This is a series on setting up Kubernetes clusters in Amazon EKS.
In this post we will setup Root Level Redirection using Caddy Server.
Setting up root domain redirection can be rather tricky, given the following points:
-
Root domains @ can only have an A-Record under DNS therefore can only point to an IP Address. This causes issues if you are using something like AWS and are not using their DNS Name Servers using Route53.
-
With default Nginx Redirection, https redirection does not work, unless a custom SSL is installed.
-
ALIAS records, do not work unless extra plugin’s are installed for SSL.
-
SSL Certificates with Nginx requires extra installation and have to be and updated has to be updated regularly.
We want to achieve the following:
http://example.com => https://example.com => https://www.example.comCaddy Installation Ubuntu
SSH to the Ubuntu Server and add the necessary dependencies with
sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https -y
add the official Caddy GPG key
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
Update Ubuntu Repository
curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
Update apt:
sudo apt-get update
Install Caddy
sudo apt-get install caddy -y
Start and enable the Caddy service with:
sudo systemctl enable --now caddy
On opening the servers IP Address in the browser, you will be presented with the Default Caddy welcome page.
Update Caddy Configuration
We just need to add 2 re-directives for SSL redirection
- Set the SSL using tls
- Set the redirection
redir https://www.{host}{uri}
Final, Caddy Configuration file
sudo nano /etc/caddy/Caddyfile
example.com {
tls [email protected]
redir https://www.{host}{uri}
}
Reload Caddy Server
sudo systemctl reload caddy
On opening http://example.com it will redirect to https://example.com which, will redirect to https://www.example.com.
