Compare commits
16 commits
Author | SHA1 | Date | |
---|---|---|---|
jreichmann | 85bca47cba | ||
6de73756d6 | |||
21b38bada3 | |||
0fb9fc8c60 | |||
484ee2c740 | |||
7431af5d95 | |||
36fcd5172d | |||
e3b5864f34 | |||
a441803975 | |||
1e23a2a6df | |||
6cd8a76803 | |||
2dcb90d1b5 | |||
0830895f9c | |||
d4d2f19b18 | |||
84a0a03ac6 | |||
ecb6aa83a5 |
32
.drone.yml
Normal file
32
.drone.yml
Normal file
|
@ -0,0 +1,32 @@
|
|||
pipeline:
|
||||
docker:
|
||||
image: plugins/docker
|
||||
repo: docker.jcg.re/caddy
|
||||
build_args:
|
||||
- BRANCH=tags/${CADDY_VERSION}
|
||||
registry: docker.jcg.re
|
||||
secrets: [ docker_username, docker_password ]
|
||||
tags: ${CADDY_VERSION}
|
||||
docker:
|
||||
image: plugins/docker
|
||||
repo: docker.jcg.re/caddy
|
||||
registry: docker.jcg.re
|
||||
secrets: [docker_username, docker_password ]
|
||||
tags: latest
|
||||
when:
|
||||
matrix:
|
||||
CADDY_VERSION: v0.11.0
|
||||
|
||||
|
||||
matrix:
|
||||
CADDY_VERSION:
|
||||
- v0.11.0
|
||||
- v0.10.14
|
||||
- v0.10.12
|
||||
- v0.10.11
|
||||
- v0.10.10
|
||||
- v0.10.9
|
||||
- v0.10.8
|
||||
- v0.10.7
|
||||
- v0.10.6
|
||||
- v0.10.5
|
51
Dockerfile
Executable file → Normal file
51
Dockerfile
Executable file → Normal file
|
@ -1,39 +1,12 @@
|
|||
FROM jcgruenhage/baseimage-alpine
|
||||
MAINTAINER Jan Christian Grünhage <jan.christian@gruenhage.xyz>
|
||||
|
||||
ENV GOPATH=/gopath \
|
||||
CADDY_REPO_OWNER=mholt \
|
||||
CADDY_REPO_NAME=caddy \
|
||||
CADDY_BRANCH=tags/v0.10.4 \
|
||||
CADDYPATH=/caddy \
|
||||
UID=192 \
|
||||
GID=192
|
||||
|
||||
ADD plugins.txt /plugins
|
||||
|
||||
RUN apk upgrade --update \
|
||||
&& apk add build-base su-exec libcap go git \
|
||||
&& mkdir -p $GOPATH/src/github.com/$CADDY_REPO_OWNER \
|
||||
&& cd $GOPATH/src/github.com/$CADDY_REPO_OWNER \
|
||||
&& git clone https://github.com/$CADDY_REPO_OWNER/$CADDY_REPO_NAME \
|
||||
&& cd $CADDY_REPO_NAME \
|
||||
&& git checkout $CADDY_BRANCH \
|
||||
&& cd caddy/caddymain \
|
||||
&& export line="$(grep -n "// This is where other plugins get plugged in (imported)" < run.go | sed 's/^\([0-9]\+\):.*$/\1/')" \
|
||||
&& head -n ${line} run.go > newrun.go \
|
||||
&& cat /plugins >> newrun.go \
|
||||
&& line=`expr $line + 1` \
|
||||
&& tail -n +${line} run.go >> newrun.go \
|
||||
&& rm -f run.go \
|
||||
&& mv newrun.go run.go \
|
||||
&& go get github.com/$CADDY_REPO_OWNER/$CADDY_REPO_NAME/... \
|
||||
&& mv $GOPATH/bin/caddy /usr/bin \
|
||||
&& setcap cap_net_bind_service=+ep /usr/bin/caddy \
|
||||
&& apk del --purge build-base go \
|
||||
&& mkdir $CADDYPATH \
|
||||
&& rm -rf $GOPATH /var/cache/apk/* /plugins
|
||||
|
||||
ADD root /
|
||||
|
||||
EXPOSE 2015 80 443
|
||||
VOLUME ["$CADDYPATH"]
|
||||
FROM docker.io/matrixdotorg/base-caddy
|
||||
ENV UID=1337 \
|
||||
GID=1337
|
||||
RUN apk add --no-cache \
|
||||
su-exec \
|
||||
s6 \
|
||||
ca-certificates \
|
||||
bash
|
||||
ADD root /
|
||||
EXPOSE 2015 80 443
|
||||
VOLUME ["/etc/caddy", "/var/www"]
|
||||
CMD ["/bin/s6-svscan", "/etc/s6.d/"]
|
||||
|
|
81
README.md
Normal file
81
README.md
Normal file
|
@ -0,0 +1,81 @@
|
|||
## docker.jcg.re/caddy
|
||||
[![Build Status](https://drone.jcg.re/api/badges/jcgruenhage/docker-caddy/status.svg)](https://drone.jcg.re/jcgruenhage/docker-caddy)
|
||||
#### Tags:
|
||||
- **latest**: latest stable version (currently 0.10.10)
|
||||
- **v0.10.10**: v0.10.10 of caddy
|
||||
- **v0.10.9**: v0.10.9 of caddy
|
||||
- **v0.10.8**: v0.10.8 of caddy
|
||||
- **v0.10.7**: v0.10.7 of caddy
|
||||
- **v0.10.6**: v0.10.6 of caddy
|
||||
- **v0.10.5**: v0.10.5 of caddy
|
||||
- **v0.10.4**: v0.10.4 of caddy
|
||||
|
||||
#### Build-time variables
|
||||
- **CLONE_URL**: From where to clone caddy (default: https://github.com/mholt/caddy.git)
