1. Caddy version (caddy version):
v2.2.0 h1:sMUFqTbVIRlmA8NkFnNt9l7s0e+0gw+7GPIrhty905A=
2. How I run Caddy:
- On a Digital Ocean droplet
- Caddy is built with cloudflare_dns and certmagic using xcaddy
- I use the Admin API for config and not a manual Caddyfile
a. System environment:
Ubuntu 18.04.4
b. Command:
caddy start
c. Service/unit/compose file:
paste full file contents here
d. My complete Caddyfile or JSON config:
{
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"https://velosity.site{http.request.uri}"
]
},
"status_code": 302
}
]
}
]
}
],
"match": [
{
"host": []
}
],
"terminal": true
},
{
"match": [
{
"host": [
"root",
"*"
]
},
{
"path": [
"/var/www/html"
]
}
],
"terminal": true
},
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "vars",
"root": "/var/www/html"
}
]
},
{
"handle": [
{
"handler": "static_response",
"headers": {
"Location": [
"{http.request.uri.path}/"
]
},
"status_code": 308
}
],
"match": [
{
"file": {
"try_files": [
"{http.request.uri.path}/index.php"
]
},
"not": [
{
"path": [
"*/"
]
}
]
}
]
},
{
"handle": [
{
"handler": "rewrite",
"uri": "{http.matchers.file.relative}"
}
],
"match": [
{
"file": {
"split_path": [
".php"
],
"try_files": [
"{http.request.uri.path}",
"{http.request.uri.path}/index.php",
"index.php"
]
}
}
]
},
{
"handle": [
{
"handler": "reverse_proxy",
"transport": {
"protocol": "fastcgi",
"split_path": [
".php"
]
},
"upstreams": [
{
"dial": "unix//run/php/php7.2-fpm.sock"
}
]
}
],
"match": [
{
"path": [
"*.php"
]
}
]
},
{
"handle": [
{
"handler": "file_server",
"hide": [
"/etc/caddy/Caddyfile"
]
}
]
}
]
}
],
"match": [
{
"host": [
"rasmuslian.website",
"velosity.site",
"*.velosity.site"
]
}
],
"terminal": true
}
],
"tls_connection_policies": [
{}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"issuer": {
"challenges": {
"dns": {
"provider": {
"api_token": <token>
"name": "cloudflare"
}
}
},
"module": "acme"
},
"subjects": [
"velosity.site",
"*.velosity.site"
]
},
{
"issuer": {
"module": "internal"
},
"subjects": [
"*"
]
}
]
},
"certificates": {
"automate": [
"root",
"*"
]
}
}
}
}
3. The problem I’m having:
Hi, I recently started using Caddy for my server because I’m trying to create a web app that can (among many things) have the ability to add hosts to my config file. In other words, I want the users of my web app to be able to add their domain to my host config.
I have got the Admin API to work in the CLI for my server, but now I want to make it work remotely. My idea was to call the Admin API from a Firebase Cloud Function. The problem is I have a really hard time figuring out how I can do this, and also making the Admin API endpoint protected somehow.
In short my goal is to:
- Make Admin API available remotely
- Protect Admin API from unauthorized access (token, user&pass, etc)
4. Error messages and/or full log output:
No errors, haven’t gotten a working solution
5. What I already tried:
I was about to try this solution ( Access Caddy server API from remote http ), but was very unsure of how I could “have some kind of authentication or firewall limiting access to only you” and still let users via my web app add their domain to my host in Caddy.
Will let you know if I mess it up again (let’s hope not) 
