LLM/n8n-install
1
0
Fork 0
mirror of https://github.com/kossakovsky/n8n-install.git synced 2026-03-07 14:23:08 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
local-env
n8n-install/caddy-addon
History
Yury Kossakovsky 0e4b46ec31 feat(tls): add custom tls certificate support for corporate deployments 
adds caddy-addon mechanism for custom certificates when let's encrypt
is not available. includes setup script with interactive wizard,
example configs, and documentation.
2026-01-09 23:26:41 -07:00
..
.gitkeep
Caddy addon folder for deploying agents with the Local AI Package
2025-06-15 17:10:29 -05:00
custom-tls.conf.example
feat(tls): add custom tls certificate support for corporate deployments
2026-01-09 23:26:41 -07:00
README.md
feat(tls): add custom tls certificate support for corporate deployments
2026-01-09 23:26:41 -07:00

README.md

Caddy Addons

This directory allows you to extend or override Caddy configuration without modifying the main Caddyfile.

All .conf files in this directory are automatically imported via import /etc/caddy/addons/*.conf at the end of the main Caddyfile.

Use Cases

  • Custom TLS certificates (corporate/internal CA)
  • Additional reverse proxy rules
  • Custom headers or middleware
  • Rate limiting or access control

Custom TLS Certificates

For corporate/internal deployments where Let's Encrypt is not available, you can use your own certificates.

Quick Setup

  1. Place your certificates in the certs/ directory:

    cp /path/to/your/cert.crt ./certs/wildcard.crt
cp /path/to/your/key.key ./certs/wildcard.key

  2. Run the setup script:

    make setup-tls

  3. Restart Caddy:

    docker compose -p localai restart caddy

Manual Setup

  1. Copy the example file:

    cp caddy-addon/custom-tls.conf.example caddy-addon/custom-tls.conf

  2. Edit custom-tls.conf with your hostnames and certificate paths

  3. Place certificates in certs/ directory

  4. Restart Caddy:

    docker compose -p localai restart caddy

How Site Override Works

When you define a site block in an addon file with the same hostname as the main Caddyfile, Caddy will use both configurations. To completely override a site, use the exact same hostname.

Example: To override n8n.yourdomain.com with a custom certificate:

# caddy-addon/custom-tls.conf
n8n.internal.company.com {
    tls /etc/caddy/certs/wildcard.crt /etc/caddy/certs/wildcard.key
    reverse_proxy n8n:5678
}

Make sure your .env file has N8N_HOSTNAME=n8n.internal.company.com.

File Structure

caddy-addon/
├── .gitkeep                    # Keeps directory in git
├── README.md                   # This file
├── custom-tls.conf.example     # Example for custom certificates
└── custom-tls.conf             # Your custom config (gitignored)

certs/
├── .gitkeep                    # Keeps directory in git
├── wildcard.crt                # Your certificate (gitignored)
└── wildcard.key                # Your private key (gitignored)

Important Notes

  • Files in caddy-addon/*.conf are gitignored (preserved during updates)
  • Files in certs/ are gitignored (certificates are not committed)
  • Example files (*.example) are tracked in git
  • Caddy validates configuration on startup - check logs if it fails: 
    docker compose -p localai logs caddy

Caddy Documentation