From 0490fc656843b8c37d909b62ec7d2e78f6f9897b Mon Sep 17 00:00:00 2001 From: Dan Anglin Date: Tue, 22 Oct 2024 03:00:57 +0100 Subject: [PATCH] feat: replace Traefik with Caddy - Add templates for the Caddy installation. - Replace Traefik with Caddy for both dev and prod. --- config | 2 +- internal/config/config.go | 20 +++++++++ templates/caddy/Caddyfile.gotmpl | 43 ++++++++++++++++++++ templates/caddy/Dockerfile.gotmpl | 9 ++++ templates/compose/docker-compose.yaml.gotmpl | 41 +++++++++++++++++++ 5 files changed, 114 insertions(+), 1 deletion(-) create mode 100644 templates/caddy/Caddyfile.gotmpl create mode 100644 templates/caddy/Dockerfile.gotmpl diff --git a/config b/config index 830827d..4bcd59b 160000 --- a/config +++ b/config @@ -1 +1 @@ -Subproject commit 830827da9e0cd82f93e493074fbbad464c3a1ec4 +Subproject commit 4bcd59b35e78780e43a22c641517697bfc345dc7 diff --git a/internal/config/config.go b/internal/config/config.go index db971a5..b7d63f7 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -16,6 +16,7 @@ type Config struct { RootDomain string `json:"rootDomain"` FlowGID int32 `json:"flowGID"` Docker Docker `json:"docker"` + Caddy Caddy `json:"caddy"` Traefik Traefik `json:"traefik"` Forgejo Forgejo `json:"forgejo"` GoToSocial Gotosocial `json:"gotosocial"` @@ -33,6 +34,25 @@ type DockerNetwork struct { Subnet string `json:"subnet"` } +type Caddy struct { + Version string `json:"version"` + ContainerName string `json:"containerName"` + ContainerIpv4Address string `json:"containerIpv4Address"` + ConfigHostDirectory string `json:"configHostDirectory"` + ConfigContainerDirectory string `json:"configContainerDirectory"` + DataHostDirectory string `json:"dataHostDirectory"` + DataContainerDirectory string `json:"dataContainerDirectory"` + GracePeriod string `json:"gracePeriod"` + TLS CaddyTLS `json:"tls"` +} + +type CaddyTLS struct { + AcmeEmail string `json:"acmeEmail"` + UseCustomCertificates bool `json:"useCustomCertificates"` + HostDirectory string `json:"hostDirectory"` + ContainerDirectory string `json:"containerDirectory"` +} + type Traefik struct { Version string `json:"version"` CheckNewVersion bool `json:"checkNewVersion"` diff --git a/templates/caddy/Caddyfile.gotmpl b/templates/caddy/Caddyfile.gotmpl new file mode 100644 index 0000000..8be3770 --- /dev/null +++ b/templates/caddy/Caddyfile.gotmpl @@ -0,0 +1,43 @@ +{ + admin off + grace_period {{ .Caddy.GracePeriod }} + {{- if .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + local_certs + skip_install_trust + auto_https disable_certs + {{- end -}} + {{ print "" }} + {{- if not .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + email {{ .Caddy.TLS.AcmeEmail }} + {{- end -}} + {{ print "" }} +} + +{{ .RootDomain }} { + {{- if .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + tls {{ .Caddy.TLS.ContainerDirectory}}/caddy.crt {{ .Caddy.TLS.ContainerDirectory }}/caddy.key + {{- end -}} + {{ print "" }} + reverse_proxy {{ .Landing.ContainerIpv4Address }}:{{ .Landing.Port }} +} + +{{ .Forgejo.Subdomain }}.{{ .RootDomain }} { + {{- if .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + tls {{ .Caddy.TLS.ContainerDirectory}}/caddy.crt {{ .Caddy.TLS.ContainerDirectory }}/caddy.key + {{- end -}} + {{ print "" }} + reverse_proxy {{ .Forgejo.ContainerIpv4Address }}:{{ .Forgejo.HttpPort }} +} + +{{ .GoToSocial.Subdomain }}.{{ .RootDomain }} { + {{- if .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + tls {{ .Caddy.TLS.ContainerDirectory}}/caddy.crt {{ .Caddy.TLS.ContainerDirectory }}/caddy.key + {{- end -}} + {{ print "" }} + reverse_proxy {{ .GoToSocial.ContainerIpv4Address }}:{{ .GoToSocial.Port }} +} diff --git a/templates/caddy/Dockerfile.gotmpl b/templates/caddy/Dockerfile.gotmpl new file mode 100644 index 0000000..8b5e860 --- /dev/null +++ b/templates/caddy/Dockerfile.gotmpl @@ -0,0 +1,9 @@ +# syntax=docker/dockerfile:1 +FROM caddy:{{ .Caddy.Version }}-alpine + +RUN --mount=type=bind,source=.,target=/packages \ + mkdir -p {{ .Caddy.DataContainerDirectory }} {{ .Caddy.ConfigContainerDirectory }} {{ if .Caddy.TLS.UseCustomCertificates }}{{ .Caddy.TLS.ContainerDirectory }}{{ end }} \ + && cp /packages/Caddyfile /etc/caddy/Caddyfile + +ENV XDG_CONFIG_HOME {{ .Caddy.ConfigContainerDirectory }} +ENV XDG_DATA_HOME {{ .Caddy.DataContainerDirectory }} diff --git a/templates/compose/docker-compose.yaml.gotmpl b/templates/compose/docker-compose.yaml.gotmpl index b094c9d..c07633a 100644 --- a/templates/compose/docker-compose.yaml.gotmpl +++ b/templates/compose/docker-compose.yaml.gotmpl @@ -20,6 +20,47 @@ networks: - subnet: "{{ .Docker.Network.Subnet }}" services: + # -- Edge flow -- + caddy: + container_name: "{{ .Caddy.ContainerName }}" + image: "localhost/flow/caddy:{{ .Caddy.Version }}" + build: + context: "../caddy" + networks: + flow: + ipv4_address: "{{ .Caddy.ContainerIpv4Address }}" + ports: + - target: 80 + published: 80 + protocol: "tcp" + mode: "host" + - target: 443 + published: 443 + protocol: "tcp" + mode: "host" + - target: 443 + published: 443 + protocol: "udp" + mode: "host" + restart: "always" + volumes: + {{- template "defaultVolumes" }} + # Caddy data volume + - type: "bind" + source: "{{ .Caddy.DataHostDirectory }}" + target: "{{ .Caddy.DataContainerDirectory }}" + # Caddy config volume + - type: "bind" + source: "{{ .Caddy.ConfigHostDirectory }}" + target: "{{ .Caddy.ConfigContainerDirectory }}" + {{- if .Caddy.TLS.UseCustomCertificates -}} + {{ print "" }} + # Caddy TLS volume + - type: "bind" + source: "{{ .Caddy.TLS.HostDirectory }}" + target: "{{ .Caddy.TLS.ContainerDirectory }}" + {{- end -}} + {{ print "" }} # -- Traffic flow -- traefik: container_name: "{{ .Traefik.ContainerName }}"