Using Caddy Webserver as HTTPS-Proxy for Plone

Caddy supports configuration free HTTPS powered by Let's encrypt certificates. This example show's how to setup a virtual host for Plone.

The following Caddy vhost configuration applies to "derico.de" and "www.derico.de". And does a redirect for the non-www domain to the www-version.

Caddy does automatically an redirect from HTTP to HTTPS, so there is nothing to configure.

The rewrite rule should look familiar and does the same VirtualHostRoot rewriting you would do in Nginx or Apache too. It includes the Plone-site-id, which in this case is "Plone".

derico.de, www.derico.de {
    redir 301 {
        if {host} not_starts_with www
        / https://www.{hostonly}{uri}
    }
    rewrite {
        r ^/(.*)$
        to /VirtualHostBase/https/{hostonly}:443/Plone/VirtualHostRoot/{1}
    }
    proxy / http://localhost:9000 {
        transparent
        header_upstream X-Forwarded-Host {host}
    }
    gzip
    log /var/log/caddy/derico.de.access.log
    errors /var/log/caddy/derico.de.error.log

}

That's all you need for a HTTPS vhost for Plone. After restarting the Webserver, Caddy will make sure you'll get a valid Let's encrypt certificate and configure it for the domain. To get the certificate. the domain has to have a valid DNS setup already.

By @MrTango in
Tags :