From 369bc47871133c3645d867c97624ea9eab9bb2d5 Mon Sep 17 00:00:00 2001 From: Nano Date: Sun, 21 Jul 2024 12:18:31 -0400 Subject: [PATCH 1/4] Update README.md The configuration that was shown as an example is incorrect. I have updated the information to reflect proper confs. --- examples/web-server/caddy/README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/examples/web-server/caddy/README.md b/examples/web-server/caddy/README.md index 7e345fe08eb3b..0811e153e1662 100644 --- a/examples/web-server/caddy/README.md +++ b/examples/web-server/caddy/README.md @@ -111,9 +111,9 @@ For production deployments, we recommend configuring Caddy to generate a wildcar ```diff tls { - on_demand - issuer acme { - email email@example.com - } + - issuer acme { + - email email@example.com + - } + dns route53 { + max_retries 10 @@ -137,9 +137,9 @@ For production deployments, we recommend configuring Caddy to generate a wildcar ```diff tls { - on_demand - issuer acme { - email email@example.com - } + - issuer acme { + - email email@example.com + - } + dns cloudflare CLOUDFLARE_API_TOKEN } From 5051cf884ab8a29ff0e8eff123bc62f00ae30546 Mon Sep 17 00:00:00 2001 From: Nano Date: Sun, 21 Jul 2024 13:22:09 -0400 Subject: [PATCH 2/4] docs: add on_demand_tls server I don't know why caddy thought this would help prevent abuse. --- examples/web-server/caddy/Caddyfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/examples/web-server/caddy/Caddyfile b/examples/web-server/caddy/Caddyfile index a897a1feec3c9..83c77adbba48f 100644 --- a/examples/web-server/caddy/Caddyfile +++ b/examples/web-server/caddy/Caddyfile @@ -1,3 +1,9 @@ +{ + on_demand_tls { + ask http://example.com + } +} + coder.example.com, *.coder.example.com { reverse_proxy localhost:3000 tls { From 8aad30c25aa25f8dc692f9f8010a9e675046fe16 Mon Sep 17 00:00:00 2001 From: Nano Date: Sun, 21 Jul 2024 13:23:14 -0400 Subject: [PATCH 3/4] docs: fix formatting to match the rest of the of the caddyfile --- examples/web-server/caddy/Caddyfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/web-server/caddy/Caddyfile b/examples/web-server/caddy/Caddyfile index 83c77adbba48f..67b495d9fc733 100644 --- a/examples/web-server/caddy/Caddyfile +++ b/examples/web-server/caddy/Caddyfile @@ -1,5 +1,5 @@ { - on_demand_tls { + on_demand_tls { ask http://example.com } } From 9bbd3f29f1684177f6a412c8a807b6f27fa5b61b Mon Sep 17 00:00:00 2001 From: Nano Date: Sun, 21 Jul 2024 13:27:58 -0400 Subject: [PATCH 4/4] docs: reflect the change in caddyfile I feel like someone will ignore this, but we better still add it... --- examples/web-server/caddy/README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/examples/web-server/caddy/README.md b/examples/web-server/caddy/README.md index 0811e153e1662..d66a61a3af62c 100644 --- a/examples/web-server/caddy/README.md +++ b/examples/web-server/caddy/README.md @@ -50,6 +50,7 @@ This is an example configuration of how to use Coder with [caddy](https://caddys - `coder.example.com`: Domain name you're using for Coder. - `*.coder.example.com`: Domain name for wildcard apps, commonly used for [dashboard port forwarding](https://coder.com/docs/coder-oss/latest/networking/port-forwarding#dashboard). This is optional and can be removed. - `localhost:3000`: Address Coder is running on. Modify this if you changed `CODER_HTTP_ADDRESS` in the Coder configuration. + - _DO NOT CHANGE the `ask http://example.com` line! Doing so will result in your certs potentially not being generated._ 4. [Configure Coder](https://coder.com/docs/coder-oss/latest/admin/configure) and change the following values: