From 0eac11c6661939726de9358c7821817960220e7c Mon Sep 17 00:00:00 2001 From: henrikvtcodes Date: Fri, 22 Dec 2023 16:18:58 -0500 Subject: [PATCH] caddy SHOULD work --- docker/proxy/.env.example | 7 +++++++ docker/proxy/Caddyfile | 23 +++++++++++++++++++++++ docker/proxy/Dockerfile | 10 ++++++++++ docker/proxy/README.md | 9 +++++++++ docker/proxy/compose.yml | 26 ++++++++++++++++++++++++++ docker/proxy/reload.sh | 3 +++ 6 files changed, 78 insertions(+) create mode 100644 docker/proxy/.env.example create mode 100644 docker/proxy/Caddyfile create mode 100644 docker/proxy/Dockerfile create mode 100644 docker/proxy/README.md create mode 100644 docker/proxy/compose.yml create mode 100644 docker/proxy/reload.sh diff --git a/docker/proxy/.env.example b/docker/proxy/.env.example new file mode 100644 index 0000000..ee3a01f --- /dev/null +++ b/docker/proxy/.env.example @@ -0,0 +1,7 @@ +# Cloudflare +CF_API_TOKEN= + +# Domains +AUTH_DOMAIN=auth.orangeunilabs.com +GIT_DOMAIN=git.orangeunilabs.com +STATUS_PAGE_DOMAIN=status.orangeunilabs.com diff --git a/docker/proxy/Caddyfile b/docker/proxy/Caddyfile new file mode 100644 index 0000000..41ada4c --- /dev/null +++ b/docker/proxy/Caddyfile @@ -0,0 +1,23 @@ +tls { + dns cloudflare {env.CF_API_TOKEN} + resolvers 1.1.1.1 +} + +servers { + metrics +} + +# Uptime Kuma +{env.STATUS_PAGE_DOMAIN} { + reverse_proxy uptime:3001 +} + +# Authentik +{env.AUTH_DOMAIN} { + reverse_proxy auth:9000 +} + +# Git (Forgejo/Gitea - not sure which as of yet) +{env.GIT_DOMAIN} { + reverse_proxy git:3000 +} diff --git a/docker/proxy/Dockerfile b/docker/proxy/Dockerfile new file mode 100644 index 0000000..10b2f61 --- /dev/null +++ b/docker/proxy/Dockerfile @@ -0,0 +1,10 @@ +ARG VERSION=2.7 + +FROM caddy:${VERSION}-builder-alpine AS builder + +RUN xcaddy build \ + --with github.com/caddy-dns/cloudflare + +FROM caddy:${VERSION}-alpine + +COPY --from=builder /usr/bin/caddy /usr/bin/caddy \ No newline at end of file diff --git a/docker/proxy/README.md b/docker/proxy/README.md new file mode 100644 index 0000000..550c3d7 --- /dev/null +++ b/docker/proxy/README.md @@ -0,0 +1,9 @@ +# proxy + +This folder contains the setup for using Caddy with Cloudflare & the ACME DNS01 challenge + +# Environment Variables + +| Variable | Description | +| -------------- | -------------------------------------------------------------------- | +| `CF_API_TOKEN` | Cloudflare API Token with Zone-Zone-Read & Zone-DNS-Edit permissions | diff --git a/docker/proxy/compose.yml b/docker/proxy/compose.yml new file mode 100644 index 0000000..4914b0e --- /dev/null +++ b/docker/proxy/compose.yml @@ -0,0 +1,26 @@ +version: "3.9" + +services: + caddy: + build: ./Dockerfile + container_name: caddy + hostname: caddy + restart: unless-stopped + networks: + - proxynet + ports: + - "80:80" + - "443:443" + - "443:443/udp" + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile:ro + - ./data:/data + - ./config:/config + + env_file: + - .env + +networks: + proxynet: + attachable: true + driver: bridge diff --git a/docker/proxy/reload.sh b/docker/proxy/reload.sh new file mode 100644 index 0000000..66f9528 --- /dev/null +++ b/docker/proxy/reload.sh @@ -0,0 +1,3 @@ +# !/bin/bash +# Reload the caddy container to apply changes without downtime +docker exec -w /etc/caddy caddy caddy reload \ No newline at end of file