|
||||
- **BRANCH**: Which branch to use. (default: `latest stable tag)
|
||||
|
||||
#### Environment variables
|
||||
- **UID**: user id (default: 192)
|
||||
- **GID**: group id (default: 192)
|
||||
- **DOMAIN**: the domain that should be served (required for automatic tls)
|
||||
- **EMAIL**: the email address to use for let's encrypt (required for automatic tls)
|
||||
- **USE_QUIC**: set this to anything to enable experimental quic support (default: off)
|
||||
- **LE_STAGING**: use staging let's encrypt endpoint (default: off -> production)
|
||||
|
||||
#### Volumes
|
||||
- **/etc/caddy/Caddyfile**: webserver configuration (optional)
|
||||
- **/var/www/**: content to serve
|
||||
- **/caddy**: caddy will store it's certificates here (recommended if tls is active)
|
||||
|
||||
#### Ports
|
||||
- 80
|
||||
- 443
|
||||
|
||||
#### Basic docker-compose.yml example
|
||||
Insecure example serving the contents of `./website`on port 80:
|
||||
```yaml
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
caddy:
|
||||
image: docker.jcg.re/caddy
|
||||
container_name: caddy
|
||||
ports:
|
||||
- 80:80
|
||||
volumes:
|
||||
- ./website:/var/www/
|
||||
```
|
||||
|
||||
Secure example serving the contents of `./website`on https://example.com/ with an automatic redirect to https:
|
||||
```yaml
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
caddy:
|
||||
image: docker.jcg.re/caddy
|
||||
container_name: caddy
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
volumes:
|
||||
- ./website:/var/www/
|
||||
environment:
|
||||
- DOMAIN=example.com
|
||||
- EMAIL=you@example.com
|
||||
```
|
||||
|
||||
Custom example doing whatever-the-fuck-you-want (take a look at https://caddyserver.com/docs):
|
||||
```yaml
|
||||
version: '2'
|
||||
|
||||
services:
|
||||
caddy:
|
||||
image: docker.jcg.re/caddy
|
||||
container_name: caddy
|
||||
ports:
|
||||
- 80:80
|
||||
- 443:443
|
||||
volumes:
|
||||
- ./website:/var/www
|
||||
- ./Caddyfile:/etc/Caddyfile
|
||||
```
|
|
@ -1 +1,4 @@
|
|||
_ "github.com/abiosoft/caddy-git"
|
||||
_ "github.com/caddyserver/forwardproxy"
|
||||
_ "github.com/zikes/gopkg"
|
||||
_ "github.com/miekg/caddy-prometheus"
|
||||
|
|
3
root/etc/Caddyfile.insecure.template
Normal file
3
root/etc/Caddyfile.insecure.template
Normal file
|
@ -0,0 +1,3 @@
|
|||
:80 {
|
||||
root /var/www
|
||||
}
|
4
root/etc/Caddyfile.secure.template
Normal file
4
root/etc/Caddyfile.secure.template
Normal file
|
@ -0,0 +1,4 @@
|
|||
DOMAIN {
|
||||
root /var/www
|
||||
tls EMAIL
|
||||
}
|
1
root/etc/s6.d/.s6-svscan/finish
Executable file
1
root/etc/s6.d/.s6-svscan/finish
Executable file
|
@ -0,0 +1 @@
|
|||
#!/bin/sh
|
|
@ -1,3 +1,23 @@
|
|||
#!/bin/sh
|
||||
chown -R ${UID}:${GID} /caddy
|
||||
exec su-exec ${UID}:${GID} /usr/bin/caddy -quic --conf /caddy/Caddyfile
|
||||
#!/bin/bash
|
||||
if [[ -z ${CADDYPATH} ]]; then
|
||||
export CADDYPATH=/etc/caddy
|
||||
fi
|
||||
P="--conf ${CADDYPATH}/Caddyfile"
|
||||
if [[ -n ${USE_QUIC} ]]; then
|
||||
P="-quic $P"
|
||||
fi
|
||||
if [[ -n ${LE_STAGING} ]]; then
|
||||
P="-ca acme-staging.api.letsencrypt.org/directory $P"
|
||||
fi
|
||||
chown -R ${UID}:${GID} /var/www
|
||||
chown -R ${UID}:${GID} ${CADDYPATH}
|
||||
if [[ ! -f ${CADDYPATH}/Caddyfile ]]; then
|
||||
if [[ -z "$DOMAIN" || -z "$EMAIL" ]]; then
|
||||
cp /etc/Caddyfile.insecure.template ${CADDYPATH}/Caddyfile
|
||||
else
|
||||
cp /etc/Caddyfile.secure.template ${CADDYPATH}/Caddyfile
|
||||
sed -i -e "s/DOMAIN/${DOMAIN}/" -e "s/EMAIL/${EMAIL}/" ${CADDYPATH}/Caddyfile
|
||||
fi
|
||||
fi
|
||||
cd ${CADDYPATH}
|
||||
su-exec ${UID}:${GID} /usr/bin/caddy $P
|
||||
|
|
Loading…
Reference in a new issue