├── .gitignore
├── Caddyfile
├── README.md
├── diagram.png
├── docker-compose.yml
├── redirect
    ├── build.sh
    ├── cmd
    │   └── main.go
    ├── go.mod
    └── main
└── tls-check
    ├── build.sh
    ├── cmd
        └── main.go
    └── go.mod


/.gitignore:
--------------------------------------------------------------------------------
1 | redirect/main
2 | tls-check/main


--------------------------------------------------------------------------------
/Caddyfile:
--------------------------------------------------------------------------------
 1 | {
 2 |     on_demand_tls {
 3 |         ask http://tls-check:5555
 4 |         
 5 |         burst 5
 6 |         interval 2m
 7 |     }
 8 | }
 9 | 
10 | 
11 | https:// {
12 |     tls {
13 |         on_demand
14 |     }
15 | 
16 |     reverse_proxy redirect:4000 {
17 |         header_down Strict-Transport-Security max-age=31536000;
18 |     }
19 | }


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | <img src="diagram.png" width="50%" />


--------------------------------------------------------------------------------
/diagram.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TomDoesTech/multi-domain/0583ce8924eeb286f1419917dd3d8cb590a1e56d/diagram.png


--------------------------------------------------------------------------------
/docker-compose.yml:
--------------------------------------------------------------------------------
 1 | version: '3.9'
 2 | 
 3 | services:
 4 |   tls-check:
 5 |     image: golang:1.19
 6 |     ports:
 7 |       - 5555:5555
 8 |     volumes:
 9 |       - ./tls-check:/tls-check
10 |     command: sh -c "cd /tls-check && nohup sh ./build.sh"
11 | 
12 |   redirect:
13 |     image: golang:1.19
14 |     ports:
15 |       - 4000:4000
16 |     volumes:
17 |       - ./redirect:/redirect
18 |     command: sh -c "cd /redirect && nohup sh ./build.sh"
19 | 
20 |   caddy:
21 |     image: caddy/caddy:2.6.2-alpine
22 |     container_name: caddy
23 |     restart: unless-stopped
24 |     ports:
25 |       - 80:80
26 |       - 443:443
27 |     volumes:
28 |       - $PWD/Caddyfile:/etc/caddy/Caddyfile
29 |       - $PWD/site:/srv
30 |       - $PWD/caddy_data:/data
31 |       - $PWD/caddy_config:/config
32 | 
33 | volumes:
34 |   caddy_data:
35 |   caddy_config:


--------------------------------------------------------------------------------
/redirect/build.sh:
--------------------------------------------------------------------------------
1 | echo "Building redirect service"
2 | 
3 | go build cmd/main.go
4 | 
5 | ./main


--------------------------------------------------------------------------------
/redirect/cmd/main.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"net/http"
 6 | )
 7 | 
 8 | func main() {
 9 | 
10 | 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
11 | 
12 | 		if r.Method == "GET" {
13 | 
14 | 			host := r.Host
15 | 
16 | 			w.WriteHeader(http.StatusOK)
17 | 			fmt.Fprintf(w, "Hello, %s", host)
18 | 
19 | 		}
20 | 	})
21 | 
22 | 	fmt.Println("Server is running on port 4000")
23 | 	http.ListenAndServe(":4000", nil)
24 | 
25 | }
26 | 


--------------------------------------------------------------------------------
/redirect/go.mod:
--------------------------------------------------------------------------------
1 | module github.com/tomdoestech/multi-domain/redirect
2 | 
3 | go 1.19
4 | 


--------------------------------------------------------------------------------
/redirect/main:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/TomDoesTech/multi-domain/0583ce8924eeb286f1419917dd3d8cb590a1e56d/redirect/main


--------------------------------------------------------------------------------
/tls-check/build.sh:
--------------------------------------------------------------------------------
1 | echo "Building TLS check service"
2 | 
3 | go build cmd/main.go
4 | 
5 | ./main


--------------------------------------------------------------------------------
/tls-check/cmd/main.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"net/http"
 6 | )
 7 | 
 8 | func main() {
 9 | 
10 | 	allowedDomains := []string{"shrti.xyz", "shrti.io"}
11 | 
12 | 	http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
13 | 
14 | 		if r.Method == "GET" {
15 | 
16 | 			query := r.URL.Query()
17 | 
18 | 			requestDomain := query.Get("domain")
19 | 
20 | 			if requestDomain == "" {
21 | 				w.WriteHeader(http.StatusNotFound)
22 | 				return
23 | 			}
24 | 
25 | 			for _, domain := range allowedDomains {
26 | 				if requestDomain == domain {
27 | 					w.WriteHeader(http.StatusOK)
28 | 					fmt.Fprintf(w, "OK")
29 | 
30 | 					fmt.Println("Domain is allowed: ", requestDomain)
31 | 
32 | 					return
33 | 				}
34 | 			}
35 | 
36 | 			fmt.Println("Domain is not allowed: ", requestDomain)
37 | 
38 | 			w.WriteHeader(http.StatusNotFound)
39 | 			return
40 | 
41 | 		}
42 | 	})
43 | 
44 | 	fmt.Println("TLS check server is running on port 5555")
45 | 	http.ListenAndServe(":5555", nil)
46 | 
47 | }
48 | 


--------------------------------------------------------------------------------
/tls-check/go.mod:
--------------------------------------------------------------------------------
1 | module github.com/tomdoestech/multi-domain/tls-check
2 | 
3 | go 1.19
4 | 


--------------------------------------------------------------------------------