Closed adamlesinski closed 3 months ago
Is this related to https://github.com/tailscale/caddy-tailscale#https-support ? I am managing my own certs (using a DNS-specific provider challenge) so I am not relying on tailscale's cert issuance.
so, we've changed quite a bit in the plugin since you filed this issue, so I'm wondering if you'd be willing to try again. I setup a similar config, and ended up getting the error:
Error: loading initial config: loading new config: http app module: start: starting HTTP/3 QUIC listener: listen udp: lookup caddytest: no such host
Disabling HTTP3 solved, so I ended up with a config of:
{
order tailscale_auth after basicauth
auto_https off
servers {
protocols h1 h2
}
tailscale {
ephemeral
}
}
caddytest.willnorris.net:443 {
tls domain.cert.pem private.key.pem
bind tailscale/caddytest
tailscale_auth
templates
respond `Hello, {{placeholder "http.auth.user.id"}}`
}
Note I'm using static TLS cert files rather than using caddy's https support, though I'm not sure that matters for this. So if you get a chance, try again and let me know if still run into the same issue.
We've now both fixed our QUIC support and properly hooked into caddy's auto_https feature (see the updated https://github.com/tailscale/caddy-tailscale#https-support), so I think this should work much better now. Give it a try with the latest version when you can and let me know how it goes.
Will you're crushing it man
I have tested this with something like the following and Caddy is booting up and running with no errors.
foo.bar.com:443 {
bind tailscale/my-node
tailscale_auth
templates
respond `Hello, {placeholder "http.auth.user.id"}}`
}
My goal is to host a web service behind tailscale, and leverage tailscale's ability to know which user is connecting as an auth mechanism.
I want my service, running as tailscale device
my-node
, to be accessible over a custom domain namefoo.bar.com
(placeholder). Once the node is registered with tailscale, I want to set the DNS A record forfoo.bar.com
to point atmy-node
's tailscale IP.I have the following Caddyfile:
I generated a
TS_AUTHKEY
and set it in caddy's environment before runningcaddy run --config /etc/config/Caddyfile
. I get the following error:I tried changing
bind tailscale/my-node
tobind tailscale/
and got:The error goes away when I drop
foo.bar.com
from the route directive.