Dynamic DNS and Wildcard SSL configuration for Caddy Server

Previously, I shared how to configure CADDY as Reverse Proxy for network epidemic in Homelab. I am applying this method not only on Homelab but also on VPS from suppliers. In addition, I also apply to KazeWP tools to install and manage WordPress.

In today’s article, I will show you how to configure Dynamic DNS and establish Wildcard SSL for CADDY, helping you manage homelab more convenient.

I. Preparation

Before starting, you need to prepare:

Caddy Server: Already installed on your server. If not, you can refer to the CADDY installation guide.
Cloudflare account: Register an account at Cloudflare And add your domain to CloudFlare.
Api token from Cloudflare: Token needs access to DNS to update Dynamic DNS. You can see the instructions for creating API token from CloudFlare.

II. Update Caddy configuration

1. Edit compose.yml

File editing compose.yml of caddy, adding parameters CLOUDFLARE_API_TOKEN In Environment section. Also, add more lines build: . and add signs # in front of the line image: caddy:x.x.x To disable this line.

services:
  caddy:
    container_name: caddy
    #image: caddy:2.9.1
    build: .
    restart: always
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - ./sites:/etc/caddy/sites
      - ./caddy_data:/data
      - ./caddy_config:/config
    environment:
      - CLOUDFLARE_API_TOKEN=2k3Zxxxxxxxxxx3gxMRzhwXe7SoaCode language: YAML (yaml)

2. Create Dockerfile

Create more files Dockerfile Located in the same folder containing the file compose.ymlusing commands

nano DockerfileCode language: Nginx (nginx)

Enter the following Content

FROM caddy:2.9.1-builder-alpine AS builder

RUN xcaddy build 
        --with github.com/mholt/caddy-dynamicdns 
        --with github.com/caddy-dns/cloudflare

FROM caddy:2.9.1-alpine

COPY --from=builder /usr/bin/caddy /usr/bin/caddyCode language: Dockerfile (dockerfile)

The purpose of Dockerfile This is creating a new docker image, based on the version for CADDY, installed 2 more modules:

CADDY-DYNAMICDNS: Find the public IP of Caddy Server and update the DNS of the domain name.
Cloudflare: Manage the DNS records of CloudFlare.

II. Set Dynamic DNS

Update content Caddyfile and add the following paragraph to the top

{
        dynamic_dns {
                provider cloudflare {env.CLOUDFLARE_API_TOKEN} 
                domains {
                        domain.com @
                        domain.com subdomain
                }
        }
}
Code language: Dockerfile (dockerfile)

You should note that the domain name is updated to be updated in the format

Domain name: markknow.com -> Enter markknow.com @
Domain name: caddy.markknow.com -> Enter markknow.com caddy

You can add so many domain names as you like in the domains declaration. These subdomers, if not created, will be automatically created in Cloudflare.

Note: API token has created the need to access and edit the DNS Zone of the domain names you declare here.

Activate CADDY by command

docker compose up -d --buildCode language: Nginx (nginx)

The system will take about 3-5 ′ to create a new docker image, and reinstat the Caddy Container from this Image. Once completed, the domain names you have declared above to see have been updated with the public IP of the server is installing caddy.

III. Configuration Wildcard SSL

To facilitate SSL configuration for services in Homelab, I will set up Wildcard SSL using DNS Challenge.

I will set up Wildcard SSL for the domain name *.homelab.markknow.comthe services in homelab will be accessed by sub -names like adguad.homelab.markknow.com good proxmox.homelab.markknow.com

Revise Caddyfile as follows

Line 5: Add to declaration markknow.com *.homelab Let Caddy automatically add this record to CloudFlare.
Line 9: Declare Email information to use SSL Certificate query
Line 11-15: Declare the Wildcard SSL configuration for the Wildcard domain name *.homelab.markknow.com
Line 17-27: Declaration of Reverse Proxy for subdivals

{
        dynamic_dns {
                provider cloudflare {env.CLOUDFLARE_API_TOKEN} 
                domains {
                        markknow.com *.homelab
                }
        }
        email mark@markknow.com
}

*.homelab.markknow.com {
        tls {
                dns cloudflare {env.CLOUDFLARE_API_TOKEN}
        }
}

proxmox.homelab.markknow.com {
        reverse_proxy 192.168.0.45:8006 {
              transport http {
                     tls_insecure_skip_verify
              }
        }
}

adguard.homelab.markknow.com {
        reverse_proxy 192.168.0.5:3000
}
Code language: YAML (yaml)

Then trigger caddy

docker compose restartCode language: Nginx (nginx)

Confirm to see if you can access the services by the domain name set. If you have problems, check the logs by command docker compose logs To see the error and find a way to engrave.

IV. Conclusion

I have just guided you how to configure Dynamic DNS and set Wildcard SSL for CADDY SERVER. With this configuration, you can easily deploy home network services, access it through the sub -domain name, all are confidential SSL evidence.

If you have questions or suggestions, do not hesitate to leave a comment below! Wish you success!

Comment Policy: We truly value your comments and appreciate the time you take to share your thoughts and feedback with us.

Note: Comments that are identified as spam or purely promotional will be removed.

To enhance your commenting experience, consider creating a Gravatar account. By adding an avatar and using the same e-mail here, your comments will feature a unique and recognizable avatar, making it easier for other members to identify you.

Please use a valid e-mail address so you can receive notifications when your comments receive replies.

Login

Register