first draft

Author: Tom Softreck

caddy/Caddyfile

@@ -0,0 +1,6 @@
+api.naszed.de {
+    reverse_proxy myapi:8080
+    tls {
+        dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+    }
+}

caddy/README.md

@@ -1,84 +1,204 @@
-```bash
-docker network create web
+# 🚀 Caddy Reverse Proxy with Docker + FastAPI
+
+A lightweight, automated, and production-ready reverse proxy setup using **Caddy** with **Docker**, featuring:
+
+* ✅ Automatic SSL via **Cloudflare DNS**
+* ✅ Dynamic reverse proxy via Docker **labels**
+* ✅ No manual Caddyfile needed
+* ✅ **FastAPI** backend with auto-reload support
+* ✅ Unified control with **Makefile**
+
+---
+
+## 📋 Table of Contents
+
+* [✨ Features](#-features)
+* [📋 Prerequisites](#-prerequisites)
+* [🚀 Quick Start](#-quick-start)
+* [📦 Installation](#-installation)
+* [🛠️ Usage (Makefile)](#️-usage-makefile)
+* [📜 Logs](#-logs)
+* [⚙️ Configuration](#-configuration)
+* [🔧 Optional Enhancements](#-optional-enhancements)
+* [ℹ️ Notes](#️-notes)
+
+---
+
+## ✨ Features
+
+* 🔐 Automatic HTTPS with Cloudflare DNS
+* 🐳 Dockerized FastAPI microservice
+* 🔄 Auto-reload during development
+* ⚙️ Declarative service routing via Docker labels
+* 🧼 Clean, one-file `Makefile` interface
+* 🧪 Ready for testing and CI workflows
+
+---
 
-echo "🐋 Building and starting containers..."
-docker-compose --env-file .env up -d --build
-docker-compose up -d
+## 📋 Prerequisites
 
-```    
+* ✅ Docker & Docker Compose
+* ✅ Cloudflare-managed domain
+* ✅ Cloudflare API Token with DNS edit permission
 
+---
+
+## 🚀 Quick Start
+
+1. Clone repo & navigate:
+
+   ```bash
+   git clone https://your-repo-url
+   cd your-repo
+   ```
 
-lucaslorentz/caddy-docker-proxy: Obraz Caddy, który dynamicznie generuje konfigurację na podstawie Docker metadata (labels).
+2. Create a Docker network (once):
 
-Brak Caddyfile: Wszystko robisz przez labelsy, co spełnia Twoje wymaganie jednoplikowej konfiguracji.
+   ```bash
+   docker network create web || true
+   ```
 
-Certyfikaty SSL: W pełni automatyczne dzięki integracji z Cloudflare przez caddy.tls.dns.
+3. Add your `.env` file:
 
+   ```env
+   CLOUDFLARE_API_TOKEN=your_cloudflare_token_here
+   DOMAIN=example.com
+   [email protected]
+   ```
 
+4. Start everything:
+
+   ```bash
+   make up
+   ```
+
+---
 
+## 📦 Installation
+
+You can also use the provided installation script:
+
+```bash
+chmod +x install.sh
+./install.sh
+```
 
+The script will:
 
-Absolutely! Below you'll find:
+* Scaffold your project
+* Download Docker images
+* Configure FastAPI app
+* Set up Caddy reverse proxy
+* Start services
 
 ---
 
-## ✅ 1. **Log Viewing Command**
+## 🛠️ Usage (Makefile)
 
-To show logs for your API service (`myapi`):
+Unified CLI control with:
 
 ```bash
-docker-compose logs -f myapi
+make up         # Build and run all containers
+make down       # Stop containers
+make restart    # Restart containers
+make logs       # Show combined logs (API + Caddy)
+make logs-api   # Show only API logs
+make logs-caddy # Show only Caddy logs
+make shell      # Open shell in the API container
+make clean      # Remove all containers, volumes, and dangling images
+make health     # Check public HTTP health of the service
 ```
 
-To show logs for **Caddy reverse proxy**:
+---
+
+## 🧪 Developer Tools
+
+You can also use these commands:
 
 ```bash
-docker-compose logs -f caddy
+make lint     # Run linter (flake8)
+make test     # Run tests (pytest)
+make deploy   # (alias for up, or hook for real deploy)
 ```
 
-> Add `--tail=100` to limit to the last 100 lines.
+✅ These run inside temporary containers – you don't need local Python installed.
 
