Caddy: prefix / postfix domain and route matching (wildcard)

Created on 4 Nov 2015  路  11Comments  路  Source: caddyserver/caddy

Last night I cleaned up a bunch of Cloud's code so that I can actually start using Caddy for static serving. Before I go writing a super-dynamic Caddyfile generator, I wanted to see if this is supported somehow currently:

Is there a simple pattern matching for a case where I want any /api to go to the same backend (with appropriate Host, X-Forwarded-For, and X-Forwarded-Proto headers of course)?

Something like this:

https://* {
    tls /etc/letsencrypt/live/{host}/fullchain.pem /etc/letsencrypt/live/{host}/privkey.pem
    proxy /api http://localhost:3030
}
https://api.* {
    # tls ...
    proxy / http://localhost:3030/api
}
https://api.* {
    # tls ...
    proxy /api http://localhost:3030/api
}

Also I'd like to know if there's a way to match the host as well

http://* {
    redir https://{host}{uri}
}
https://* {
    # browse /srv/www/{host}
    root /srv/www/{host}
}

I remember discussing this, but I couldn't find the issue if there was one. May be related to https://github.com/mholt/caddy/pull/114 and https://github.com/mholt/caddy/issues/188

Oh, here it is https://github.com/mholt/caddy/issues/125

question
Source
picture coolaj86
👍1

All 11 comments

Well the * host is 0.0.0.0 (or empty string). For the rest of what you're looking for, it's on our short-term roadmap. Meaning that, even now, @Makpoc and @xenolf are looking into the GetCertificate function (for different reasons) which should allow you to dynamically serve a certificate -- I think.

Dynamic root paths are also underway - I started working on it but then letsencrypt happened, and I need more feedback anyway.

As far as dynamic Caddyfiles go, that's coming as well. There are already utility functions to help convert between Caddyfile and JSON, to make it easier for programs to manipulate Caddyfiles.

So, it's coming. We just need more time (and help).

mholt picture mholt on 5 Nov 2015

@Makpoc @xenolf @mholt I have a fully functional example of exactly how to use GetCertificate this way: https://github.com/coolaj86/golang-https-example/blob/master/serve.go

Please ask me any questions. I'm available to explain it line-by-line via skype or github or phone or whatever if anything is unclear.

coolaj86 picture coolaj86 on 5 Nov 2015

@mholt do you have an example of what that json should look like for various caddy files? Is there a place to publish them if I make some?

coolaj86 picture coolaj86 on 5 Nov 2015

@coolaj86 The test file has a few simple examples: https://github.com/mholt/caddy/blob/master/caddy/caddyfile/json_test.go - Also see this comment which as a more filled out example: https://github.com/mholt/caddy/issues/111#issuecomment-150333642 - but this JSON code is not yet being used, so it's not wired up to any API endpoint yet.

mholt picture mholt on 5 Nov 2015

Another use case

Say a web app has many domains that all point to the same app and the domain is used just as an id:

johnny.example.com serves the exact same app as susan.example.com, but the javascript uses the identifier johnny or susan to dynamically change the content (and api call parameters).

*.example.com {
  root /srv/webapps/sameapp.example.com/
}

And there's the use case we've already talked about where it checks to see if the path exists

* {
  root /srv/webapps/{hostname}/
}
*.example.com {
  root /srv/webapps/{subdomain}.example.com/
  root /srv/webapps/fallback.example.com/
}
coolaj86 picture coolaj86 on 21 Nov 2015
👍1

I would love to have a wildcard prefix. That's actually the only thing that prevents me from migrating fully from Nginx to Caddy.

Thanks for all the great work :+1:

Depado picture Depado on 15 Dec 2015

This just stopped me while trying to use Caddy to share an IP between Dokku and Sandstorm, as both require wildcard domains.

It would be awesome if Caddy could provision certificates on the fly, too...

FiloSottile picture FiloSottile on 23 Jan 2016

@FiloSottile Check out the getcertificate branch for on-the-fly certificate issuance.

And yes, working on wildcard support...

mholt picture mholt on 23 Jan 2016
👍1

Awesome! It will still probably not work with what I want it to work because of the 5/wk LE limit :( I guess I'm buying a wildcard certificate.

(Also, just realized my last comment didn't make it clear HOW MUCH I like Caddy :+1:)

FiloSottile picture FiloSottile on 23 Jan 2016

@FiloSottile Thank you :) Just to be clear, that 5/wk rate limit means you can issue 5 certificates for a domain in 7 days. (Although I think it includes any subdomains as well.) I've issued dozens of certificates in a couple minutes for different domains without trouble.

The feedback is good - don't hesitate if there's any more! (Also I saw your PR. Will look at it soon.)

mholt picture mholt on 23 Jan 2016

Thanks for your feedback everyone! Closing this issue to funnel the discussion into #619.

mholt picture mholt on 20 Feb 2016
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mikolysz picture mikolysz  路  3Comments
klaasel picture klaasel  路  3Comments
xfzka picture xfzka  路  3Comments
lorddaedra picture lorddaedra  路  3Comments
billop picture billop  路  3Comments