Understanding Caddy Config

avestuk · January 15, 2018, 10:47am

Hi,

I’ve inherited some infrastructure and as part of this we have a Caddy server.

I’ve gone through the Caddy file and I’m happy with all of the config except for the :443, :80 start of the block.

I assume that :443 and :80 are telling Caddy to listen on port 443 and 80? Or is it that if traffic comes in on either of these ports to use the configuration in the block?

:443, :80 {
  root /opt/caddy/html

  proxy / PROXY_IP1 PROXY_IP2 {
    policy ip_hash
    transparent
    except /proxy_health
  }

  log / /var/log/caddy/access.log "[{when}] {hostname} {method} {host} {path} {query} {status} {latency} {size} {>X-Forwarded-For} {>X-Forwarded-Proto} {>X-Dest-Ip}"
  errors /var/log/caddy/errors.log

  tls letsencrypt@example.com
  tls {
    max_certs 100
  }


  realip {
    from 1.1.1.1/32
  }
}

Is there any documentation over starting a block like this? I wasn’t able to find any.

Thanks.

matt · January 15, 2018, 11:00am

Yep, it tells Caddy to respond with the site defined in that whole block for all requests to port 443 and port 80. If any other sites are defined with specific hostnames on those ports, they will have priority, but if that’s all there is, this is a catch-all. This is explained here in the docs: https://caddyserver.com/docs/http-caddyfile#addresses

Bit of a shame, this config doesn’t benefit from automatic HTTP->HTTPS redirects. Changing the first line to just :443 { would enable redirects, I believe. The tls lines can also be combined:

tls letsencrypt@example.com {
    max_certs 100
}

I fixed the formatting of your post, too, to use a code block instead of a quote.

avestuk · January 15, 2018, 11:21am

Thanks very much.

I’m not sure how I missed that page!

system · April 15, 2018, 11:21am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.