blog/cloudflare-proxy #8
6
.vscode/settings.json
vendored
Normal file
6
.vscode/settings.json
vendored
Normal file
@ -0,0 +1,6 @@
|
||||
{
|
||||
"cSpell.words": [
|
||||
"caddyfile",
|
||||
"nslookup"
|
||||
]
|
||||
}
|
46
content/posts/2023/12/05/cloudflare-dns-proxy-with-caddy.md
Normal file
46
content/posts/2023/12/05/cloudflare-dns-proxy-with-caddy.md
Normal file
@ -0,0 +1,46 @@
|
||||
---
|
||||
title: "Cloudflare DNS Proxy With Caddy"
|
||||
date: 2023-12-05T14:57:40-08:00
|
||||
draft: false
|
||||
tags: [on-prem, hosting, caddy, cloudflare]
|
||||
---
|
||||
|
||||
I have been using [Caddy](https://caddyserver.com/) as my [reverse proxy](https://en.wikipedia.org/wiki/Reverse_proxy) for a bit now and its been great! I have also been using [Cloudflare](https://www.cloudflare.com/) for my DNS given its all API driven. But one thing I ran into issues with was being able to use Cloudflare to proxy my hosting IP behind one of their servers. This would be allow allow a user to `nslookup` against my dns record and only tell them about the Cloudflare IP. This is ideal because then I am able to hide my personal IP Address from the internet.
|
||||
|
||||
But when I started with Caddy, I was not able to get this feature to work. But at the end of the day I picked Caddy because it has [Automatic Https](https://caddyserver.com/docs/automatic-https). This one feature and it being written in Go was one of the reasons I picked this. I did attempt to use something like `nginx` but this was before I had my own domain, and my tests failed.
|
||||
|
||||
## Dynamic DNS
|
||||
|
||||
One of the other reasons why I picked Cloudflare was because it was API driven. I have a Dynamic IP Address, and needed to ensure my sites would not be down when my IP changed. So I created a little Go tool called [cloudflare-ddns](https://git.jamestombleson.com/jtom38/cloudflare-ddns). The name is very basic but does the job.
|
||||
|
||||
This tool is very simple. Every 15 minutes, it will check my IP Address and make sure all my defined A records in Cloudflare match. If they don't, then it will update them. If that is of intrest to you, take a look at the source code.
|
||||
|
||||
## Cloudflare DNS Proxy
|
||||
|
||||
So now that we have a little bit of a background, one thing I wanted to figure out was how to make this all work.
|
||||
|
||||
I did try to use the Proxy service in the past but due to time, I did not spend much time on it.
|
||||
I had https already so I did not care to mess around with it too much more.
|
||||
But I did go and enable the Proxy service to see what happened.
|
||||
|
||||
When it was enabled I was getting `Too Many Redirects` back. Well, this is because Caddy and Cloudflare both are trying to redirect my http traffic to https.
|
||||
Given the Cloudflare was also trying to handle https for me, this made sense.
|
||||
So to use the Cloudflare proxy, I need to configure Caddy to not handle https.
|
||||
|
||||
## The solution
|
||||
|
||||
So to make this all work its actually very simple.
|
||||
Open your `caddyfile` and update the record to define `http://` for the host you want.
|
||||
|
||||
```caddyfile
|
||||
http://fake.domain.com {
|
||||
reverse_proxy 192.168.1.1:8080
|
||||
}
|
||||
```
|
||||
|
||||
Save the file and restart Caddy.
|
||||
|
||||
Once Caddy comes back only, go over to Cloudflare and enable the proxy service on your A record and within a couple minutes, things should flow again!
|
||||
if you run `nslookup fake.domain.com` you should now see the DNS record not point to your IP but a Cloudflare IP.
|
||||
|
||||
With that change you are now good to go!
|
Loading…
Reference in New Issue
Block a user