1. Caddy version (caddy version
):
Caddy v1.0.1 (h1:oor6ep+8NoJOabpFXhvjqjfeldtw1XSzfISVrbfqTKo=)
2. How I run Caddy:
a. System environment:
Ubuntu 18.04.5 LTS
b. Command:
service caddy start
c. My Caddyfile
yolo.org {
root /var/www
}
sub.yolo.org {
proxy / https://somewhere {
transparent
insecure_skip_verify
}
}
other.yolo.org {
proxy / https://somewhereelse {
transparent
insecure_skip_verify
}
}
3. The problem I’m having:
The behaviour I’m trying to achieve, is that if someone visits any subdomain of yolo.org
that is not registered in my Caddyfile, they get to see a proper 404 error page.
For example, if a user asks for:
yolo.org/something.html
=> all good they see the/var/www/something.html
filesub.yolo.org
=> all good they see the appropriate appother.yolo.org
=> all good they see the appropriate appsomethingelse.yolo.org
=> they see the/var/www/404.html
fileqwertyqwerty.yolo.org
=> they see the/var/www/404.html
file
Ideally, if the user could not be redirected that would be great. But I doubt it’s achievable easily, for certificates purposes. So redirecting to yolo.org/404.html?askedsubdomain.yolo.org
would already be a nice achievement to me.
4. Error messages and/or full log output:
At the moment, when someone tried to connect to an unregistered subdomain (for example somethingelse
), this is what’s logged:
2021/04/11 12:43:56 http: TLS handshake error from XX.XX.XX.XXX:XXXXX: no certificate available for 'somethingelse.yolo.org'
And the browser shows:
Secure Connection Failed
An error occurred during a connection to somethingelse.yolo.org. Peer reports it experienced an internal error.
Error code: SSL_ERROR_INTERNAL_ERROR_ALERT
5. What I already tried:
I tried using the following syntaxes:
*.yolo.org {
root /var/www/404.html{host}
}
and
*.yolo.org {
redir https://yolo.org/404.html{host}
}
When I do so, caddy reports that the caddyfile is valid, but then fails to start the service if I try.
6. Links to relevant resources and side notes:
I found many posts and issues related to this issue, but usually very specific to a situation, and I wasn’t able to understand them enough to actually figure out the proper syntax I should use (for example: v2: HTTP-only wildcard sites still redirect to HTTPS if another site is configured with automatic HTTPS · Issue #3212 · caddyserver/caddy · GitHub, Caddyfile Concepts — Caddy Documentation).
I’m aware that my issue is a fairly standard issue, and I’m sorry I wasn’t able to figure it out without having to ask on the forum. But maybe this question can become a good future resource for people in my situation.
At the moment, I’m trying to achieve this using caddy v1, because this is what is installed on the server and I don’t have the possibility to change it at the moment. But recommendations on how to do it both with caddy v1 and v2 would be great as well, for future developments.
Thanks a lot for the consideration