feat: Initial commit

Dockerfile

@@ -0,0 +1,7 @@
+FROM docker.io/library/caddy:2.9.1-builder as builder
+
+RUN xcaddy build \
+  --with github.com/caddy-dns/cloudflare
+
+FROM docker.io/library/caddy:2.9.1-alpine
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy

compose.yaml

@@ -0,0 +1,35 @@
+services:
+  caddy:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: caddy
+    restart: unless-stopped
+    env_file:
+      - .env
+    environment:
+      - CLOUDFLARE_EMAIL=${CF_EMAIL}
+      - CLOUDFLARE_API_TOKEN=${CF_AUTH_TOKEN}
+      - ACME_AGREE=true
+    ports:
+      - 80:80
+      - 443:443
+      - "443:443/udp"
+    cap_add:
+      - NET_ADMIN
+    volumes:
+      - ./config:/etc/caddy:z
+      - caddy_data:/data
+      - caddy_config:/config
+    networks:
+      - proxy
+    security_opt:
+      - no-new-privileges:true
+
+volumes:
+  caddy_data: {}
+  caddy_config: {}
+
+networks:
+  proxy:
+    external: true

config/Caddyfile

@@ -0,0 +1,31 @@
+{
+      email {env.ACME_EMAIL}
+}
+
+*.roguemini.housh.dev {
+    tls {
+        dns cloudflare {env.CF_AUTH_TOKEN}
+        resolvers 1.1.1.1
+    }
+
+    @pos host po.roguemini.housh.dev
+    handle @pos {
+          reverse_proxy purchase_orders:8080
+    }
+
+    @legacypos host legacy-po.roguemini.housh.dev, legacy-pos.roguemini.housh.dev
+    handle @legacypos {
+         reverse_proxy po_app:5000
+    }
+
+    @dash host dash.roguemini.housh.dev
+    handle @dash {
+         reverse_proxy homarr:7575
+    }
+
+    @snapp host snapp.roguemini.housh.dev
+    handle @snapp {
+          reverse_proxy snapp:3000
+    }
+
+}

example.env

@@ -0,0 +1,3 @@
+ACME_EMAIL="acme@example.com"
+CF_AUTH_TOKEN="secret-token"
+CF_EMAIL="cloudflare@example.com"