Probably thanks to the new Caddy 2.10.2.1
https://tmnascommunity.eu/download/caddy/
My config (can be edited in the Caddy web interface, where you can also restart it after changing the config)
EditCaddyFile
Code: Select all
{
# Admin settings
admin 127.0.0.1:2019
# Custom ports to avoid conflicts with TOS
http_port 8010
https_port 6444
email youremailaddress.com
}
# Block for Vaultwarden
# Specify the IP and local hostname so Caddy knows who to create the certificate for
192.168.1.120:6444, f8-terramaster.local:6444, localhost:6444 {
# Enable Self-signed TLS for these addresses
tls internal
# Proxy to the Vaultwarden container (port 7777)
reverse_proxy 127.0.0.1:7777 {
header_up Host {host}
header_up X-Real-IP {remote_host}
}
}
# Stub for testing Caddy operation over regular HTTP
:8010 {
respond "Caddy is OK. Use https://192.168.1.120:6444 for Vaultwarden."
Where 7777 is the Vaultvarden container's output port in Docker.
You shouldn't keep two copies of Caddy running; at one point, I realized I had two, one in Docker and the other from a third-party app store. It's also better to keep only one running Vaultvarden.
On macOS, I added Caddy's root certificate to the trusted certificates, and the client connected without error. The Vaultvarden web interface in the browser also works.
The iPhone client won't have any issues yet; you probably need to add Caddy's root certificate to the trusted certificates there as well.
