Xcaddy

Running multiple applications on one webserver is requiring a web proxy. Here comes Xcaddy into play. Caddy is a powerful, user-friendly web server known for automatic HTTPS and ease of use. It supports features like reverse proxying and static file serving. Combined with xcaddy, you can easily customize Caddy by building custom versions with additional plugins or modules, all through a simplified command-line tool without needing to manually edit code or handle dependencies. This makes both Caddy and xcaddy highly flexible and convenient for developers.
First we build all our required folders and the Caddyfile:
mkdir /opt/caddy/
mkdir /opt/caddy/certs
mkdir /opt/caddy/config
mkdir /opt/caddy/data
mkdir /opt/caddy/sites
touch /opt/caddy/Caddyfile
Now lets create our Dockerfile
FROM caddy:2.8.4-builder AS builder
RUN xcaddy build --with github.com/caddyserver/transform-encoder
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
and build the image:
docker build --rm --no-cache -f Dockerfile -t xcaddy .
In this example i'm providing xcaddy with the transform-encoder addon. This is likely to secure you're webserver later with fail2ban against DOS attacks which just read unstructured logs. ( Caddy by itself just logging in json format ) .
Now you can build your Caddyfile
vim /opt/caddy/Caddyfile
https://youre.domain:443 {
tls /certs/ssl_certificate.cer key.key #optional just with own certification
header Strict-Transport-Security max-age=31536000;
reverse_proxy localhost:8080
}
You don't need the tls section as caddy by itself has an auto-certification with letsencrypt. But this sometimes struggling so I'm preferring using my own certificates. Set you're domain and point to the port where ever you're docker application is running on.
version: "3.8"
services:
caddy:
image: xcaddy:latest
container_name: xcaddy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "2019:2019"
network_mode: host
volumes:
- /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
- /opt/caddy/certs:/certs
- /opt/caddy/config:/config
- /opt/caddy/data:/data
- /opt/caddy/sites:/srv
and than compose it with:
docker-compose up -d
We're done if anything goes wrong just use:
docker logs xcaddy
to see what happened.
If you want to set up you're first application here is my guide to setup nextcloud behind a reverse proxy.