 ---
 
-## 🛠️ 2. **Installation Script** — `install.sh`
+## 📜 Logs
+
+```bash
+# Combined logs
+make logs
+
+# Individual service logs
+make logs-api
+make logs-caddy
+```
+
+---
+
+## ⚙️ Configuration
+
+1. `.env` file for secrets (required):
+
+```env
+CLOUDFLARE_API_TOKEN=your_cloudflare_token
+[email protected]
+DOMAIN=example.com
+```
+
+2. Routing is defined via labels in `docker-compose.yml`:
+
+```yaml
+labels:
+  caddy: api.${DOMAIN}
+  caddy.reverse_proxy: "{{upstreams 8080}}"
+  caddy.tls.dns: "cloudflare {env.CLOUDFLARE_API_TOKEN}"
+```
+
+No need to manually write a Caddyfile — Caddy dynamically reads this.
+
+---
 
-This script will:
+## 🔧 Optional Enhancements
 
-* Clone or create your project folder
-* Set up FastAPI app
-* Write Dockerfile and `docker-compose.yml`
-* Create `.env` file (you just need to add your Cloudflare token)
-* Pull Docker images
-* Build and run the services
+### ✅ Lint & Test
 
-## 🚀 How to use:
+Makefile includes:
 
 ```bash
-chmod +x install.sh
-./install.sh
+make lint   # Runs flake8 on your Python code
+make test   # Runs pytest inside container
 ```
 
+### ♻️ Auto-reload
+
+FastAPI auto-reload enabled via:
 
+```yaml
+command: uvicorn app.main:app --host 0.0.0.0 --port 8080 --reload
+volumes:
+  - ./app:/app/app:ro
+```
 
-## 📦 How to use
+### 📦 Multi-service support
 
-1. Save as `Makefile` in your project root (same dir as `docker-compose.yml`)
-2. Ensure `.env` exists (with `CF_API_TOKEN`)
-3. Run commands like:
+Support multiple services using:
 
 ```bash
-make up
-make logs
-make down
-make restart
+make logs SERVICE=auth
+make shell SERVICE=web
 ```
 
+`Makefile` dynamically uses `$(SERVICE)` to manage different containers.
+
 ---
 
-### ✅ Optional Enhancements:
+## ℹ️ Notes
 
-* Add `lint`, `test`, or `deploy` commands
-* Auto-reload support for dev via volumes
-* Multiple service support: `PROJECT_NAME ?= $(SERVICE)` via arguments
+* Uses `lucaslorentz/caddy-docker-proxy` for dynamic reverse proxy configuration.
+* All SSL certificates are auto-managed via Cloudflare DNS.
+* Works well on ARM (Raspberry Pi), VPS, and dev machines.
+* Recommended for small production deployments with minimal overhead.
 
-Let me know if you'd like those included too.

caddy/docker-compose.yml

@@ -1,29 +1,33 @@
 services:
   caddy:
-    image: lucaslorentz/caddy-docker-proxy:2.8.0
+    image: caddy:2.8.0
     container_name: caddy
     ports:
       - "80:80"
       - "443:443"
     volumes:
-      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./Caddyfile:/etc/caddy/Caddyfile
+      - caddy_data:/data
+      - caddy_config:/config
     environment:
-      - CADDY_INGRESS_NETWORK=web
-      - CLOUDFLARE_API_TOKEN=\${CF_API_TOKEN}
+      - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN}
     networks:
       - web
     restart: unless-stopped
 
   myapi:
     build: .
     container_name: myapi
-    labels:
-      caddy: $DOMAIN
-      caddy.reverse_proxy: "{{upstreams 8080}}"
-      caddy.tls.dns: cloudflare \${CF_API_TOKEN}
+    expose:
+      - "8080"
     networks:
       - web
+    command: uvicorn app.main:app --host 0.0.0.0 --port 8080 --reload
 
 networks:
   web:
-    external: true
+    external: true
+
+volumes:
+  caddy_data:
+  caddy_config:

caddy/generate-cloudflare-token.sh

@@ -24,7 +24,7 @@ echo "Ustaw zakres (Zone Resources):"
 echo "→ Include → Specific zone → wybierz swoją domenę"
 echo ""
 echo "🔑 Po wygenerowaniu tokenu, dodaj go do pliku .env jako:"
-echo "CF_API_TOKEN=twój_token_tutaj"
+echo "CLOUDFLARE_API_TOKEN=twój_token_tutaj"
 
 curl "https://api.cloudflare.com/client/v4/user/tokens/verify" \
-     -H "Authorization: Bearer ${CF_API_TOKEN}"
+     -H "Authorization: Bearer ${CLOUDFLARE_API_TOKEN}"