caddy multiservice with caddy embedded on docker

Author: Tom Softreck

caddy-demo/1-caddyfile/Caddyfile

@@ -0,0 +1,20 @@
+{
+    debug
+}
+
+:80 {
+    redir https://{host}{uri} permanent
+}
+
+:443 {
+    tls /etc/caddy/certs/localhost.crt /etc/caddy/certs/localhost.key
+    
+    root * /usr/share/caddy
+    file_server
+    
+    log {
+        output stderr
+        format console
+        level INFO
+    }
+}

caddy-demo/1-caddyfile/Makefile

@@ -0,0 +1,47 @@
+.PHONY: up down restart logs clean certs help
+
+# Default target
+help:
+	@echo "Available commands:"
+	@echo "  make up      - Start all services in detached mode"
+	@echo "  make down    - Stop and remove all containers"
+	@echo "  make logs    - View container logs"
+	@echo "  make restart - Restart all services"
+	@echo "  make certs   - Generate SSL certificates"
+	@echo "  make clean   - Remove containers and volumes"
+
+# Start services
+up:
+	@echo "Starting services..."
+	docker-compose up -d
+
+# Stop and remove containers
+down:
+	@echo "Stopping services..."
+	docker-compose down
+
+# View logs
+logs:
+	docker-compose logs -f
+
+# Restart services
+restart: down up
+
+# Generate SSL certificates
+certs:
+	@if ! command -v mkcert &> /dev/null; then \
+		echo "Error: mkcert is not installed. Please install it first:"; \
+		echo "https://github.com/FiloSottile/mkcert#installation"; \
+		exit 1; \
+	fi
+	@mkdir -p certs
+	@echo "Generating local certificates..."
+	mkcert -install
+	mkcert -cert-file certs/localhost.crt -key-file certs/localhost.key "localhost"
+	@echo "Certificates generated in certs/"
+
+# Clean up
+clean: down
+	@echo "Removing volumes..."
+	@docker volume rm -f 1-caddyfile_caddy_data 1-caddyfile_caddy_config 2>/dev/null || true
+	@echo "Cleanup complete"

caddy-demo/1-caddyfile/README.md

@@ -0,0 +1,69 @@
+# Caddy Static Website Demo
+
+This project demonstrates a simple static website served by Caddy using a Caddyfile for configuration.
+
+## Features
+
+- Static file serving
+- Automatic HTTPS with local certificates
+- HTTP/2 enabled
+- Security headers
+- Gzip compression
+
+## Prerequisites
+
+- Docker and Docker Compose
+- mkcert (for local certificates)
+
+## Quick Start
+
+1. Generate local certificates:
+   ```bash
+   make certs
+   ```
+
+2. Start the services:
+   ```bash
+   make up
+   ```
+
+3. Open in your browser: [https://localhost](https://localhost)
+
+## Available Commands
+
+- `make up` - Start all services in detached mode
+- `make down` - Stop and remove all containers
+- `make logs` - View container logs
+- `make restart` - Restart all services
+- `make certs` - Generate SSL certificates
+- `make clean` - Remove containers and volumes
+
+## Project Structure
+
+```
+.
+├── Caddyfile          # Caddy configuration
+├── docker-compose.yml  # Docker Compose configuration
+├── html/              # Static website files
+│   └── index.html
+├── certs/             # SSL certificates (generated)
+└── Makefile           # Project commands
+```
+
+## Customization
+
+- Edit `html/index.html` to modify the website content
+- Update `Caddyfile` for custom routing or headers
+- Add more static files to the `html/` directory
+
+## Troubleshooting
+
+- **Certificate warnings**: Make sure to install the local CA:
+  ```bash
+  mkcert -install
+  ```
+- **Port conflicts**: Stop other services using ports 80/443 or update `docker-compose.yml`
+
+## License
+
+MIT

caddy-demo/1-caddyfile/docker-compose.yml

@@ -0,0 +1,13 @@
+version: '3.8'
+
+services:
+  caddy:
+    image: caddy:latest
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile
+      - ./html:/usr/share/caddy
+      - ./certs:/etc/caddy/certs
+    restart: unless-stopped

caddy-demo/1-caddyfile/html/index.html

@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Caddyfile Demo</title>
+    <style>
+        body { 
+            font-family: Arial, sans-serif; 
+            text-align: center; 
+            margin: 0;
+            padding: 20px;
+            min-height: 100vh;
+            background: linear-gradient(135deg, #f5f7fa 0%, #c3cfe2 100%);
+        }
+        .container {
+            max-width: 800px;
+            margin: 50px auto;
+            padding: 2rem;
+            background: white;
+            border-radius: 10px;
+            box-shadow: 0 4px 6px rgba(0,0,0,0.1);
+        }
+        h1 { 
+            color: #2c3e50;
+            margin-bottom: 1.5rem;
+        }
+        .btn {
+            display: inline-block;
+            padding: 0.8rem 1.5rem;
+            background: #3498db;
+            color: white;
+            text-decoration: none;
+            border-radius: 5px;
+            margin-top: 1rem;
+            transition: background 0.3s;
+        }
+        .btn:hover {
+            background: #2980b9;
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>Welcome to Caddyfile Demo</h1>
+        <p>This is a static website served by Caddy using a Caddyfile configuration.</p>
+        <p>Features:</p>
+        <ul style="text-align: left; max-width: 300px; margin: 0 auto 1.5rem auto;">
+            <li>Automatic HTTPS</li>
+            <li>HTTP/2 enabled</li>
+            <li>Gzip compression</li>
+            <li>Security headers</li>
+        </ul>
+        <a href="https://caddyserver.com/docs/" class="btn" target="_blank">Caddy Documentation</a>
+    </div>
+</body>
+</html>

