Compare commits
16 commits
Author | SHA1 | Date | |
---|---|---|---|
jreichmann | 85bca47cba | ||
6de73756d6 | |||
21b38bada3 | |||
0fb9fc8c60 | |||
484ee2c740 | |||
7431af5d95 | |||
36fcd5172d | |||
e3b5864f34 | |||
a441803975 | |||
1e23a2a6df | |||
6cd8a76803 | |||
2dcb90d1b5 | |||
0830895f9c | |||
d4d2f19b18 | |||
84a0a03ac6 | |||
ecb6aa83a5 |
32
.drone.yml
Normal file
32
.drone.yml
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
pipeline:
|
||||||
|
docker:
|
||||||
|
image: plugins/docker
|
||||||
|
repo: docker.jcg.re/caddy
|
||||||
|
build_args:
|
||||||
|
- BRANCH=tags/${CADDY_VERSION}
|
||||||
|
registry: docker.jcg.re
|
||||||
|
secrets: [ docker_username, docker_password ]
|
||||||
|
tags: ${CADDY_VERSION}
|
||||||
|
docker:
|
||||||
|
image: plugins/docker
|
||||||
|
repo: docker.jcg.re/caddy
|
||||||
|
registry: docker.jcg.re
|
||||||
|
secrets: [docker_username, docker_password ]
|
||||||
|
tags: latest
|
||||||
|
when:
|
||||||
|
matrix:
|
||||||
|
CADDY_VERSION: v0.11.0
|
||||||
|
|
||||||
|
|
||||||
|
matrix:
|
||||||
|
CADDY_VERSION:
|
||||||
|
- v0.11.0
|
||||||
|
- v0.10.14
|
||||||
|
- v0.10.12
|
||||||
|
- v0.10.11
|
||||||
|
- v0.10.10
|
||||||
|
- v0.10.9
|
||||||
|
- v0.10.8
|
||||||
|
- v0.10.7
|
||||||
|
- v0.10.6
|
||||||
|
- v0.10.5
|
51
Dockerfile
Executable file → Normal file
51
Dockerfile
Executable file → Normal file
|
@ -1,39 +1,12 @@
|
||||||
FROM jcgruenhage/baseimage-alpine
|
FROM docker.io/matrixdotorg/base-caddy
|
||||||
MAINTAINER Jan Christian Grünhage <jan.christian@gruenhage.xyz>
|
ENV UID=1337 \
|
||||||
|
GID=1337
|
||||||
ENV GOPATH=/gopath \
|
RUN apk add --no-cache \
|
||||||
CADDY_REPO_OWNER=mholt \
|
su-exec \
|
||||||
CADDY_REPO_NAME=caddy \
|
s6 \
|
||||||
CADDY_BRANCH=tags/v0.10.4 \
|
ca-certificates \
|
||||||
CADDYPATH=/caddy \
|
bash
|
||||||
UID=192 \
|
ADD root /
|
||||||
GID=192
|
EXPOSE 2015 80 443
|
||||||
|
VOLUME ["/etc/caddy", "/var/www"]
|
||||||
ADD plugins.txt /plugins
|
CMD ["/bin/s6-svscan", "/etc/s6.d/"]
|
||||||
|
|
||||||
RUN apk upgrade --update \
|
|
||||||
&& apk add build-base su-exec libcap go git \
|
|
||||||
&& mkdir -p $GOPATH/src/github.com/$CADDY_REPO_OWNER \
|
|
||||||
&& cd $GOPATH/src/github.com/$CADDY_REPO_OWNER \
|
|
||||||
&& git clone https://github.com/$CADDY_REPO_OWNER/$CADDY_REPO_NAME \
|
|
||||||
&& cd $CADDY_REPO_NAME \
|
|
||||||
&& git checkout $CADDY_BRANCH \
|
|
||||||
&& cd caddy/caddymain \
|
|
||||||
&& export line="$(grep -n "// This is where other plugins get plugged in (imported)" < run.go | sed 's/^\([0-9]\+\):.*$/\1/')" \
|
|
||||||
&& head -n ${line} run.go > newrun.go \
|
|
||||||
&& cat /plugins >> newrun.go \
|
|
||||||
&& line=`expr $line + 1` \
|
|
||||||
