Use Caddy for listen to all domains

Hi all,

I want to switch from Apache to Caddy.
I wondered how can I listen to all domains which point to my server with a CNAME record. Could you help me with a sample configuration file?

Thanks

Hi @Majid,

You can define a site that serves any hostname by leaving the hostname empty and specifying only the scheme or port.

Any of the example addresses here without an actual domain present are domain-agnostic: Caddyfile Concepts — Caddy Documentation

Refer to the structure of the Caddyfile for an idea of layout - you want to use one of those domain-agnostic addresses in the blue-highlighted “Site address” area when you write your configuration: Caddyfile Concepts — Caddy Documentation

You can find the documentation on the v2 Caddyfile below. I’d advise looking into the quick start guide, the full tutorial, and the concepts pages as good places to start.

1 Like

Thank you @Whitestrake

I have changed my config to this:

:443 {
     root /var/www/html
     tls email@example.com
     gzip

     fastcgi / /run/php/php7.4-fpm.sock php {
         ext .php
         split .php
         index index.php
     }
 } 

But when I trying to access a domain which points to this server I got this error:

curl: (35) error:14004438:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert internal error

where is my doing wrong?

That looks like a Caddyfile for Caddy v1.

For reference, you do not need this block:

     {
         ext .php
         split .php
         index index.php
     }

The php preset does all of this for you, so that fastcgi configuration can just be one line.

As for the tlsv1 alert, that’s most likely happening when Caddy doesn’t have a certificate for the site you tried to access.

Since you haven’t told Caddy which domains you’re serving, it can’t get certificates in advance. Since it has no certificate, it sends none, aborting the connection.

You can configure Caddy to fetch brand new certs mid-request. This is called On-Demand TLS and is documented for v1 here: https://caddyserver.com/v1/docs/automatic-https#on-demand

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.