V2: Issues with multiple server blocks in Caddyfile-style config

Help
1

I’m trying to setup Caddy v2 so it redirects from HTTP Port 80 from both my IPv4 and my IPv6 to my main domain to HTTPS.

My Caddyfile:

{
        "experimental_http3": true
}
167.86.123.102, [2a02:c207:3004:1207:be:a:bad:babe] {
        tls off
        redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
        root * /etc/caddy/html
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server /md browse
        file_server
}

The converted file:

{
        "apps": {
                "http": {
                        "servers": {
                                "srv0": {
                                        "listen": [
                                                ":443"
                                        ],
                                        "routes": [
                                                {
                                                        "match": [
                                                                {
                                                                        "host": [
                                                                                "hnrk.io",
                                                                                "www.hnrk.io"
                                                                        ]
                                                                }
                                                        ],
                                                        "handle": [
                                                                {
                                                                        "handler": "subroute",
                                                                        "routes": [
                                                                                {
                                                                                        "handle": [
                                                                                                {
                                                                                                        "handler": "vars",
                                                                                                        "root": "/etc/caddy/html"
                                                                                                },
                                                                                                {
                                                                                                        "handler": "subroute",
                                                                                                        "routes": [
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "encodings": {
                                                                                                                                                "brotli": {},
                                                                                                                                                "gzip": {},
                                                                                                                                                "zstd": {}
                                                                                                                                        },
                                                                                                                                        "handler": "encode"
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "static_response",
                                                                                                                                        "headers": {
                                                                                                                                                "Location": [
                                                                                                                                                        "{http.request.uri.path}/"
                                                                                                                                                ]
                                                                                                                                        },
                                                                                                                                        "status_code": 308
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "file": {
                                                                                                                                                "try_files": [
                                                                                                                                                        "{http.request.uri.path}/index.php"
                                                                                                                                                ]
                                                                                                                                        },
                                                                                                                                        "not": {
                                                                                                                                                "path": [
                                                                                                                                                        "*/"
                                                                                                                                                ]
                                                                                                                                        }
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "rewrite",
                                                                                                                                        "rehandle": true,
                                                                                                                                        "uri": "{http.matchers.file.relative}{http.request.uri.query_string}"
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "file": {
                                                                                                                                                "try_files": [
                                                                                                                                                        "{http.request.uri.path}",
                                                                                                                                                        "{http.request.uri.path}/index.php",
                                                                                                                                                        "index.php"
                                                                                                                                                ]
                                                                                                                                        }
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "reverse_proxy",
                                                                                                                                        "transport": {
                                                                                                                                                "protocol": "fastcgi",
                                                                                                                                                "split_path": ".php"
                                                                                                                                        },
                                                                                                                                        "upstreams": [
                                                                                                                                                {
                                                                                                                                                        "dial": "unix//run/php/php7.3-fpm.sock"
                                                                                                                                                }
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "path": [
                                                                                                                                                "*.php"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "browse": {},
                                                                                                                                        "handler": "file_server",
                                                                                                                                        "hide": [
                                                                                                                                                "Caddyfile"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "path": [
                                                                                                                                                "/md"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "file_server",
                                                                                                                                        "hide": [
                                                                                                                                                "Caddyfile"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                }
                                                                                                        ]
                                                                                                }
                                                                                        ]
                                                                                }
                                                                        ]
                                                                }
                                                        ]
                                                }
                                        ],
                                        "experimental_http3": true
                                },
                                "srv1": {
                                        "listen": [
                                                ":2015"
                                        ],
                                        "routes": [
                                                {
                                                        "match": [
                                                                {
                                                                        "host": [
                                                                                "167.86.123.102",
                                                                                "2a02:c207:3004:1207:be:a:bad:babe"
                                                                        ]
                                                                }
                                                        ],
                                                        "handle": [
                                                                {
                                                                        "handler": "subroute",
                                                                        "routes": [
                                                                                {
                                                                                        "handle": [
                                                                                                {
                                                                                                        "handler": "static_response",
                                                                                                        "headers": {
                                                                                                                "Location": [
                                                                                                                        "https://hnrk.io{http.request.uri}"
                                                                                                                ]
                                                                                                        },
                                                                                                        "status_code": 301
                                                                                                }
                                                                                        ]
                                                                                }
                                                                        ]
                                                                }
                                                        ]
                                                }
                                        ],
                                        "automatic_https": {},
                                        "experimental_http3": true
                                }
                        }
                },
                "tls": {
                        "certificates": {
                                "load_files": [
                                        {
                                                "certificate": "/etc/caddy/hnrk.io.crt",
                                                "key": "/etc/caddy/hnrk.io.key"
                                        }
                                ]
                        },
                        "automation": {},
                        "session_tickets": {}
                }
        }
}

Now if I start Caddy v2 and request http://167.86.123.102, a blank HTTP 200 white page is displayed, same for the IPv6.

If I visit https://167.86.123.102, I get the following in Caddy’s logs:

2019/09/18 10:27:11 http: TLS handshake error from 62.157.168.126:29726: no certificate available for ''
2019/09/18 10:27:11 http: TLS handshake error from 62.157.168.126:29729: no certificate available for ''

In the JSON I see that the caddyfile adapter put the certificate and key paths into the second server block, whereas they are not supposed to be in there. Additionally "automatic_https": {} should be disabled in the same block, because of tls off.

Could it be a bug in the adapter or is my Caddyfile syntax wrong?

Thanks!

2

Hmm, yeah this might be a bug (or two) in the Caddyfile adapter but I need to look into it more to be sure.

In the meantime, if you change the third line of your Caddyfile to:

167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {

Does that improve the situation at all?

1 Like
3

This worked for the IPv4 address (correctly redirect to https://hnrk.io{uri}), but for IPv6, it displays a blank white page.

UPDATE My Caddyfile:

{
        "experimental_http3": true
}
167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {
        tls off
        redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
        root * /etc/caddy/html
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server /md browse
        file_server
}
4

Thanks – progress, I guess. Could you try something for me? Use the adapted JSON directly but put [ ] around the IPv6 address in the “match” → “host” field: [2a02:c207:3004:1207:be:a:bad:babe] – I just want to test a theory…

5

Using this Caddyfile JSON now:

{
        "apps": {
                "http": {
                        "servers": {
                                "srv0": {
                                        "listen": [
                                                ":80"
                                        ],
                                        "routes": [
                                                {
                                                        "match": [
                                                                {
                                                                        "host": [
                                                                                "167.86.123.102",
                                                                                "[2a02:c207:3004:1207:be:a:bad:babe]"
                                                                        ]
                                                                }
                                                        ],
                                                        "handle": [
                                                                {
                                                                        "handler": "subroute",
                                                                        "routes": [
                                                                                {
                                                                                        "handle": [
                                                                                                {
                                                                                                        "handler": "static_response",
                                                                                                        "headers": {
                                                                                                                "Location": [
                                                                                                                        "https://hnrk.io{http.request.uri}"
                                                                                                                ]
                                                                                                        },
                                                                                                        "status_code": 301
                                                                                                }
                                                                                        ]
                                                                                }
                                                                        ]
                                                                }
                                                        ]
                                                }
                                        ],
                                        "automatic_https": {},
                                        "experimental_http3": true
                                },
                                "srv1": {
                                        "listen": [
                                                ":443"
                                        ],
                                        "routes": [
                                                {
                                                        "match": [
                                                                {
                                                                        "host": [
                                                                                "hnrk.io",
                                                                                "www.hnrk.io"
                                                                        ]
                                                                }
                                                        ],
                                                        "handle": [
                                                                {
                                                                        "handler": "subroute",
                                                                        "routes": [
                                                                                {
                                                                                        "handle": [
                                                                                                {
                                                                                                        "handler": "vars",
                                                                                                        "root": "/etc/caddy/html"
                                                                                                },
                                                                                                {
                                                                                                        "handler": "subroute",
                                                                                                        "routes": [
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "encodings": {
                                                                                                                                                "brotli": {},
                                                                                                                                                "gzip": {},
                                                                                                                                                "zstd": {}
                                                                                                                                        },
                                                                                                                                        "handler": "encode"
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "static_response",
                                                                                                                                        "headers": {
                                                                                                                                                "Location": [
                                                                                                                                                        "{http.request.uri.path}/"
                                                                                                                                                ]
                                                                                                                                        },
                                                                                                                                        "status_code": 308
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "file": {
                                                                                                                                                "try_files": [
                                                                                                                                                        "{http.request.uri.path}/index.php"
                                                                                                                                                ]
                                                                                                                                        },
                                                                                                                                        "not": {
                                                                                                                                                "path": [
                                                                                                                                                        "*/"
                                                                                                                                                ]
                                                                                                                                        }
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "rewrite",
                                                                                                                                        "rehandle": true,
                                                                                                                                        "uri": "{http.matchers.file.relative}{http.request.uri.query_string}"
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "file": {
                                                                                                                                                "try_files": [
                                                                                                                                                        "{http.request.uri.path}",
                                                                                                                                                        "{http.request.uri.path}/index.php",
                                                                                                                                                        "index.php"
                                                                                                                                                ]
                                                                                                                                        }
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "reverse_proxy",
                                                                                                                                        "transport": {
                                                                                                                                                "protocol": "fastcgi",
                                                                                                                                                "split_path": ".php"
                                                                                                                                        },
                                                                                                                                        "upstreams": [
                                                                                                                                                {
                                                                                                                                                        "dial": "unix//run/php/php7.3-fpm.sock"
                                                                                                                                                }
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "path": [
                                                                                                                                                "*.php"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "browse": {},
                                                                                                                                        "handler": "file_server",
                                                                                                                                        "hide": [
                                                                                                                                                "Caddyfile"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ],
                                                                                                                        "match": [
                                                                                                                                {
                                                                                                                                        "path": [
                                                                                                                                                "/md"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                },
                                                                                                                {
                                                                                                                        "handle": [
                                                                                                                                {
                                                                                                                                        "handler": "file_server",
                                                                                                                                        "hide": [
                                                                                                                                                "Caddyfile"
                                                                                                                                        ]
                                                                                                                                }
                                                                                                                        ]
                                                                                                                }
                                                                                                        ]
                                                                                                }
                                                                                        ]
                                                                                }
                                                                        ]
                                                                }
                                                        ]
                                                }
                                        ],
                                        "experimental_http3": true
                                }
                        }
                },
                "tls": {
                        "certificates": {
                                "load_files": [
                                        {
                                                "certificate": "/etc/caddy/hnrk.io.crt",
                                                "key": "/etc/caddy/hnrk.io.key"
                                        }
                                ]
                        },
                        "automation": {},
                        "session_tickets": {}
                }
        }
}

Caddy v2 starts to obtain a certificate for [[2a02:c207:3004:1207:be:a:bad:babe]].

Logs:

$ ./caddy run -config=/etc/v2caddy/Caddyfile
2019/09/18 16:35:13 Caddy 2 admin endpoint listening on localhost:2019
2019/09/18 16:35:13 [INFO][cache:0xc000131900] Started certificate maintenance routine
2019/09/18 16:35:13 [INFO] Enabling automatic HTTPS certificates for [[2a02:c207:3004:1207:be:a:bad:babe]]
2019/09/18 16:35:13 [INFO][[2a02:c207:3004:1207:be:a:bad:babe]] Obtain certificate
^C2019/09/18 16:35:18 [INFO] SIGINT: Shutting down
^C2019/09/18 16:35:19 [INFO] SIGINT: Force quit
6

Okay, thanks. More to the point, can you tell me what is the exact Host header of a request to 2a02:c207:3004:1207:be:a:bad:babe from within your web browser?

7

host
host1135×907 45.4 KB

8

Ah, that’s probably why; net.SplitHostPort() fails when there is no port in the address (as in your case) and so we default to the original string (the whole Host header) otherwise. I guess I need to add some logic to strip any [ ] around IP addresses too. :slightly_frowning_face:

9

@HNRK This should do the trick: host matcher: Strip [ ] from IPv6 addresses · caddyserver/caddy@bc9f944 · GitHub

10

I now get the following error when converting the config:

{
        "experimental_http3": true
}
167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {
        tls off
        redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
        root * /etc/caddy/html
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server /md browse
        file_server
}

to json:

$ ./caddy adapt-config --input /etc/v2caddy/CaddyfileORIG --adapter caddyfile --pretty > Caddyfile

