Skip to content
This repository has been archived by the owner on Mar 28, 2024. It is now read-only.

qdm12/caddy-scratch

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

56 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Caddy Scratch Docker

Caddy server v2.4.1 / v1.0.5 without root, without OS and with optional Caddy plugins

Build status

dockeri.co

Last release Last Docker tag Last release size GitHub last release date Commits since release

Latest size

GitHub last commit GitHub commit activity GitHub closed PRs GitHub issues GitHub closed issues

MIT Visitors count

Features

  • Scratch based, so less attack surface and tiny
  • Runs without root
  • Plugins
Docker tag Caddy version Size Documentation CPU architectures
:latest v2.4.1 37.3MB ➡️ Setup below amd64, 386, arm64, armv7
:v2.4.1 v2.4.1 37.5MB ➡️ Setup below amd64, 386, arm64, armv7
:2.3.0 v2.3.0 37.3MB ➡️ Setup below amd64, 386, arm64, armv7
:v2.2.1 v2.2.1 33.9MB ➡️ Setup below amd64, 386, arm64, armv7
:v2.1.0 v2.1.0 39.2MB ➡️ Wiki link amd64, 386, arm64, armv7
:v2.0.0 v2.0.0 35.4MB ➡️ Wiki link amd64, 386, arm64, armv7
:v1.0.5 v1.0.5 17.2MB ➡️ Wiki link amd64, 386, arm64
:v1.0.4 v1.0.4 17.3MB ➡️ Wiki link amd64, 386, arm64

Size: uncompressed amd64 built Docker image

Setup

✈️ Migrating from v1.0.x? ➡️ Wiki: Migrating

⚠️ The following applies to the :latest tag. For other Docker tags, refer to the Wiki

docker run -d --name caddy -p 80:8080/tcp -p 443:8443/tcp qmcgaw/caddy-scratch

or use docker-compose.yml with:

docker-compose up -d

The data is persistent in a Docker anonymous volume by default.

Caddyfile

By default, this runs using the repository Caddyfile. You could work you way out modifying the Caddy configuration using the Caddy API. Otherwise, if you want to use a Caddyfile, follow these steps.

  1. Create the directory: mkdir caddydir

  2. Create a Caddyfile with the content you would like, in caddydir/Caddyfile. Note that at the top of your Caddyfile, there should be at least the following global block:

    {
        http_port 8080
        https_port 8443
    }
  3. Change the ownership and permission to match the Docker container

    chown -R 1000 caddydir
    chmod -R 700 caddydir

    If you are on Windows, you may skip this step.

    Alternatively, you can run the container with --user="1001" for example, or as root with --user="root" (unadvised).

  4. Assuming your current file path is /yourpath, run the container with:

    docker run -d --name caddy -p 80:8080/tcp -p 443:8443/tcp \
        -v /yourpath/caddydir:/caddydir qmcgaw/caddy-scratch

Log times

If log times are not correct, it's because you need to set your timezone in the TZ environment variable. For example, add -e TZ=America/Montreal to your Docker run command.

Update

Update the docker image with docker pull qmcgaw/caddy-scratch

Caddy API

To access the Caddy API, you need:

  • your Caddyfile to contain admin 0.0.0.0:2019 at the top global block (as is in the default Caddyfile)
  • (eventually) have port 2019 published by adding -p 2019:2019/tcp to your Docker run command

Plugins

You need Git installed.

If you want to have for example the github.com/caddyserver/ntlm-transport plugin, build the image with

docker build -t qmcgaw/caddy \
    --build-arg PLUGINS=github.com/caddyserver/ntlm-transport \
    https://github.com/qdm12/caddy-scratch.git

Extra

  • Assuming your container is called caddy, you can reload the Caddyfile with:

    docker kill --signal=USR1 caddy

TODOs

  • Telemetry off with build argument
  • Use lists of IPs to block with ipfilter with import blockIps
  • Healthcheck for Caddy
  • Intelligent IP blocking

Thanks

  • To the Caddy developers and mholt especially
  • To the Caddy plugins developers
  • To abiosoft for helping me out building this Docker image