Skip to content
podmaker docs

Add a domain and SSL

Add a domains block to your manifest; podmaker handles DNS wiring (where it manages your DNS) and obtains TLS automatically through Caddy.

Basic domain with automatic HTTPS

domains:
  - hostname: app.acme.com
    ssl:
      provider: letsencrypt   # default
      challenge: http-01      # default

Point an A/AAAA record for app.acme.com at your server’s IP. On the next deploy, Caddy completes the ACME http-01 challenge and installs the certificate. Renewal is automatic.

Cloudflare-managed DNS

If podmaker manages your Cloudflare DNS, it can create the record for you and optionally proxy traffic:

domains:
  - hostname: app.acme.com
    dns:
      provider: cloudflare
      proxy: true
    ssl:
      provider: letsencrypt
      challenge: http-01

Wildcards and DNS-01

For wildcard certificates, use the dns-01 challenge (requires a DNS provider podmaker can write to):

domains:
  - hostname: "*.acme.com"
    dns:   { provider: cloudflare }
    ssl:   { challenge: dns-01 }

Certificate authorities

ssl.provider accepts letsencrypt (default), zerossl or buypass.

See the full domains reference.