caddy-demo/1-caddyfile/setup.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+set -e
+
+# Check if mkcert is installed
+if ! command -v mkcert &> /dev/null; then
+    echo "Error: mkcert is not installed. Please install it first:"
+    echo "https://github.com/FiloSottile/mkcert#installation"
+    exit 1
+fi
+
+# Create certs directory if it doesn't exist
+mkdir -p certs
+
+# Generate certificates
+echo "Generating local certificates..."
+mkcert -install
+mkcert -cert-file certs/localhost.crt -key-file certs/localhost.key "localhost"
+
+echo "Setup complete! You can now start the services with:"
+echo "docker-compose up -d"
+echo ""
+echo "Then open: https://localhost in your browser"

caddy-demo/2-docker-labels/Makefile

@@ -0,0 +1,58 @@
+.PHONY: up down restart logs setup clean help
+
+# Default target
+help:
+	@echo "Available commands:"
+	@echo "  make up     - Start all services in detached mode"
+	@echo "  make down   - Stop and remove all containers"
+	@echo "  make logs   - View container logs"
+	@echo "  make restart - Restart all services"
+	@echo "  make setup  - Initial setup (modifies /etc/hosts)"
+	@echo "  make clean  - Remove containers, networks, and volumes"
+
+# Start services
+up:
+	@echo "Building and starting services..."
+	docker-compose up -d --build
+	@echo "\nServices available at:"
+	@echo "- Web: https://web.demo.local"
+	@echo "- API: https://api.demo.local"
+
+# Stop and remove containers
+down:
+	@echo "Stopping services..."
+	docker-compose down
+
+# View logs
+logs:
+	docker-compose logs -f
+
+# Restart services
+restart: down up
+
+# Initial setup
+setup:
+	@if [ "$(shell id -u)" -ne 0 ]; then \
+		echo "Error: This command requires root privileges. Please run with sudo."; \
+		exit 1; \
+	fi
+	@echo "Adding entries to /etc/hosts..."
+	@if ! grep -q "web.demo.local" /etc/hosts; then \
+		echo "127.0.0.1 web.demo.local api.demo.local" >> /etc/hosts; \
+		echo "Added entries to /etc/hosts"; \
+	else \
+		echo "Entries already exist in /etc/hosts"; \
+	fi
+	@if ! docker network inspect caddy_network >/dev/null 2>&1; then \
+		echo "Creating Docker network..."; \
+		docker network create caddy_network; \
+	fi
+	@echo "\nSetup complete! You can now start the services with:"
+	@echo "  make up"
+
+# Clean up everything
+clean: down
+	@echo "Removing volumes and networks..."
+	@docker volume rm -f 2-docker-labels_caddy_data 2-docker-labels_caddy_config 2>/dev/null || true
+	@docker network rm caddy_network 2>/dev/null || true
+	@echo "Cleanup complete"

caddy-demo/2-docker-labels/README.md

@@ -0,0 +1,93 @@
+# Caddy Docker Proxy Demo
+
+This project demonstrates how to use Docker labels to dynamically configure Caddy as a reverse proxy for multiple services.
+
+## Features
+
+- Automatic service discovery
+- Dynamic reverse proxy configuration
+- Multiple services with automatic HTTPS
+- Global middleware support
+- Health checks
+
+## Prerequisites
+
+- Docker and Docker Compose
+- sudo access (for modifying /etc/hosts)
+
+## Quick Start
+
+1. Run the setup script (requires sudo):
+   ```bash
+   sudo make setup
+   ```
+
+2. Start the services:
+   ```bash
+   make up
+   ```
+
+3. Access the services:
+   - Web: [https://web.demo.local](https://web.demo.local)
+   - API: [https://api.demo.local](https://api.demo.local)
+
+## Available Commands
+
+- `make up` - Start all services in detached mode
+- `make down` - Stop and remove all containers
+- `make logs` - View container logs
+- `make restart` - Restart all services
+- `make setup` - Initial setup (modifies /etc/hosts)
+- `make clean` - Remove containers, networks, and volumes
+
+## Project Structure
+
+```
+.
+├── docker-compose.yml  # Docker Compose configuration
+├── api/                # Python API service
+│   ├── app.py
+│   ├── Dockerfile
+│   └── requirements.txt
+├── web/               # Static web files
+│   └── index.html
+└── Makefile           # Project commands
+```
+
+## Adding New Services
+
+To add a new service, add it to `docker-compose.yml` with the appropriate labels:
+
+```yaml
+services:
+  my-service:
+    image: nginx:alpine
+    labels:
+      - caddy=myservice.demo.local
+      - caddy.reverse_proxy={{upstreams 80}}
+      - caddy.@default  # Apply global middleware
+    networks:
+      - caddy_network
+```
+
+## Troubleshooting
+
+### Certificate Warnings
+For local development, you'll need to accept the self-signed certificate in your browser.
+
+### Hosts File
+If you can't access the services:
+1. Verify the entries in `/etc/hosts`:
+   ```
+   127.0.0.1 web.demo.local api.demo.local
+   ```
+2. Make sure you ran `sudo make setup`
+
+### Port Conflicts
+If ports 80/443 are in use:
+1. Stop other web servers
+2. Or update the port mappings in `docker-compose.yml`
+
+## License
+
+MIT