From c9a13cab8ec18f03b90a4e04d1c1b01670f5a021 Mon Sep 17 00:00:00 2001 From: Karol Wypchlo Date: Wed, 7 Jul 2021 23:31:14 +0200 Subject: [PATCH] do not disable :443 --- docker/caddy/Caddyfile | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/docker/caddy/Caddyfile b/docker/caddy/Caddyfile index e78040dc..db49d4a5 100644 --- a/docker/caddy/Caddyfile +++ b/docker/caddy/Caddyfile @@ -2,13 +2,17 @@ # It is useful in case you have services trying to reach the server through ip and not domain like health checks. # It will generate an internal certificate so browsers will warn you when connecting but that not a problem. -# :443 { -# tls internal { -# on_demand -# } -# -# reverse_proxy nginx:80 -# } +:443 { + tls internal { + on_demand + } + + reverse_proxy nginx:80 { + # add Dnslink-Lookup header so nginx knows that the request comes from a domain + # outside of our certificate string and should perform a dnslink lookup + header_up Dnslink-Lookup true + } +} :80 { reverse_proxy nginx:80 {