Caddy v2 with Docker
Caddy is an open-source web server written in Go. It’s fast, secure, and multiplatform, supporting Linux, Windows, macOS, FreeBSD, DragonflyBSD, and OpenBSD when writing this. Caddy will automatically obtain certificates from Let’s Encrypt to provide HTTPS for all your websites.
The version of Caddy used in this guide includes several modules, such as Caddy-Docker-Proxy, that allow excellent integration with Docker by using labels similar to Traefik.
There are two methods for setup offered in this guide: the first is Quickstart
using docker-prompt with my infrastructure git repository, and the second is that you’ll create all the configurations manually. The second method is better for learning.
If you want to use Cloudflare DNS, you’ll need the email of your Cloudflare account and an API token with permission to edit DNS zones. To get an API token, navigate to dash.cloudflare.com/profile/api-tokens and click Create Token
. Under API token templates
, you can click on Use Template
next to Edit zone DNS
. Under Zone Resources
, select a specific zone you want the API token for or set All zones
, then click Continue to summary. Click the Create token
button and copy the API token for later use.
1# Clone the git repository
2git clone https://gitlab.com/tek.place/infrastructure.git
3
4# Navigate to the Caddy docker-compose files
5cd ~/infrastructure/docker/caddy
6
7# Setup the environment with docker-prompt
8docker-prompt env.json
9
10# Create networks
11./scripts/mknet
12
13# Increase UDP packet limit, which will take effect on the next reboot
14./scripts/incudp
15
16# Create directories to store data
17./scripts/mkvol
18
19# Start up caddy
20./scripts/up
You’ll first want to create a network to which all containers you wish to publish will connect.
1docker network create --attachable --gateway=172.21.0.1 --subnet=172.21.0.0/16 proxy
Create a network if you want to run Netcloud-AIO and still need to set it up.
1docker network create --attachable --gateway=172.18.0.1 --subnet=172.18.0.0/24 nextcloud-aio
Next, we’ll increase the UDP packet limit to avoid errors in Caddy’s logs. Note this will take effect after rebooting.
1cat <<EOF | sudo dd status=none of="/etc/sysctl.d/99-upd-recv-buf-size.conf"
2net.core.rmem_max=2500000
3EOF
Create a place for your configuration, docker-compose file, and volumes, then navigate there.
1mkdir -p ~/infrastructure/docker/caddy
2cd ~/infrastructure/docker/caddy
Create a directory to back the Caddy data volume; in this case, we’ll store it in the ~/infrastructure/docker/caddy
directory for simplicity.
1mkdir data
Create the environment for Caddy, a file named .env containing all the environment variables. Be sure to replace YOUR_CLOUDFLARE_API_KEY_HERE
and name@example.com
with your correct information.
1# filename: .env
2
3# Volume used for storing data
4CADDY_DATA_VOL_DIR=${PWD}/data
5
6# The network name used for Caddy ingress
7# These are the networks Caddy will look at
8CADDY_INGRESS_NETWORKS=proxy,nextcloud-aio
9
10# Cloudflare API key
11CLOUDFLARE_API_KEY=YOUR_CLOUDFLARE_API_KEY_HERE
12
13# Cloudflare Email
14CLOUDFLARE_EMAIL=name@example.com
Create a file called docker-compose.yml
with the following contents.
1# filename: docker-compose.yml
2version: "3.8"
3
4# Access external networks
5networks:
6 proxy:
7 external: true
8 nextcloud-aio:
9 external: true
10
11volumes:
12 data:
13 name: ${PREFIX:-}caddy_data
14 driver: local
15 driver_opts:
16 o: bind
17 type: none
18 device: "${CADDY_DATA_VOL_DIR}"
19
20services:
21 caddy:
22 image: homeall/caddy-reverse-proxy-cloudflare:latest
23 container_name: ${PREFIX:-}caddy
24 restart: unless-stopped
25 env_file: ../.env
26 ports:
27 - 80:80
28 - 443:443
29 volumes:
30 - caddy_data:/data
31 # This is included to allow Caddy to read the labels from containers
32 # connected to the proxy or nextcloud-aio networks
33 - /var/run/docker.sock:/var/run/docker.sock
34 networks:
35 - proxy
36 - nextcloud-aio
37 labels:
38 # Caddy uses the labels section to get the Cloudflare email and API key.
39 caddy.email: "${CLOUDFLARE_EMAIL:-}"
40 caddy.acme_dns: "cloudflare ${CLOUDFLARE_API_KEY:-}"
Now that you have all the files created and the needed information for the environment filled out, the only thing left to do is start the containers; you can do that using the docker-compose
command.
1docker-compose up -d