Setting up secure HTTP (HTTPS) for AMP with Caddy DNS Certification

Technical Support Installation Support
1

This guide is for those who cannot use port 80 for certbot because it’s blocked by their ISP or otherwise. It will go over how to set up Caddy DNS Certification + Reverse Proxy.

This guide only covers instructions for Linux based servers
“DOT” and backslashes are used due to CubeCoders link limits. Simply replace them.

First you need to install x-caddy
Go here: https:\\github.com\caddyserver/xcaddy (fix slashes)
to find the latest installation instructions for xCaddy.

Then you need to build a custom Caddy with your specific domain provider.
Different options listed here: caddy-dns · GitHub
Then you can build Caddy.

EX:

xcaddy build --with github.com/caddy-dns/INSERTDOMAINPROVIDER

After building we need to edit/create the Caddyfile

sudo nano Caddyfile

You can paste the following experimental Caddyfile shown below.

Different domain providers require different parameters(secret-keys, usernames, etc) to certify. You can find these requirements at the caddy dns github link above.

Replace all things surrounded with * with your own domain information and provider information. In this example AMP is bound to 8080.

*ampDOTdomainDOTcom* {
        tls {
                dns *INSERTDOMAINPROVIDER* {
                        *CHECKREQUIREMENTS*
                }
        }
        handle_path /shared/* {
                root * /opt/cubecoders/amp/shared/WebRoot/
                file_server
        }
        reverse_proxy localhost:8080
        handle_errors 502 {
                root * /opt/cubecoders/amp/shared/WebRoot
                rewrite /NotRunning.html
                file_server
        }
}

Save the file
Then format the Caddyfile

caddy fmt --overwrite

After formatting do

sudo caddy start

Check if it’s working by visiting your subdomain. Don’t include the port in the web address or use http.
EX: https:/\ampDOTdomainDOTcom\

Once setup is complete, there is no need to port forward 8080 anymore.

Additional Steps Below

If you need to add any additional webservers outside of AMP like Dynmap, you can add the following underneath your Caddyfile.

Stop Caddy first then nano

sudo caddy stop
sudo nano Caddyfile

*exampleDOTdomainDOTcom* {
        tls {
                dns *INSERTDOMAINPROVIDER* {
                        *CHECKREQUIREMENTS*
                }
        }
        reverse_proxy localhost:*WEBSERVERPORT*
}

Save the file and

sudo caddy start

Then it should be functional.

2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.