How to setup CORS for the Caddy v2 API

1. Caddy version (caddy version):


2. How I run Caddy:

In a Docker container

a. System environment:

Docker (Scratch, no OS, using caddy-scratch

b. Command:

/caddy --resume

c. Service/unit/compose file:

docker run -p 2019:2019/tcp qmcgaw/caddy-scratch --resume

d. My complete Caddyfile or JSON config:


3. The problem I’m having:

I am developing a web ui for Caddy v2 using its API.

For now I have a ‘caddy ui server’ relaying http requests to Caddy to work around CORS, as the ui might be served on another host than where the caddy api runs.

I would ideally like to trim out this relaying of requests/responses by specifying some cors options for the admin api of Caddy. Is there any way to do so yet?

Also, would it be possible to have a CLI flag for Caddy to specify the admin listening address as well? Even better for my case would be a flag to specify allowed CORS hosts for the API but that may be a bit too niche.


You can modify which origins are allowed to access the admin endpoint:

No, all config is contained in a config structure. You can modify the admin’s address here: