V2: Using JSON, TLS identification the same for multiple SNI

Can I combine multiple SNI when building my JSON config?

Example:

Today, after using adapt on 3 imported Caddyfile:

          "tls_connection_policies": [
            {
              "alpn": [
                "h2"
              ],
              "match": {
                "sni": [
                  "domain.hipdadster.com"
                ]
              }
            },
            {
              "alpn": [
                "h2"
              ],
              "match": {
                "sni": [
                  "domain.social"
                ]
              }
            },
            {
              "alpn": [
                "h2"
              ],
              "match": {
                "sni": [
                  "my.literal.domain"
                ]
              }
            }
          ]

Could this JSON be built like this?

          "tls_connection_policies": [
            {   
              "alpn": [
                "h2"
              ],  
              "match": {
                "sni": [
                  "domain.hipdadster.com",
                  "domain.social",
                  "my.literal.domain"
                ]   
              }   
            }   
          ] 

It would work much better for my simple automation, and has the benefit of being a touch more human readable. There are a few pieces of the JSON that could probably be cleaned up, but this seems the easiest on first pass.

Hmm. The documentation and the fact it’s enclosed in square brackets indicates that it takes an array. Have you tried that second option yet? Did it work?

1 Like

I haven;t I guess it takes a second to try, as nothing here is production critical…and it works.

Yeah, I had a feeling the JSON emitted by the adapter wasn’t very optimized.

Aye, this is the nature of adapters in general.

They’re only as smart as the rules they’re programmed with, they’ll never be able to adapt (an amusingly ironic turn of phrase) on their own to produce smarter results. It’s always going to be quite rigid - the main goal is for it to be functional, and the end result working as expected.

Yeah. The generated JSON isn’t too bad – I’ve put in a few functions that already improve it significantly, so it could be worse – but it is still far from elegant sometimes. (The Caddyfile is an awful format tbh, but it’s so dang convenient for 90% of sites.)

We can always improve the generated JSON with time. But yeah… in several cases I have written more succinct, elegant JSON than the Caddyfile adapter could invent. Some things are just better expressed with the JSON structure. (And it’s not really so bad when you get used to it!)

And yes, you can mix Caddyfile and json with the API (it’s all JSON through the API in the end).

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.