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0xa54d90]

goroutine 1 [running]:
github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile.(*ServerType).serversFromPairings(0xc000179b28, 0xc00008d6e0, 0x2, 0x2, 0xc00013f2f0, 0xc00000f4c0, 0x0, 0x6, 0x8)
        /etc/buildv2caddy/v2caddy/caddyconfig/httpcaddyfile/httptype.go:274 +0xaa0
github.com/caddyserver/caddy/v2/caddyconfig/httpcaddyfile.ServerType.Setup(0xc000130600, 0x3, 0x4, 0xc00013f2f0, 0xc000130540, 0x6, 0x8, 0x0, 0x0, 0x0)
        /etc/buildv2caddy/v2caddy/caddyconfig/httpcaddyfile/httptype.go:151 +0xb76
github.com/caddyserver/caddy/v2/caddyconfig/caddyfile.Adapter.Adapt(0xdd44c0, 0x1380db0, 0xc0000eea80, 0x154, 0x354, 0xc00013f2f0, 0xc0000c98c0, 0x5b00000000c85a00, 0x1, 0x5b464059042ecb13, ...)
        /etc/buildv2caddy/v2caddy/caddyconfig/caddyfile/adapter.go:50 +0x19a
github.com/caddyserver/caddy/v2/cmd.cmdAdaptConfig(0xbc3800, 0xc0000ada10, 0x7fff4bc24d90)
        /etc/buildv2caddy/v2caddy/cmd/commands.go:339 +0x3b9
github.com/caddyserver/caddy/v2/cmd.Main()
        /etc/buildv2caddy/v2caddy/cmd/main.go:47 +0x8b
main.main()
        /etc/buildv2caddy/v2caddy/cmd/caddy/main.go:40 +0x20
11

Oops. Try the latest now.

1 Like
12

Awesome, it works as expected now! :smile:

I’ll test with multiple server blocks (>2) and report back.

Thank you!

EDIT: See below

13

Okay, one more thing I’ve discovered, but just now, because of my domain hnrk.io being in HSTS preload of some browsers:

When visiting http://hnrk.io without my browser redirecting to https automatically based on HSTS preload, Caddy serves a blank white HTTP 200 page.

Since I added a domain that is not in preload list, I discovered this phenomenon because I visited weather-frogs.de, see my current Caddyfile now:

{
        "experimental_http3": true
}
167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {
        tls off
        redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
        root * /etc/caddy/html
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server /md browse
        file_server
}
weather-frogs.de, www.weather-frogs.de {
        root * /etc/caddy/html/weather-frogs.de
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}

In the logs, Caddy successfully pulls a certificate for (www.)weather-frogs.de:

$ ./caddy run -config=/etc/v2caddy/Caddyfile
2019/09/18 20:19:59 Caddy 2 admin endpoint listening on localhost:2019
2019/09/18 20:19:59 [INFO][cache:0xc00020caa0] Started certificate maintenance routine
2019/09/18 20:19:59 [INFO][hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/18 20:19:59 [INFO][www.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/18 20:19:59 [INFO] Enabling automatic HTTPS certificates for [weather-frogs.de www.weather-frogs.de]
2019/09/18 20:19:59 [INFO][weather-frogs.de] Obtain certificate
2019/09/18 20:19:59 [INFO] [weather-frogs.de] acme: Obtaining bundled SAN certificate
2019/09/18 20:20:02 [INFO] [weather-frogs.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/400079751
2019/09/18 20:20:02 [INFO] [weather-frogs.de] acme: use tls-alpn-01 solver
2019/09/18 20:20:02 [INFO] [weather-frogs.de] acme: Trying to solve TLS-ALPN-01
2019/09/18 20:20:06 [INFO] [weather-frogs.de] The server validated our request
2019/09/18 20:20:06 [INFO] [weather-frogs.de] acme: Validations succeeded; requesting certificates
2019/09/18 20:20:12 [INFO] [weather-frogs.de] Server responded with a certificate.
2019/09/18 20:20:12 [INFO][www.weather-frogs.de] Obtain certificate
2019/09/18 20:20:12 [INFO] [www.weather-frogs.de] acme: Obtaining bundled SAN certificate
2019/09/18 20:20:15 [INFO] [www.weather-frogs.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/400084326
2019/09/18 20:20:15 [INFO] [www.weather-frogs.de] acme: use tls-alpn-01 solver
2019/09/18 20:20:15 [INFO] [www.weather-frogs.de] acme: Trying to solve TLS-ALPN-01
2019/09/18 20:20:17 [INFO] [www.weather-frogs.de] The server validated our request
2019/09/18 20:20:17 [INFO] [www.weather-frogs.de] acme: Validations succeeded; requesting certificates
2019/09/18 20:20:20 [INFO] [www.weather-frogs.de] Server responded with a certificate.
2019/09/18 20:20:21 [INFO] Enabling automatic HTTP->HTTPS redirects for [hnrk.io www.hnrk.io weather-frogs.de www.weather-frogs.de]
2019/09/18 20:20:21 [INFO] Enabling experimental HTTP/3 listener on :443
2019/09/18 20:20:21 [INFO] tls: Cleaned up storage unit(s)
2019/09/18 20:20:21 Caddy 2 serving initial configuration

