Looking for moving to Caddy, but!

How to implement Caddy to serve platforms within the below needs,

  1. Act as TLS gate for subdomainX.domainY.com (multi subdomains for few domains)
  2. Act as reverse proxy with decrypt capabilities to non-TLS endpoints.

Please hint,
I need to eleminate certbot (LE client) and Pound (Reverse Proxy)

Sounds like proxy is the directive you want.

A psuedo Caddyfile for you:

subdomainx.domainy.com {
    root /var/www/html

subdomainz.domainy.com {
    proxy / http://endpoint:80 {

Find the rest of the docs here.

1 Like

@Whitestrake Thanks for the help
Is this going to grant auto TLS certifications for subdomainx.domainy.com and subdomainz.domainy.com with auto renewal as per auto-HTTPS feature?

Yes, HTTPS by Let’s Encrypt will be issued automatically. Take a look here for more information:

1 Like

This link will probably be helpful in explaining how the automatic certificate provisioning works:

@Nixtren’s link will be useful if you’d like to modify the behaviour at all from defaults - tls directives are optional and Automatic HTTPS will work without them.

1 Like

Great thanks for the support
One more thing please, regarding multi domains
I need to distinguish subscribed email address for LE certifications as admin@domainX.com and admin@domainY.com for relevant subdomains.

tls email

What’s the best approach to achieve that, should i proceed with running multi instances for Caddy i.e. multi CaddyFile?
Please advice.

You’ve got a bit of flexibility in your approach here. You can:

  1. Have multiple instances of Caddy, each with its own Caddyfile
  2. Have one instance of Caddy with multiple vhosts in a single Caddyfile
  3. Have one instance of Caddy with an import statement in the Caddyfile and write vhost etc for each site

I use option 3. To Caddy itself, it works exactly like option 2 does, it just cats all the imported etc into one big Caddyfile. My main Caddyfile has import /path/to/vhosts/*.caddy and I name my vhost etc in the form of my.domain.com.caddy.

So my.domain.com.caddy looks like this:

my.domain.com {
    tls admin@my.domain.com

And my.otherdomain.com.caddy looks like this:

my.otherdomain.com {
    tls admin@my.otherdomain.com