Running a localhost with https

https-linux-dev.sh

# download mkcert
wget https://github.com/FiloSottile/mkcert/releases/download/v1.4.1/mkcert-v1.4.1-linux-amd64 -q --show-progress -o mkcert
chmod +x mkcert
sudo mv mkcert /usr/local/bin

# install mkcert
mkcert -install

# generate local certs and keys wildcard
mkcert zilli.ld '*.zilli.ld' local.ld localhost 127.0.0.1 ::1

mkdir -p /usr/local/etc/caddy/certs
mv zilli.ld+5.pem /usr/local/etc/caddy/certs/
mv zilli.ld+5-key.pem /usr/local/etc/caddy/certs/

# isntall dnsmaq
sudo apt install -y dnsmasq

# install caddy version personal
curl https://getcaddy.com | bash -s personal

# stop system-resolved for change file /etc/resolv.conf 
sudo systemctl disable systemd-resolved.service
sudo systemctl stop systemd-resolved

# add if networkmanager not have a dns=none
sudo sed -ie '/^plugins/a dns=none' /etc/NetworkManager/NetworkManager.conf

#if exist dns key, change it
sudo sed -ie 's/^dns=.*/dns=none/' /etc/NetworkManager/NetworkManager.conf

# create a config caddy file with localhost tls
sudo cat <<EOF > /usr/local/etc/caddy/Caddyfile
zilli.ld:443, *.zilli.ld, local.ld:443 {
  tls /usr/local/etc/caddy/certs/zilli.ld+5.pem /usr/local/etc/caddy/certs/zilli.ld+5-key.pem
  gzip
  proxy / localhost:3000 {
    transparent
  }
}
EOF

# create a dnsmasq config for resolve local dns and external
sudo cat <<EOF >> /etc/dnsmasq.conf
port=53
address=/.ld/127.0.0.1
server=1.1.1.1
server=8.8.8.8
server=8.8.4.4
EOF

# restart dnsmasq for load a new config
sudo systemctl restart dnsmasq.service