Compare commits

..

No commits in common. "3b5f4f2e0fda73b98974e6640c401f8d21906fb2" and "7f9fadaaa4879573dae513157270270193ccd8ec" have entirely different histories.

3 changed files with 2 additions and 54 deletions

View File

@ -1,6 +0,0 @@
{
"cSpell.words": [
"caddyfile",
"nslookup"
]
}

View File

@ -2,5 +2,5 @@
title: "{{ replace .Name "-" " " | title }}"
date: {{ .Date }}
draft: true
tags: [...]
---
---

View File

@ -1,46 +0,0 @@
---
title: "Cloudflare DNS Proxy With Caddy"
date: 2023-12-05T14:57:40-08:00
draft: false
tags: [on-prem, hosting, caddy, cloudflare]
---
I have been using [Caddy](https://caddyserver.com/) as my [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) for a bit now and its been great! I have also been using [Cloudflare](https://www.cloudflare.com/) for my DNS given its all API driven. But one thing I ran into issues with was being able to use Cloudflare to proxy my hosting IP behind one of their servers. This would be allow allow a user to `nslookup` against my dns record and only tell them about the Cloudflare IP. This is ideal because then I am able to hide my personal IP Address from the internet.
But when I started with Caddy, I was not able to get this feature to work. But at the end of the day I picked Caddy because it has [Automatic Https](https://caddyserver.com/docs/automatic-https). This one feature and it being written in Go was one of the reasons I picked this. I did attempt to use something like `nginx` but this was before I had my own domain, and my tests failed.
## Dynamic DNS
One of the other reasons why I picked Cloudflare was because it was API driven. I have a Dynamic IP Address, and needed to ensure my sites would not be down when my IP changed. So I created a little Go tool called [cloudflare-ddns](https://git.jamestombleson.com/jtom38/cloudflare-ddns). The name is very basic but does the job.
This tool is very simple. Every 15 minutes, it will check my IP Address and make sure all my defined A records in Cloudflare match. If they don't, then it will update them. If that is of intrest to you, take a look at the source code.
## Cloudflare DNS Proxy
So now that we have a little bit of a background, one thing I wanted to figure out was how to make this all work.
I did try to use the Proxy service in the past but due to time, I did not spend much time on it.
I had https already so I did not care to mess around with it too much more.
But I did go and enable the Proxy service to see what happened.
When it was enabled I was getting `Too Many Redirects` back. Well, this is because Caddy and Cloudflare both are trying to redirect my http traffic to https.
Given the Cloudflare was also trying to handle https for me, this made sense.
So to use the Cloudflare proxy, I need to configure Caddy to not handle https.
## The solution
So to make this all work its actually very simple.
Open your `caddyfile` and update the record to define `http://` for the host you want.
```caddyfile
http://fake.domain.com {
reverse_proxy 192.168.1.1:8080
}
```
Save the file and restart Caddy.
Once Caddy comes back only, go over to Cloudflare and enable the proxy service on your A record and within a couple minutes, things should flow again!
if you run `nslookup fake.domain.com` you should now see the DNS record not point to your IP but a Cloudflare IP.
With that change you are now good to go!