feat: Adds caddy readme.

caddy/README.md

@@ -0,0 +1,36 @@
+# Caddy
+
+Caddy is a web-server, commonly used as a reverse proxy (meaning it sits in
+front of other services and routes traffic to them).  It offers SSL certificates
+via Let's Encrypt.
+
+## Usage
+
+This directory has the basic set of files needed to create a caddy server.
+Because caddy uses a plugin architecture, the Dockerfile builds the image that
+is used, which includes cloudflare's DNS provider for verifying the domain of
+the server in order for it to obtain SSL certificates.
+
+## Environment Variables
+
+The `.env` file has the common environment variables needed in order to obtain
+SSL certificates, these values need to be updated.
+
+## Caddyfile
+
+The configuration for the caddy server is found in the `caddy/Caddyfile`.  There
+is a block included as an example of setting up a reverse proxy that will issue
+a wildcard certificate for the domains that are listed.
+
+## Network
+
+The proxy network needs to be created prior to starting the container.  You can
+use the following command to create the network:
+
+```bash
+docker network create --driver=bridge proxy
+```
+
+This allows you to place other containers running on the same host on this
+network and configure the reverse proxy using their container name.
+

caddy/compose.yml

@@ -1,10 +1,13 @@
+# This network needs created prior to running the container.
+#
+# docker network create --driver=bridge proxy
+#
 networks:
   proxy:
     external: true
 
 volumes:
   caddy_config:
-  caddy_data:
 
 services:
   caddy:
@@ -23,12 +26,14 @@ services:
       - 80:80
       - 443:443
       - "443:443/udp"
-      - 2019:2019
+      - 2019:2019 # only needed if you want to access the api.
     cap_add:
       - NET_ADMIN
     volumes:
-      - $PWD/config:/etc/caddy
-      - caddy_data:/data
+      - ./config:/etc/caddy
+      - ./data:/data
       - caddy_config:/config
     networks:
       - proxy
+    security_opt:
+      - no-new-privileges:true