1. Caddy version (caddy version
):
v2.4.6 h1:HGkGICFGvyrodcqOOclHKfvJC0qTU7vny/7FhYp9hNw=
2. How I run Caddy:
Via a service config file /etc/systemd/system/caddy.service
Two important lines
ExecStart=/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
ExecReload=/usr/bin/caddy reload --config /etc/caddy/Caddyfile
a. System environment:
Ubuntu 18
b. Command:
I don’t type it but it is
/usr/bin/caddy run --environ --config /etc/caddy/Caddyfile
c. Service/unit/compose file:
d. My complete Caddyfile or JSON config:
(httpsredirect) {
redir {
if {scheme} is http
/ https://{host}{uri}
}
}
(tlsroute53) {
tls admin@roleuproleup.com
tls {
ca {$JOBS_CERT_URL}
dns route53
}
}
# used to force wildcard on some sub-domains
(tlsroute53wildcard) {
tls admin@roleuproleup.com
tls {
ca {$JOBS_CERT_URL}
dns route53
wildcard
}
}
(tlsondemand) {
tls admin@roleuproleup.com
tls {
ca {$JOBS_CERT_URL}
ask {$JOBS_CERT_ASK_URL}
}
}
http://app{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com, https://app{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com {
import httpsredirect
import tlsroute53wildcard
cors
proxy / {$JOBS_BACKEND_IP}:8080 {
transparent
}
log / stdout "app - [{when}] \"{method} {uri} {proto}\" {status} {size}"
}
http://api{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com, https://api{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com {
import httpsredirect
import tlsroute53wildcard
cors
proxy / {$JOBS_BACKEND_IP}:8084 {
transparent
}
log / stdout "api - [{when}] \"{method} {uri} {proto}\" {status} {size}"
}
http://whstripe{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com, https://whstripe{$JOBS_SUBDOMAIN_POSTFIX}.roleup.com {
import httpsredirect
import tlsroute53wildcard
cors
proxy / {$JOBS_BACKEND_IP}:8082 {
transparent
}
log / stdout "whstripe - [{when}] \"{method} {uri} {proto}\" {status} {size}"
}
http://*.roleup.com, https://*.roleup.com {
import httpsredirect
import tlsroute53
cors
proxy / {$JOBS_BACKEND_IP}:8081 {
transparent
}
log / stdout "boards - [{when}] \"{method} {uri} {proto}\" {status} {size}"
}
http://, https:// {
import httpsredirect
import tlsondemand
cors
tls {
ca {$JOBS_CERT_URL}
ask {$JOBS_CERT_ASK_URL}
}
proxy / {$JOBS_BACKEND_IP}:8081 {
transparent
}
log / stdout "custom - [{when}] \"{method} {uri} {proto}\" {status} {size}"
}
3. The problem I’m having:
I’m moving from v1 to v2 and the configuration is very different. I started to do the changes:
- redir does not exist anymore
- on demand certificate is no more like that
- cors directive does not exist anymore
- wildcard directive does not exist anymore
but it looks like for me a complete rewrite.
After 1 hour of work, I thought it would be more pragmatic to try to find someone with whom I could do an update over the phone. I’m happy to pay the hours needed to do the work.
4. Error messages and/or full log output:
5. What I already tried:
I started to do the changes:
- redir does not exist anymore
- on demand certificate is no more like that
- cors directive does not exist anymore
- wildcard directive does not exist anymore
but it looks like for me a complete rewrite.
6. Links to relevant resources:
The configuration use the extension redis to store the certificates with those ENV variables