I’m looking into setting up https for my local services. Everything is currently set up using the official caddy docker image.

I want to use now connect caddy to cloudflare to resolve the DNS 01. It looks like this is possible with a drop in replacement for caddy from either https://github.com/CaddyBuilds/caddy-cloudflare or https://github.com/serfriz/caddy-custom-builds

Is anyone here using these builds? Are they reliable? Is there an alternative I havent considered?

  • ryper@lemmy.caEnglish
    7·
    3 days ago

    You could just build it yourself, there’s not much to it.

    Dockerfile:

    ARG VERSION=2

FROM caddy:${VERSION}-builder AS builder

RUN xcaddy build \
    --with github.com/caddy-dns/cloudflare

FROM caddy:${VERSION}

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

    My Dockerfile is under dockerfile-dns and then in docker-compose.yaml instead of pointing to an image I have:

    services:
  caddy:
    build: ./dockerfile-dns

    I’m not 100% sure of the right way to update it, but I think I usually use something like docker compose build --pull --no-cache.

    • AzuraTheSpellkissed@lemmy.blahaj.zoneEnglish
      2·
      3 days ago

      I’m not entirely sure, but I think you can skip the “–no-cache” as it seems to still check for image updates. It helps to speed things up, especially if you check for updates more frequently.

    • anytimesoon@piefed.socialOPEnglish
      2·
      3 days ago

      This is basically the dockerfile these projects provide, so I guess I could do this myself. How do you keep the caddy container up to date? I have tugtainer (something like watchtower) update caddy automatically, but I guess this set up would break that

      • ryper@lemmy.caEnglish
        4·
        3 days ago

        I can’t help you with automation. I update my containers manually, whenever I think to do it. Nothing is accessible outside my network so I’m not worried about staying on top of security updates.

      • irmadlad@lemmy.worldEnglish
        2·
        3 days ago

        I have tugtainer (something like watchtower) update caddy automatically, but I guess this set up would break that

        Does tugtainer (always makes me giggle) have to ability to label containers for exclusion like watchtower does?

          • irmadlad@lemmy.worldEnglish
            2·
            2 days ago

            Well, what I was thinking/spitballing is that you could label your Caddy container, do updates on everything else. That leaves Caddy to administer when you can devote 15/20 minutes to rebuilding the Caddy container by itself. Not the most graceful, automated solution, but…

    • hellmo_luciferrari@lemmy.zipEnglish
      2·
      3 days ago

      I have a Dockerifle like that:

      ARG CADDY_VERSION=2.11.3
FROM caddy:${CADDY_VERSION}-builder-alpine AS builder

RUN xcaddy build \
    --with github.com/caddy-dns/cloudflare

FROM caddy:${CADDY_VERSION}-alpine

COPY --from=builder /usr/bin/caddy /usr/bin/caddy

      and the docker-compose.yml file I use:

      services:
  caddy:
    pull_policy: build
    build:
      context: .

      And to build new versions I modify the Dockerfile after doing a docker compose down, and then to build the new version I use docker compose up.