1. Caddy version (caddy version):
v2.4.1 h1:kAJ0JB5Xk5gPdTH/27S5cyoMGqD5lBAe9yZ8zTjVJa0=
2. How I run Caddy:
I’m running a very, very, very simple Caddy setup currently, with just one domain setup behind a reverse proxy with zstd and gzip compression enabled. My Caddyfile is below.
a. System environment:
Ubuntu 20.04.2, using systemd
b. Command:
sudo service caddy start
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile or JSON config:
https://cloak.lazinesspaysoff.org {
reverse_proxy localhost:1080
encode zstd gzip
}
3. The problem I’m having:
I’m not having a problem, I’m trying to understand if something I’d like to do is possible. With nginx running with the Let’s Encrypt bot, I can set the bot to automatically drop my UFW firewall when it’s time to renew my SSL certificates, then it will re-enable the firewall once it’s completed its task.
My search on the internet hasn’t yielded any results in the ability to do such a thing. Is that possible with Caddy?
4. Error messages and/or full log output:
5. What I already tried:
As mentioned, I already spent a while searching on Google using different terms to try and see if what I want is doable, as well as reading the automatic HTTPS page but came up blank.