Https reverse proxy for docker uses tailscale and caddy.
- Open Access Controls - Tailscale.
- Add the following fragments. This tag is tagged to the device being added by the software.
-
{ ... "tagOwners": { "tag:reverse-ts-caddy": [], }, ... }
-
- Open OAuth clients - Tailscale
- Click
Generate OAuth client...
. - Check
Devices - Write
. And add ACL Tag. - Click
Generate Client
. - Memo
Client ID
andClient secret
.
- Write
.env
-
TS_API_CLIENT_ID=xxxxxx TS_API_CLIENT_SECRET=tskey-client-xxxx AUTHKEY_TAG=tag:reverse-ts-caddy TS_HOSTNAME=some-container
-
- Write
docker-compose.yml
referring to the following. - Run
docker compose up
. - Check
-
$ curl https://some-container.your-ts-net-name.ts.net -I HTTP/2 200 accept-ranges: bytes alt-svc: h3=":443"; ma=2592000 content-type: text/html date: Sun, 12 Feb 2023 11:24:01 GMT etag: "6398a011-267" last-modified: Tue, 13 Dec 2022 15:53:53 GMT server: Caddy server: nginx/1.23.3 content-length: 615 $
-