&& tail -n +${line} run.go >> newrun.go \
|
|
||||||
&& rm -f run.go \
|
|
||||||
&& mv newrun.go run.go \
|
|
||||||
&& go get github.com/$CADDY_REPO_OWNER/$CADDY_REPO_NAME/... \
|
|
||||||
&& mv $GOPATH/bin/caddy /usr/bin \
|
|
||||||
&& setcap cap_net_bind_service=+ep /usr/bin/caddy \
|
|
||||||
&& apk del --purge build-base go \
|
|
||||||
&& mkdir $CADDYPATH \
|
|
||||||
&& rm -rf $GOPATH /var/cache/apk/* /plugins
|
|
||||||
|
|
||||||
ADD root /
|
|
||||||
|
|
||||||
EXPOSE 2015 80 443
|
|
||||||
VOLUME ["$CADDYPATH"]
|
|
||||||
|
|
81
README.md
Normal file
81
README.md
Normal file
|
@ -0,0 +1,81 @@
|
||||||
|
## docker.jcg.re/caddy
|
||||||
|
[![Build Status](https://drone.jcg.re/api/badges/jcgruenhage/docker-caddy/status.svg)](https://drone.jcg.re/jcgruenhage/docker-caddy)
|
||||||
|
#### Tags:
|
||||||
|
- **latest**: latest stable version (currently 0.10.10)
|
||||||
|
- **v0.10.10**: v0.10.10 of caddy
|
||||||
|
- **v0.10.9**: v0.10.9 of caddy
|
||||||
|
- **v0.10.8**: v0.10.8 of caddy
|
||||||
|
- **v0.10.7**: v0.10.7 of caddy
|
||||||
|
- **v0.10.6**: v0.10.6 of caddy
|
||||||
|
- **v0.10.5**: v0.10.5 of caddy
|
||||||
|
- **v0.10.4**: v0.10.4 of caddy
|
||||||
|
|
||||||
|
#### Build-time variables
|
||||||
|
- **CLONE_URL**: From where to clone caddy (default: https://github.com/mholt/caddy.git)
|
||||||
|
- **BRANCH**: Which branch to use. (default: `latest stable tag)
|
||||||
|
|
||||||
|
#### Environment variables
|
||||||
|
- **UID**: user id (default: 192)
|
||||||
|
- **GID**: group id (default: 192)
|
||||||
|
- **DOMAIN**: the domain that should be served (required for automatic tls)
|
||||||
|
- **EMAIL**: the email address to use for let's encrypt (required for automatic tls)
|
||||||
|
- **USE_QUIC**: set this to anything to enable experimental quic support (default: off)
|
||||||
|
- **LE_STAGING**: use staging let's encrypt endpoint (default: off -> production)
|
||||||
|
|
||||||
|
#### Volumes
|
||||||
|
- **/etc/caddy/Caddyfile**: webserver configuration (optional)
|
||||||
|
- **/var/www/**: content to serve
|
||||||
|
- **/caddy**: caddy will store it's certificates here (recommended if tls is active)
|
||||||
|
|
||||||
|
#### Ports
|
||||||
|
- 80
|
||||||
|
- 443
|
||||||
|
|
||||||
|
#### Basic docker-compose.yml example
|
||||||
|
Insecure example serving the contents of `./website`on port 80:
|
||||||
|
```yaml
|
||||||
|
version: '2'
|
||||||
|
|
||||||
|
services:
|
||||||
|
caddy:
|
||||||
|
image: docker.jcg.re/caddy
|
||||||
|
container_name: caddy
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
volumes:
|
||||||
|
- ./website:/var/www/
|
||||||
|
```
|
||||||
|
|
||||||
|
Secure example serving the contents of `./website`on https://example.com/ with an automatic redirect to https:
