take some time to read it more thoroughly... though your approach with Docker though will likely make a lot more sense for my environment.
Docker is also a bit tricky, because to use a custom binary you need to build a custom image. But if you don't mind manually installing updates it's not too bad.
I had it running but it didn't seem to be issuing wildcards.. but afterwards i realised that whilst i had told it to use the cloudflare API.. i don't think at any stage i'd actually told it to issue wildcards.. i guess i need to figure out how to do that...
I'm questioning my need though really.. i think the docs say it's not recommended unless you're dealing with thousands of subdomains..
It will only issue wildcards if you have any sites named like
*.yourdomain.com, i.e. it needs to see the*.to know to issue wildcards.The relevant parts of my Caddyfile look like this:
{ # TLS settings. acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN} email {env.ACME_EMAIL} } # Proxy a subdomain to a backend server. # Usage: `import proxy subdomain backendHost` (proxy) { @sub-{args.0} host {args.0}.{$DOMAIN} handle @sub-{args.0} { reverse_proxy http://{args.1} } } # Put everything in the same block to get a wildcard certificate. *.{$DOMAIN} { # Handle particular subdomains. import proxy changedetection changedetection:5000 import proxy uptime uptime-kuma:3001 import proxy whoami whoami # Fallback message (unknown subdomain). handle { error "This subdomain is not currently in use." 404 } }The
(alias)snippet at the top is used in the site block to tell it how to use a particular subdomain.(I've removed some Authelia stuff and handling the apex domain)
{$DOMAIN}fills in my base domain from the environment, and{env.*}does the same for my credentials (but without putting it in the JSON config).Amazing.. .thank you!