mirror of https://github.com/qdm12/caddy-scratch.git synced 2022-03-12 19:25:15 +03:00

Files

Quentin McGaw 0d507d5afb Fix Caddy v2 image

- Using default Caddyfile instead of flags
- Using single caddydir volume (for osx+windows)
- Image based on Alpine as caddy not built statically
- Fixed Caddy docker tags documentation

2020-05-22 11:09:00 -04:00

5.0 KiB

Raw Blame History

Caddy Scratch Docker

Caddy server 2.0.0 / 1.0.5 without root, without OS and with optional Caddy plugins

Features

Scratch based, so less attack surface and tiny
Runs without root
Plugins can easily be added by building the Docker image with a build argument
Compatible with amd64, 386 and arm64 CPU architectures
Docker image tags and sizes
- qmcgaw:caddy-scratch / 41.1MB / Based on Caddy v2.0.0 and Alpine 3.11
- ~~qmcgaw:caddy-scratch:v2.0.0~~ / ? / Based on Caddy v2.0.0 - - - waiting for this issue
- qmcgaw:caddy-scratch:v2.0.0-alpine / 41.1MB / Based on Caddy v2.0.0 and Alpine 3.11 (until this issue gets resolved)
- qmcgaw:caddy-scratch:v1.0.5 / 17.2MB / Based on Caddy v1.0.5 / Documentation
- qmcgaw:caddy-scratch:v1.0.4 / 17.3MB / Based on Caddy v1.0.4 / Documentation

Setup

Launch the container

docker run -d -e TZ=America/Montreal \
-p 80:8080/tcp -p 443:8443/tcp -p 2015:2015/tcp \
qmcgaw/caddy-scratch

or use docker-compose.yml with:

docker-compose up -d

Bind mount

The data is persistent in a Docker anonymous volume by default. If you want to bind mount the data:

Create the directory structure: mkdir -p /yourpath/caddydir/data
Either touch /yourpath/caddydir/Caddyfile or place your Caddyfile there
Set the right ownership and permissions for the container
```
chown -R 1000 /yourpath/caddydir
chmod -R 700 /yourpath/caddydir
```
Alternatively, you can run the container with --user="1001" for example, or as root with --user="root" (unadvised).
Run the Docker command with -v /yourpath/caddydir:/caddydir

Plugins

Note that many Caddy plugins do not work yet on Caddy 2

If you want to have for example the github.com/caddyserver/ntlm-transport plugin, build the image with

docker build -t qmcgaw/caddy \
    --build-arg PLUGINS=github.com/caddyserver/ntlm-transport \
    https://github.com/qdm12/caddy-scratch.git

Re-enable telemetry

Telemetry is disabled by default. You can enable it by building the image with:

docker build -t qmcgaw/caddy --build-arg TELEMETRY=true https://github.com/qdm12/caddy-scratch.git

Little tricks

Assuming your container is called caddy, you can hot reload the Caddyfile with
```
docker kill --signal=USR1 caddy
```

TODOs

Use lists of IPs to block with ipfilter with import blockIps
Healthcheck for Caddy
Intelligent IP blocking

License

This repository is under an MIT license

Thanks

To the Caddy developers and mholt especially
To the Caddy plugins developers
To abiosoft for helping me out building this Docker image

5.0 KiB Raw Blame History