|
||||||
|
```yaml
|
||||||
|
version: '2'
|
||||||
|
|
||||||
|
services:
|
||||||
|
caddy:
|
||||||
|
image: docker.jcg.re/caddy
|
||||||
|
container_name: caddy
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
volumes:
|
||||||
|
- ./website:/var/www/
|
||||||
|
environment:
|
||||||
|
- DOMAIN=example.com
|
||||||
|
- EMAIL=you@example.com
|
||||||
|
```
|
||||||
|
|
||||||
|
Custom example doing whatever-the-fuck-you-want (take a look at https://caddyserver.com/docs):
|
||||||
|
```yaml
|
||||||
|
version: '2'
|
||||||
|
|
||||||
|
services:
|
||||||
|
caddy:
|
||||||
|
image: docker.jcg.re/caddy
|
||||||
|
container_name: caddy
|
||||||
|
ports:
|
||||||
|
- 80:80
|
||||||
|
- 443:443
|
||||||
|
volumes:
|
||||||
|
- ./website:/var/www
|
||||||
|
- ./Caddyfile:/etc/Caddyfile
|
||||||
|
```
|
|
@ -1 +1,4 @@
|
||||||
_ "github.com/abiosoft/caddy-git"
|
_ "github.com/abiosoft/caddy-git"
|
||||||
|
_ "github.com/caddyserver/forwardproxy"
|
||||||
|
_ "github.com/zikes/gopkg"
|
||||||
|
_ "github.com/miekg/caddy-prometheus"
|
||||||
|
|
3
root/etc/Caddyfile.insecure.template
Normal file
3
root/etc/Caddyfile.insecure.template
Normal file
|
@ -0,0 +1,3 @@
|
||||||
|
:80 {
|
||||||
|
root /var/www
|
||||||
|
}
|
4
root/etc/Caddyfile.secure.template
Normal file
4
root/etc/Caddyfile.secure.template
Normal file
|
@ -0,0 +1,4 @@
|
||||||
|
DOMAIN {
|
||||||
|
root /var/www
|
||||||
|
tls EMAIL
|
||||||
|
}
|
1
root/etc/s6.d/.s6-svscan/finish
Executable file
1
root/etc/s6.d/.s6-svscan/finish
Executable file
|
@ -0,0 +1 @@
|
||||||
|
#!/bin/sh
|
|
@ -1,3 +1,23 @@
|
||||||
#!/bin/sh
|
#!/bin/bash
|
||||||
chown -R ${UID}:${GID} /caddy
|
if [[ -z ${CADDYPATH} ]]; then
|
||||||
exec su-exec ${UID}:${GID} /usr/bin/caddy -quic --conf /caddy/Caddyfile
|
export CADDYPATH=/etc/caddy
|
||||||
|
fi
|
||||||
|
P="--conf ${CADDYPATH}/Caddyfile"
|
||||||
|
if [[ -n ${USE_QUIC} ]]; then
|
||||||
|
P="-quic $P"
|
||||||
|
fi
|
||||||
|
if [[ -n ${LE_STAGING} ]]; then
|
||||||
|
P="-ca acme-staging.api.letsencrypt.org/directory $P"
|
||||||
|
fi
|
||||||
|
chown -R ${UID}:${GID} /var/www
|
||||||
|
chown -R ${UID}:${GID} ${CADDYPATH}
|
||||||
|
if [[ ! -f ${CADDYPATH}/Caddyfile ]]; then
|
||||||
|
if [[ -z "$DOMAIN" || -z "$EMAIL" ]]; then
|
||||||
|
cp /etc/Caddyfile.insecure.template ${CADDYPATH}/Caddyfile
|
||||||
|
else
|
||||||
|
cp /etc/Caddyfile.secure.template ${CADDYPATH}/Caddyfile
|
||||||
|
sed -i -e "s/DOMAIN/${DOMAIN}/" -e "s/EMAIL/${EMAIL}/" ${CADDYPATH}/Caddyfile
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
cd ${CADDYPATH}
|
||||||
|
su-exec ${UID}:${GID} /usr/bin/caddy $P
|
||||||
|
|
Loading…
Reference in a new issue