How to combine layer4 module with tls and http modules?

Thanks!

I’ve been finally able to implement the desired logic. In case readers of this issue are looking for a final result, my final result looks like this:

logging:
  logs:
    default:
      level: INFO
storage:
  "module": "file_system"
  "root": "/data"
apps:
  tls:
    certificates:
      automate:
        - livekit01.spvw.de
        - livekit-turns.spvw.de
  layer4:
    servers:
      main:
        listen: [":443"]
        routes:
          - match:
            - tls:
                sni:
                  - "livekit-turns.spvw.de"
            handle:
              - handler: tls
              - handler: proxy
                upstreams:
                  - dial: ["localhost:5349"]
          - match:
              - tls:
                  sni:
                    - "livekit01.spvw.de"
            handle:
              - handler: tls
                connection_policies:
                  - alpn: ["http/1.1"]
              - handler: proxy
                upstreams:
                  - dial: ["localhost:8000"]
  http:
    servers:
      api:
        listen:
        - ":8000"
        routes:
        - handle:
          - handler: subroute
            routes:
              - group: main-group
                match:
                  - path:
                    - "/api*"
                handle:
                  - handler: headers
                    response:
                      set:
                        Access-Control-Allow-Origin:
                          - "*"
                  - handler: headers
                    response:
                      set:
                        Access-Control-Allow-Methods:
                          - "GET, POST, PUT, DELETE, OPTIONS"
                  - handler: reverse_proxy
                    rewrite:
                      strip_path_prefix: "/api"
                    upstreams:
                      - dial: "localhost:8080"
              - group: main-group
                handle:
                  - handler: reverse_proxy
                    upstreams:
                      - dial: "localhost:7880"

I must admit, that the Caddyfile version looks way more readable and akin to Nginx :slight_smile: I wonder if my YAML version could be written simpler with less boilerplate. I would actually prefer to use Caddyfile, but as far as I got it (after reading all pages from the official docs apart from references for some modules that I don’t use), the Caddyfile is not as flexible as JSON (or any other adapter) and so writing the desired logic (like in my case) with Caddyfile is simply not possible due to the layer4 module not being available.

1 Like