michael/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: michael:4cf4d1a7c6f65895bb2ee9dca5978f91ed83dbca
Branches Tags
michael:main
..
compare: michael:9b64d416e58e61bdd8438b718e1e30e269c77518
Branches Tags
michael:main

2 Commits
4cf4d1a7c6 ... 9b64d416e5

Author SHA1 Message Date
Michael Housh
9b64d416e5 feat: Adds example in Caddyfile of reverse proxy on same host as caddy. 2025-03-14 14:09:01 -04:00
Michael Housh
c2ce3f0791 feat: Adds caddy readme. 2025-03-14 14:06:14 -04:00
3 changed files with 54 additions and 5 deletions
Expand all files Collapse all files

36
caddy/README.md Normal file
View File

@@ -0,0 +1,36 @@
# Caddy
Caddy is a web-server, commonly used as a reverse proxy (meaning it sits in
front of other services and routes traffic to them). It offers SSL certificates
via Let's Encrypt.
## Usage
This directory has the basic set of files needed to create a caddy server.
Because caddy uses a plugin architecture, the Dockerfile builds the image that
is used, which includes cloudflare's DNS provider for verifying the domain of
the server in order for it to obtain SSL certificates.
## Environment Variables
The `.env` file has the common environment variables needed in order to obtain
SSL certificates, these values need to be updated.
## Caddyfile
The configuration for the caddy server is found in the `caddy/Caddyfile`. There
is a block included as an example of setting up a reverse proxy that will issue
a wildcard certificate for the domains that are listed.
## Network
The proxy network needs to be created prior to starting the container. You can
use the following command to create the network:
```bash
docker network create --driver=bridge proxy
```
This allows you to place other containers running on the same host on this
network and configure the reverse proxy using their container name.

13
caddy/compose.yml
View File

@@ -1,10 +1,13 @@
# This network needs created prior to running the container.
#
# docker network create --driver=bridge proxy
#
networks: networks:
proxy: proxy:
external: true external: true
volumes: volumes:
caddy_config: caddy_config:
caddy_data:
services: services:
caddy: caddy:
@@ -23,12 +26,14 @@ services:
- 80:80 - 80:80
- 443:443 - 443:443
- "443:443/udp" - "443:443/udp"
- 2019:2019 - 2019:2019 # only needed if you want to access the api.
cap_add: cap_add:
- NET_ADMIN - NET_ADMIN
volumes: volumes:
- $PWD/config:/etc/caddy - ./config:/etc/caddy
- caddy_data:/data - ./data:/data
- caddy_config:/config - caddy_config:/config
networks: networks:
- proxy - proxy
security_opt:
- no-new-privileges:true

10
caddy/config/Caddyfile
View File

@@ -11,10 +11,18 @@
resolvers 1.1.1.1 resolvers 1.1.1.1
} }
# example of reverse proxy. # Example of reverse proxy on a separate host.
@gitea host git.housh.dev @gitea host git.housh.dev
handle @gitea { handle @gitea {
reverse_proxy 192.168.10.76:3000 reverse_proxy 192.168.10.76:3000
} }
# Example of revers proxy on same host
# This assumes the container name is gitea.
@gitea host git.housh.dev
handle @gitea {
reverse_proxy gitea:3000 # uses the container name for DNS discovery.
}
} }