1. Caddy version (caddy version
):
2.4.3
2. How I run Caddy:
We use automatic https and on demand tls to create certificates for white label domains that have their dns pointed at our application. We use a purchased wildcard certificate to handle tls for our main application domain + subdomains. I would like to re-direct non-www traffic to our main domain to www. White Label domains and subdomains do not require non-www to www redirects.
a. System environment:
AWS amazon linux 2
b. Command:
caddy config reload --config /etc/caddy/Caddyfile
c. Service/unit/compose file:
[Unit]
Description=Caddy
Documentation=https://caddyserver.com/docs/
After=network.target network-online.target
Requires=network-online.target
[Service]
Type=notify
User=caddy
Group=caddy
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
TimeoutStopSec=5s
LimitNOFILE=1048576
LimitNPROC=512
PrivateTmp=true
ProtectSystem=full
AmbientCapabilities=CAP_NET_BIND_SERVICE
[Install]
WantedBy=multi-user.target
d. My complete Caddyfile or JSON config:
{
email servers@flipcause.com
on_demand_tls {
ask http://internal-flipcause-Staging-LB-1266596132.us-east-1.elb.amazonaws.com/caddy-endpoint/index.php
interval 2m
burst 5
}
}
https://staging-flipcause.com {
tls /etc/staging-flipcause.com/ssl/staging-flipcause.com.pem /etc/staging-flipcause.com/ssl/staging-flipcause.com.key
redir https://www.staging-flipcause.com{uri} 307
}
*.staging-flipcause.com {
tls /etc/staging-flipcause.com/ssl/staging-flipcause.com.pem /etc/staging-flipcause.com/ssl/staging-flipcause.com.key
log {
output file /var/log/caddy/access.log
}
reverse_proxy http://internal-flipcause-Staging-LB-1266596132.us-east-1.elb.amazonaws.com {
header_up Host {http.reverse_proxy.upstream.hostport}
header_up User-Custom-Domain {host}
health_timeout 5s
}
}
*.flipca.us {
tls /etc/whitelabel/flipca.us.pem /etc/whitelabel/flipca.us.key
log {
output file /var/log/caddy/access.log
}
reverse_proxy http://internal-flipcause-Staging-LB-1266596132.us-east-1.elb.amazonaws.com {
header_up Host {http.reverse_proxy.upstream.hostport}
header_up User-Custom-Domain {host}
health_timeout 5s
}
}
:80 {
respond /health 200
}
:443 {
tls {
on_demand
}
log {
output file /var/log/caddy/access.log
}
reverse_proxy http://internal-flipcause-Staging-LB-1266596132.us-east-1.elb.amazonaws.com {
header_up Host {http.reverse_proxy.upstream.hostport}
header_up User-Custom-Domain {host}
health_timeout 5s
}
}
3. The problem I’m having:
I am trying to correctly redirect requests to staging-flipcause.com to www.staging-flipcause.com in the context of an accompanying wildcard block.
4. Error messages and/or full log output:
I am seeing 307 redirects even when I directly hit www.staging-flipcause.com urls, which makes me think I may not have the syntax of my redirect correct in my Caddyfile.
5. What I already tried:
I think all my efforts are there in the Caddyfile. I also tried creating a
@foo host staging-flipcause.com
handle @foo {
redir www.staging-flipcause.com
}
block nested in the *.staging-flipcause.com block, but received too many redirect errors.
6. Links to relevant resources:
If you visit https://www.staging-flipcause.com you will see that a 307 redirect is showing on some of the network calls which confuses me since I would think that www.staging-flipcause.com requests would hit the *.staging-flipcause.com block directly.
Thanks for any help!