I’m using caddy v2 as a reverse proxy for containers, and my host has many DNS aliases. I want to have a way to drop the connection for requests to DNS hostnames that are not in the caddyfile.
Well, if you’re using TLS, then Caddy will respond with a TLS handshake failure if it didn’t have an appropriate certificate. I assume the connection is closed automatically in those situations.
So it depends on how your Caddyfile is structured. Could you please share it, so we can discuss how that would look?
ah, I use wildcard certs, so that too doesn’t work.
My caddyfile is dynamic - its generated from container labels - but basically - I want to have a way to specify “if we match this” (or “if no match has been made”) close.
I’m aware that this isn’t identical to what would happen if there was nothing listening to the port, but its a start.
{
admin 0.0.0.0:2019
email sven@home.org.au
debug true
}
(dns_api_gandi) {
tls {
issuer acme {
dns gandi {env.GANDIV5_API_KEY}
}
issuer internal
}
}
*.loc.alho.st loc.alho.st {
@testing_loc_alho_st {
host testing.loc.alho.st
}
import dns_api_gandi
route @testing_loc_alho_st {
respond Testing
}
# <<<<<< HERE is where I'd like to say if nothing matched so far, just close
}
I was pretty sure that’s what I tried first - so I re-ran it, and this gives me
[ERROR] Removing invalid block: parsing caddyfile tokens for ‘respond’: Caddyfile:135 - Error during parsing: Wrong argument count or unexpected line ending after ‘respond’