Created
June 16, 2021 10:55
-
-
Save gilbitron/36d48eb751875bebdf43da0a91c9faec to your computer and use it in GitHub Desktop.
Enabling HTTPS (SSL) for Laravel Sail using Caddy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # app/Http/Controllers/CaddyController.php | |
| namespace App\Http\Controllers; | |
| use App\Store; | |
| use Illuminate\Http\Request; | |
| class CaddyController extends Controller | |
| { | |
| public function check(Request $request) | |
| { | |
| $authorizedDomains = [ | |
| 'laravel.test', | |
| 'www.laravel.test', | |
| // Add subdomains here | |
| ]; | |
| if (in_array($request->query('domain'), $authorizedDomains)) { | |
| return response('Domain Authorized'); | |
| } | |
| // Abort if there's no 200 response returned above | |
| abort(503); | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # docker/Caddyfile | |
| { | |
| on_demand_tls { | |
| ask http://laravel.test/caddy-check | |
| } | |
| local_certs | |
| } | |
| :443 { | |
| tls internal { | |
| on_demand | |
| } | |
| reverse_proxy laravel.test { | |
| header_up Host {host} | |
| header_up X-Real-IP {remote} | |
| header_up X-Forwarded-For {remote} | |
| header_up X-Forwarded-Port {server_port} | |
| header_up X-Forwarded-Proto {scheme} | |
| health_timeout 5s | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| services: | |
| caddy: | |
| image: caddy:latest | |
| restart: unless-stopped | |
| ports: | |
| - '80:80' | |
| - '443:443' | |
| volumes: | |
| - './docker/Caddyfile:/etc/caddy/Caddyfile' | |
| - sailcaddy:/data | |
| - sailcaddy:/config | |
| networks: | |
| - sail | |
| # Remove "ports" from laravel.test service | |
| volumes: | |
| sailcaddy: | |
| driver: local |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # routes/web.php | |
| Route::get('/caddy-check', 'CaddyController@check'); |
If the domains are going to be hard-coded into that controller anyway, why not put them in the Caddyfile?
# docker/Caddyfile
laravel.test, www.laravel.test {
tls internal
reverse_proxy laravel.test {
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Port {server_port}
header_up X-Forwarded-Proto {scheme}
health_timeout 5s
}
}
Is there any way to do it without creating code in the application? In theory development things should not have to be in the production project. Also, not everyone in the team necessarily has to use docker or sail. It causes me noise to create a route and a controller
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Well, here's a weird one. I wonder if this is a Mac issue.
If you clone the sample repo I made (or start with a clean Laravel project), the first build doesn't work. But if you immediately force a rebuild with no changes, it works. (I'm starting with a clean Docker install. No locally downloaded images or containers. The strange thing is that the rebuild shouldn't actually change anything. The volumes are all the same too since there's no file changes.