reverie89/caddy

By reverie89

Updated 3 days ago

Caddy v2 with Cloudflare

Image
Web Servers
3

100K+

Tags

  • 2, latest
  • 2-security
  • 1, 1.0.3 (NOT MAINTAINED)

Overview for Caddy v2

Based on official image, then added: caddy-dns/cloudflare module

Use the -security tag if you need additionally greenpau/security module

Dockerfile

FROM caddy:2-builder AS builder

RUN xcaddy build \
    --with github.com/caddy-dns/cloudflare

FROM caddy:2-alpine

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

Usage

docker-compose.yaml

services:
  caddy:
    image: reverie89/caddy
    container_name: caddy
    restart: always
    environment:
      - CLOUDFLARE_API_TOKEN=xxx
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
    volumes:
      - /etc/timezone:/etc/timezone:ro
      - "/etc/localtime:/etc/localtime:ro"
      - "./Caddyfile:/etc/caddy/Caddyfile"
      - "./config:/config"
      - "./data:/data"
      - "/var/www:/var/www"
Caddyfile:
subdomain.example.com {
  tls {
    dns cloudflare {env.CLOUDFLARE_API_TOKEN}
  }
  reverse_proxy /* endpoint:80
}

example.com {
  tls {
    dns cloudflare {env.CLOUDFLARE_API_TOKEN}
  }
  root * /var/www/example.com
}

Take note

  • Caddy v2 requires Cloudflare API tokennotkey. You will need to generate a token from your Cloudflare account if you don't have one.
  • Remember to mount /config and /data
  • Graceful Caddyfile reload: docker exec -w /etc/caddy {container_name} caddy reload
  • Format and overwrite Caddyfile: docker exec -w /etc/caddy {container_name} caddy fmt --overwrite

Below info for v1. I am not maintaining it anymore

Overview

I noticed that the abiosoft/caddy has included cloudflare plugin into the base image now (last checked: v1.0.3).

The original intention (2019/06/05) of this docker image was to

  1. Based on v0.11.5, use custom plugins: reauth, cloudflare
  2. Disable telemetry

Since the base image now has cloudflare, this image now does the following custom:

  1. Based on abiosoft/caddy's v1.0.3, add custom plugin: reauth
  2. Disable telemetry

Plugins: git, cors, realip, expires, cache, cloudflare, reauth

This image has been updated to use v1.0.3 and now built using the following:

docker build --no-cache --quiet \
  --build-arg version=1.0.3 \
  --build-arg enable_telemetry=false \
  --build-arg plugins=git,cors,realip,expires,cache,cloudflare,reauth \
  github.com/abiosoft/caddy-docker.git

To enable telemetry, remove this line:

  --build-arg enable_telemetry=false

List of plugins based on build output

Other plugins:
  http.basicauth
  http.bind
  http.browse
  http.cache
  http.cors
  http.errors
  http.expires
  http.expvar
  http.ext
  http.fastcgi
  http.git
  http.gzip
  http.header
  http.index
  http.internal
  http.limits
  http.log
  http.markdown
  http.mime
  http.pprof
  http.proxy
  http.push
  http.realip
  http.reauth
  http.redir
  http.request_id
  http.rewrite
  http.root
  http.secrets
  http.status
  http.templates
  http.timeouts
  http.websocket
  on
  tls
  tls.cluster.file
  tls.dns.cloudflare

Usage

Method 1: Based on this Docker image

docker-compose.yaml

version: '3'

services:
  caddy:
    image: reverie89/caddy:1
    container_name: caddy
    restart: unless-stopped
    environment:
      - ACME_AGREE=true
      - CLOUDFLARE_EMAIL=xxx
      - CLOUDFLARE_API_KEY=xxx
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/home/caddy/www:/var/www"
      - "/home/caddy/Caddyfile:/etc/Caddyfile"
      - "/home/caddy/.caddy:/root/.caddy"
Method 2: Based on abiosoft/caddy image

docker-compose.yaml

version: '3'

services:
  caddy:
    build:
      context: github.com/abiosoft/caddy-docker.git
      args:
        - version=1.0.3
        - enable_telemetry=false
        - plugins=git,cors,realip,expires,cache,cloudflare,reauth
    container_name: caddy
    restart: unless-stopped
    environment:
      - ACME_AGREE=true
      - CLOUDFLARE_EMAIL=xxx
      - CLOUDFLARE_API_KEY=xxx
    ports:
      - "80:80/tcp"
      - "443:443/tcp"
    volumes:
      - "/etc/localtime:/etc/localtime:ro"
      - "/home/caddy/www:/var/www"
      - "/home/caddy/Caddyfile:/etc/Caddyfile"
      - "/home/caddy/.caddy:/root/.caddy"

Note: To rebuild this image you must use docker-compose build or docker-compose up --build.

Caddyfile:
example.com {
  tls {
    dns cloudflare
  }
  root /home/caddy/www
}

Docker Pull Command

docker pull reverie89/caddy