But again serves a blank white 200 HTTP page on my second domain, too, so I think HTTP->HTTPS redirect in Caddy v2 does not work when both providing cert and key manually and obtaining it via certmagic.

httpToHttps
httpToHttps2220×1170 199 KB

In the picture you can see the internal redirect from Brave becaue of HSTS preload, and from Internet Explorer, that doesn’t have my domain hnrk.io in preload, that it does not redirect to HTTPS.

EDIT: With the converted Caddyfile.json, I exceed Caddy forum’s body limit :smile:, hence I created a snippet here: https://gist.github.com/Henrocker/1521a7b2fd53c2341b64edfdc3e136f2

14

@HNRK I’m not sure I follow; what does the cert for weather-frogs.de have to do with the HTTP->HTTPS redirect?

Can you narrow down the problem more and try to isolate it, that would be helpful. I’m confused as to what the problem even is.

15

I’m sorry, I try to provide every bit of info I have.

HTTP->HTTPS redirects do not work for my domains provided in Caddyfile.

16

@HNRK Thanks for the info, I was able to distill it down to a reproducible case and push a fix. Give http: Improve auto HTTP->HTTPS redirects, fix edge cases · caddyserver/caddy@40e05e5 · GitHub a try and let me know how it goes?

2 Likes
17

This latest commit fixes the issues. Thank you!

Also tested, if redirect plays nicely with PHP apps, it does!

18

My most complete Caddyfile, yet:

{
        "experimental_http3": true
}
167.86.123.102:80, [2a02:c207:3004:1207:be:a:bad:babe]:80 {
        tls off
        redir https://hnrk.io{uri} 301
}
hnrk.io, www.hnrk.io {
        root * /etc/caddy/html
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server /md browse
        file_server
}
weather-frogs.de, www.weather-frogs.de {
        root * /etc/caddy/html/weather-frogs.de
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
die-reikiquellen.de, www.die-reikiquellen.de {
        root * /etc/caddy/html/die-reikiquellen.de
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
#harmoniks.de, www.harmoniks.de {
#        root * /etc/caddy/html/harmoniks.de
#        encode brotli zstd gzip
#        php_fastcgi unix//run/php/php7.3-fpm.sock
#        file_server
#}
hnrk.inet2.org {
        tls off
        root * /etc/caddy/html/inet2.org
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
ip.hnrk.io {
        root * /etc/caddy/html/myip
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
sql.hnrk.io {
        root * /etc/caddy/html/pma
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
postfix.hnrk.io {
        root * /etc/caddy/html/pfa/public
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
draw.hnrk.io {
        root * /etc/caddy/html/draw
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
mail.hnrk.io {
        root * /etc/caddy/html/rl
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
fotos.hnrk.io {
        root * /etc/caddy/html/fotos
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
proxy.hnrk.io {
        root * /etc/caddy/html/proxy
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
skip.hnrk.io {
        root * /etc/caddy/html/skip
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
zeit.hnrk.io {
        root * /etc/caddy/html/time
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
frequencies.hnrk.io {
        root * /etc/caddy/html/draw/niviuk.free.fr/niviuk.free.fr
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
dns.hnrk.io {
        root * /etc/caddy/html/null
        reverse_proxy * localhost:10001
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}
torrent.hnrk.io {
        root * /etc/caddy/html/null
        reverse_proxy * localhost:10004
        tls /etc/caddy/hnrk.io.crt /etc/caddy/hnrk.io.key
        encode brotli zstd gzip
        php_fastcgi unix//run/php/php7.3-fpm.sock
        file_server
}

translates to 48KB of json :smiley:

https://gist.github.com/Henrocker/1521a7b2fd53c2341b64edfdc3e136f2

Logs:

