"
Great plugin (once I figured it out!)
I'm not a networking expert, more of a homelabber. I have OPNSense setup with Adguard Home and Unbound with DNS over TLS.
I was having some trouble getting the Caddy access lists working to restrict some services to my LAN IPs only. To get this all working I had to setup overrides in Unbound that point these URLs back to my Caddy when on my LAN. i.e. I setup example.website.com in Caddy and then in Unbound I had to setup an override to point this URL back to 192.168.1.1 (where Caddy is running on my opnsense router).
My assumption was that because they were encrypted with DNS over TLS that the Caddy reverse proxy can't intercept them?
I think the only other way to get Caddy working with this setup was using the layer4 proxy? I took a look but the options and setup was just a bit too confusing for me. Downside is I just need to setup an override for every service but it really isn't that bad.
Just posting in case anyone has feedback or other ideas here. I was hoping to not require setting these up but it works now.
If there is any feedback on the layer4 proxy with my setup or another way to avoid the overrides in Unbound, I'd love to hear it!
I'm not a networking expert, more of a homelabber. I have OPNSense setup with Adguard Home and Unbound with DNS over TLS.
I was having some trouble getting the Caddy access lists working to restrict some services to my LAN IPs only. To get this all working I had to setup overrides in Unbound that point these URLs back to my Caddy when on my LAN. i.e. I setup example.website.com in Caddy and then in Unbound I had to setup an override to point this URL back to 192.168.1.1 (where Caddy is running on my opnsense router).
My assumption was that because they were encrypted with DNS over TLS that the Caddy reverse proxy can't intercept them?
I think the only other way to get Caddy working with this setup was using the layer4 proxy? I took a look but the options and setup was just a bit too confusing for me. Downside is I just need to setup an override for every service but it really isn't that bad.
Just posting in case anyone has feedback or other ideas here. I was hoping to not require setting these up but it works now.
If there is any feedback on the layer4 proxy with my setup or another way to avoid the overrides in Unbound, I'd love to hear it!
