Wildcard ssl support?

[Bored0ne]

Describe the bug Not exactly a bug more of a use case that's being hindered. For a visual:

WildcardDomainRecord ---  Caddy ---Sablier --- Docker
                                \             /
                                   Traefik

Basically my wildcard domain *.domain.com points to my Caddy server. My Caddy server then goes and allocates the record, traefik by default sets up the wildcard hosting with {{ .Containername }}.domain.com. Basically Sablier doesn't appear to support two things. 1. Placeholders in Caddy because the @name just gets sent to sablier as @name. 2. if it does not have sablier enabled but I try and connect to it via container name I just want sablier to ignore it's even calling it. Not error out like it currently is with a 404 healthcheck. Don't get me wrong I can appreciate what it is doing. However in my weird use case I don't want it to do that and would love to be able to set a config option to just ignore healthchecks on nonenabled containers.

*.domain.com {
        @name expression `{http.request.host.labels.2}`
        log
        @private {
                remote_ip private_ranges
        }
# Tried this and it didn't work as much as I would've loved that.
#########################################
#       sablier http://localhost:10000 {
#               group {http.request.host.labels.2}
#               dynamic {
#                       display_name {http.request.host.labels.2}
#                       theme matrix
#               }
#       }
########################################
# This is some security stuff for ensuring that anything outside of my local net has to be vetted before coming in all the way.
        handle @private {
                sablier http://localhost:10000 {
                        names @name
                        dynamic {
                                theme matrix
                        }
                }
                # This points to my traefik instance.
                reverse_proxy http://127.0.0.1:280
        }
        handle {
        # More security fun.
                authorize with mypolicy
                sablier http://localhost:10000 {
                        names @name
                        dynamic {
                                theme matrix
                        }
                }
                reverse_proxy http://127.0.0.1:280
        }
}
}

//Traefik special rule

 - "--providers.docker.defaultRule=Host(`{{ .ContainerName }}.domain.com`)"

Context

• Sablier version: docker latest beta 11/12/2023
• Provider: docker 24.0.7 build afdd53b
• Reverse proxy: custom caddy server.
• Sablier running inside a container? Yes

Expected behavior It should support the magic.

[acouvreur]

I'm not really familiar with how "templating" in Caddy would work.

To me it seems that configuration is immutable.

So I'm curious to see if you had any experience with "dynamic" configuration that may come from the routingitself, such as the targeted container.

---

Your use case is obviously the most wanted one:

Not having to specify which container to wake up

---

So far, not a single reverse proxy allows to do this kind of configuration at "request-time".

[github-actions[bot]]

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[Bored0ne]

Hey @acouvreur I figure'd it out. The request has to be built with the caddy http replacer during request time. I'm still working out the kinks but will provide a fork demonstrating this and leave it at your discretion on whether or not to include this functionality.

[Bored0ne]

Here's the code changes on my fork My go skills are a little rusty but I managed this much. Basically I am using caddy to extract the placeholder and format the requested names. To be honest, I'm not 100% sure I'm even doing this right, but it works for me. Now I can deploy under a wildcard ssl on caddy, spin up a docker container with sablier, and send all traffic to traefik for automated routing/ssl cert generation.

https://github.com/Bored0ne/sablier/blob/main/plugins/caddy/config.go https://github.com/Bored0ne/sablier/blob/main/plugins/caddy/main.go