$ ./caddy run -config=/etc/v2caddy/Caddyfile
2019/09/19 08:07:13 Caddy 2 admin endpoint listening on localhost:2019
2019/09/19 08:07:13 [INFO][cache:0xc0004048c0] Started certificate maintenance routine
2019/09/19 08:07:13 [INFO] Server srv0 is only listening on the HTTP port 80, so no automatic HTTPS will be applied to this server
2019/09/19 08:07:13 [INFO][sql.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][zeit.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][dns.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][mail.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][proxy.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][frequencies.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][torrent.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][www.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][fotos.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][ip.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][postfix.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][draw.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO][skip.hnrk.io] Skipping automatic certificate management because one or more matching certificates are already loaded
2019/09/19 08:07:13 [INFO] Enabling automatic HTTPS certificates for [die-reikiquellen.de www.weather-frogs.de weather-frogs.de www.die-reikiquellen.de]
2019/09/19 08:07:14 [INFO][die-reikiquellen.de] Obtain certificate
2019/09/19 08:07:14 [INFO] [die-reikiquellen.de] acme: Obtaining bundled SAN certificate
2019/09/19 08:07:15 [INFO] [die-reikiquellen.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/407399887
2019/09/19 08:07:15 [INFO] [die-reikiquellen.de] acme: Could not find solver for: tls-alpn-01
2019/09/19 08:07:15 [INFO] [die-reikiquellen.de] acme: use http-01 solver
2019/09/19 08:07:15 [INFO] [die-reikiquellen.de] acme: Trying to solve HTTP-01
2019/09/19 08:07:16 [INFO] [die-reikiquellen.de] Served key authentication
2019/09/19 08:07:16 [INFO] [die-reikiquellen.de] Served key authentication
2019/09/19 08:07:16 [INFO] [die-reikiquellen.de] Served key authentication
2019/09/19 08:07:16 [INFO] [die-reikiquellen.de] Served key authentication
2019/09/19 08:07:20 [INFO] [die-reikiquellen.de] The server validated our request
2019/09/19 08:07:20 [INFO] [die-reikiquellen.de] acme: Validations succeeded; requesting certificates
2019/09/19 08:07:21 [INFO] [die-reikiquellen.de] Server responded with a certificate.
2019/09/19 08:07:21 [INFO][www.die-reikiquellen.de] Obtain certificate
2019/09/19 08:07:21 [INFO] [www.die-reikiquellen.de] acme: Obtaining bundled SAN certificate
2019/09/19 08:07:22 [INFO] [www.die-reikiquellen.de] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/407401373
2019/09/19 08:07:22 [INFO] [www.die-reikiquellen.de] acme: Could not find solver for: tls-alpn-01
2019/09/19 08:07:22 [INFO] [www.die-reikiquellen.de] acme: use http-01 solver
2019/09/19 08:07:22 [INFO] [www.die-reikiquellen.de] acme: Trying to solve HTTP-01
2019/09/19 08:07:23 [INFO] [www.die-reikiquellen.de] Served key authentication
2019/09/19 08:07:23 [INFO] [www.die-reikiquellen.de] Served key authentication
2019/09/19 08:07:30 [INFO] [www.die-reikiquellen.de] The server validated our request
2019/09/19 08:07:30 [INFO] [www.die-reikiquellen.de] acme: Validations succeeded; requesting certificates
2019/09/19 08:07:31 [INFO] [www.die-reikiquellen.de] Server responded with a certificate.
2019/09/19 08:07:31 [INFO] Enabling automatic HTTP->HTTPS redirects for [die-reikiquellen.de sql.hnrk.io zeit.hnrk.io dns.hnrk.io www.weather-frogs.de mail.hnrk.io proxy.hnrk.io frequencies.hnrk.io torrent.hnrk.io hnrk.io www.hnrk.io weather-frogs.de www.die-reikiquellen.de fotos.hnrk.io ip.hnrk.io postfix.hnrk.io draw.hnrk.io skip.hnrk.io]
2019/09/19 08:07:31 [WARNING] Server srv0 is listening on :80, so automatic HTTP->HTTPS redirects might be overridden by your own configuration
2019/09/19 08:07:31 [INFO] Enabling experimental HTTP/3 listener on :443
2019/09/19 08:07:31 [INFO] tls: Cleaned up storage unit(s)
2019/09/19 08:07:31 Caddy 2 serving initial configuration

Everything is working very well! Awesome :tada:

2 Likes
19

That’s a relief. Thanks for the update

1 Like
20

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.