1. The problem I’m having:
Hello guys, I’m trying to multiplex SSH and HTTPS for my LAN network devices, served under the *.home.lan private domain, but I’m banging my head on Caddy L4, and I’m not able to find a way to write a working config. I would like to multiplex router.home.lan and ap.home.lan. I found some code that I added to my config file here, but it’s not working. Do you have any suggestion that can apply to my configuration?
3. Caddy version:
2.10.2
4. How I installed and ran Caddy:
a. System environment:
UNRAID 6.12.15, Caddy running through docker.
d. My complete Caddy config:
{
# debug
email johnnymnemonic@gmail.com
servers {
client_ip_headers X-Forwarded-For
listener_wrappers {
layer4 {
@ssh_layer4 ssh
route @ssh_layer4 {
proxy 192.168.1.1:22 {
}
}
route
}
tls
}
}
}
*.home.lan {
tls internal
map {labels.2} {srv_group} {srv_name} {srv_port} {
ap 1 192.168.1.2 80
dns 1 192.168.1.1 3000
filebot 1 filebot 5800
files 1 filebrowser 80
links 1 linkding 9090
paper 1 paperless-ngx 8000
photo 1 immich 8080
plex 1 192.168.1.11 32400
router 1 192.168.1.1 80
speed 1 myspeed 5216
torrent 1 rflood 3000
vault 1 vaultwarden 80
zigbee 1 zigbee2mqtt 8080
webdav 11 - -
cert 12 - -
default 0 - -
}
# Check request group and create appropriate matcher.
# The idea is to generalize configuration for the services as much as possible.
@direct vars {srv_group} 1
@webdav vars {srv_group} 11
@cert vars {srv_group} 12
@error vars {srv_group} 0
handle @direct {
reverse_proxy {srv_name}:{srv_port}
}
handle @webdav {
route {
basic_auth {
user $xxxx
}
root /srv/webdav
webdav
}
}
handle @cert {
header {
Content-Type application/octet-stream
Content-Disposition `attachment; filename="caddy_root.crt"`
}
root * /data/caddy/pki/authorities/local
rewrite * /root.crt
file_server
}
handle @error {
error "Access Denied" 403
}
}