From 4cf4d1a7c6f65895bb2ee9dca5978f91ed83dbca Mon Sep 17 00:00:00 2001
From: Michael Housh <mhoush@houshhomeenergy.com>
Date: Fri, 14 Mar 2025 09:49:30 -0400
Subject: [PATCH] feat: Adds caddy.

---
 caddy/.env             |  3 +++
 caddy/Dockerfile       |  7 +++++++
 caddy/compose.yml      | 34 ++++++++++++++++++++++++++++++++++
 caddy/config/Caddyfile | 20 ++++++++++++++++++++
 4 files changed, 64 insertions(+)
 create mode 100644 caddy/.env
 create mode 100644 caddy/Dockerfile
 create mode 100644 caddy/compose.yml
 create mode 100644 caddy/config/Caddyfile

diff --git a/caddy/.env b/caddy/.env
new file mode 100644
index 0000000..7c04f01
--- /dev/null
+++ b/caddy/.env
@@ -0,0 +1,3 @@
+ACME_EMAIL="admin@example.com"
+CF_AUTH_TOKEN="my-token"
+CF_EMAIL="admin@example.com"
diff --git a/caddy/Dockerfile b/caddy/Dockerfile
new file mode 100644
index 0000000..f7b27aa
--- /dev/null
+++ b/caddy/Dockerfile
@@ -0,0 +1,7 @@
+FROM caddy:2.9.1-builder AS builder
+
+RUN xcaddy build \
+  --with github.com/caddy-dns/cloudflare
+
+FROM caddy:2.9.1-alpine
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
diff --git a/caddy/compose.yml b/caddy/compose.yml
new file mode 100644
index 0000000..1736af7
--- /dev/null
+++ b/caddy/compose.yml
@@ -0,0 +1,34 @@
+networks:
+  proxy:
+    external: true
+
+volumes:
+  caddy_config:
+  caddy_data:
+
+services:
+  caddy:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: caddy
+    restart: unless-stopped
+    env_file:
+      - .env
+    environment:
+      - CLOUDFLARE_EMAIL=${CF_EMAIL}
+      - CLOUDFLARE_API_TOKEN=${CF_AUTH_TOKEN}
+      - ACME_AGREE=true
+    ports:
+      - 80:80
+      - 443:443
+      - "443:443/udp"
+      - 2019:2019
+    cap_add:
+      - NET_ADMIN
+    volumes:
+      - $PWD/config:/etc/caddy
+      - caddy_data:/data
+      - caddy_config:/config
+    networks:
+      - proxy
diff --git a/caddy/config/Caddyfile b/caddy/config/Caddyfile
new file mode 100644
index 0000000..74ff167
--- /dev/null
+++ b/caddy/config/Caddyfile
@@ -0,0 +1,20 @@
+{
+  email {env.ACME_EMAIL}
+  acme_dns cloudflare {env.CF_AUTH_TOKEN}
+  admin 0.0.0.0:2019
+}
+
+*.housh.dev {
+  tls {
+    dns cloudflare {env.CF_AUTH_TOKEN}
+    propagation_delay 2m
+    resolvers 1.1.1.1
+  }
+
+  # example of reverse proxy.
+
+  @gitea host git.housh.dev
+  handle @gitea {
+    reverse_proxy 192.168.10.76:3000
+  }
+}