Compare commits
No commits in common. "6b1fa3471904a642266a5595210460a3b4aa56ea" and "7f9fadaaa4879573dae513157270270193ccd8ec" have entirely different histories.
6b1fa34719
...
7f9fadaaa4
6
.vscode/settings.json
vendored
6
.vscode/settings.json
vendored
@ -1,6 +0,0 @@
|
|||||||
{
|
|
||||||
"cSpell.words": [
|
|
||||||
"caddyfile",
|
|
||||||
"nslookup"
|
|
||||||
]
|
|
||||||
}
|
|
@ -2,5 +2,5 @@
|
|||||||
title: "{{ replace .Name "-" " " | title }}"
|
title: "{{ replace .Name "-" " " | title }}"
|
||||||
date: {{ .Date }}
|
date: {{ .Date }}
|
||||||
draft: true
|
draft: true
|
||||||
tags: [...]
|
---
|
||||||
---
|
|
||||||
|
@ -1,46 +0,0 @@
|
|||||||
---
|
|
||||||
title: "Cloudflare DNS Proxy With Caddy"
|
|
||||||
date: 2023-12-05T14:57:40-08:00
|
|
||||||
draft: false
|
|
||||||
tags: [on-prem, hosting, caddy, cloudflare]
|
|
||||||
---
|
|
||||||
|
|
||||||
I have been using [Caddy](https://caddyserver.com/) as my [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) for a bit now and its been great! I have also been using [Cloudflare](https://www.cloudflare.com/) for my DNS given its all API driven. But one thing I ran into issues with was being able to use Cloudflare to proxy my hosting IP behind one of their servers. This would be allow allow a user to `nslookup` against my dns record and only tell them about the Cloudflare IP. This is ideal because then I am able to hide my personal IP Address from the internet.
|
|
||||||
|
|
||||||
But when I started with Caddy, I was not able to get this feature to work. But at the end of the day I picked Caddy because it has [Automatic Https](https://caddyserver.com/docs/automatic-https). This one feature and it being written in Go was one of the reasons I picked this. I did attempt to use something like `nginx` but this was before I had my own domain, and my tests failed.
|
|
||||||
|
|
||||||
## Dynamic DNS
|
|
||||||
|
|
||||||
One of the other reasons why I picked Cloudflare was because it was API driven. I have a Dynamic IP Address, and needed to ensure my sites would not be down when my IP changed. So I created a little Go tool called [cloudflare-ddns](https://git.jamestombleson.com/jtom38/cloudflare-ddns). The name is very basic but does the job.
|
|
||||||
|
|
||||||
This tool is very simple. Every 15 minutes, it will check my IP Address and make sure all my defined A records in Cloudflare match. If they don't, then it will update them. If that is of intrest to you, take a look at the source code.
|
|
||||||
|
|
||||||
## Cloudflare DNS Proxy
|
|
||||||
|
|
||||||
So now that we have a little bit of a background, one thing I wanted to figure out was how to make this all work.
|
|
||||||
|
|
||||||
I did try to use the Proxy service in the past but due to time, I did not spend much time on it.
|
|
||||||
I had https already so I did not care to mess around with it too much more.
|
|
||||||
But I did go and enable the Proxy service to see what happened.
|
|
||||||
|
|
||||||
When it was enabled I was getting `Too Many Redirects` back. Well, this is because Caddy and Cloudflare both are trying to redirect my http traffic to https.
|
|
||||||
Given the Cloudflare was also trying to handle https for me, this made sense.
|
|
||||||
So to use the Cloudflare proxy, I need to configure Caddy to not handle https.
|
|
||||||
|
|
||||||
## The solution
|
|
||||||
|
|
||||||
So to make this all work its actually very simple.
|
|
||||||
Open your `caddyfile` and update the record to define `http://` for the host you want.
|
|
||||||
|
|
||||||
```caddyfile
|
|
||||||
http://fake.domain.com {
|
|
||||||
reverse_proxy 192.168.1.1:8080
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
Save the file and restart Caddy.
|
|
||||||
|
|
||||||
Once Caddy comes back only, go over to Cloudflare and enable the proxy service on your A record and within a couple minutes, things should flow again!
|
|
||||||
if you run `nslookup fake.domain.com` you should now see the DNS record not point to your IP but a Cloudflare IP.
|
|
||||||
|
|
||||||
With that change you are now good to go!
|
|
Loading…
Reference in New Issue
Block a user