Caddy Plugin - Automated TLS renewals and Custom Configuration Files

[5sphgm98]

Hey.

I'm trying to figure out how to set up the Caddy plugin for use with a Matrix server. I'm using the matrix-docker-ansible-deploy project and I'm following their documentation for setting up a reverse proxy, specifically caddy, in front of it. The problem I'm running into is this example they have, where I specifically need to handle port 8448, as I can't find a way to handle that in the OpnSense Caddy plugin.

matrix.example.com:8448 {
    handle {
        encode zstd gzip

        reverse_proxy 127.0.0.1:8449 {
              header_up X-Forwarded-Port {http.request.port}
              header_up X-Forwarded-TlsProto {tls_protocol}
              header_up X-Forwarded-TlsCipher {tls_cipher}
              header_up X-Forwarded-HttpsProto {proto}
        }
    }
}

There doesn't appear to be a "port" field for the domain, and it throws an error if I try to input a port (see attached image, domain changed to example.com).

Now, I know what you're thinking, "just add that example file to /usr/local/etc/caddy/caddy.d in a matrix.conf file". However, the problem then is that I can't figure out how to handle TLS certificates, without having to manually edit the file every 3 months. I can make it work for now, sure, but surely there exists a way to automate it?

[Monviech (Cedrik)]

Just create another wildcard domain.

E.g you have

*.example.com:443
*.example.com:8443

then you create the subdomain you need under the 8443 wildcard domain. Then create the handler for that subdomain.

[5sphgm98]

Oh of course, the port field is in the domain, not the subdomain. Now I feel dumb, thanks for the quick help!

[Monviech (Cedrik)]

Its okay I might add it to the subdomain as things have changed in the template in the latest caddy versions.