caddy multiservice with caddy embedded on docker

Author: Tom Softreck

caddy/Caddyfile

@@ -1,6 +1,20 @@
 api.naszed.de {
     reverse_proxy myapi:8080
     tls {
-        dns cloudflare {env.CLOUDFLARE_API_TOKEN}
+        dns cloudflare {env.CLOUDFLARE_API_TOKEN} {
+            email {env.CLOUDFLARE_EMAIL}
+        }
+    }
+    log {
+        output file /var/log/caddy/access.log {
+            roll_size 10MB
+            roll_keep 10
+        }
+    }
+    errors {
+        output file /var/log/caddy/error.log {
+            roll_size 10MB
+            roll_keep 10
+        }
     }
 }

caddy/ansible-requirements.yml

@@ -0,0 +1,8 @@
+---
+collections:
+  - name: community.docker
+    version: 3.8.1
+  - name: ansible.posix
+    version: 1.5.4
+  - name: community.general
+    version: 7.5.0

caddy/ansible_tests.yml

@@ -0,0 +1,144 @@
+---
+- name: Test Caddy and FastAPI Services
+  hosts: localhost
+  connection: local
+  gather_facts: no
+  
+  vars:
+    caddy_domain: "{{ lookup('env', 'DOMAIN') | default('localhost', true) }}"
+    validate_certs: "{{ 'no' if 'localhost' in caddy_domain else 'yes' }}"
+    
+  tasks:
+    - name: Check if Docker is running
+      ansible.builtin.command: docker info
+      register: docker_info
+      changed_when: false
+      ignore_errors: yes
+      
+    - name: Fail if Docker is not running
+      ansible.builtin.fail:
+        msg: "Docker is not running. Please start Docker and try again."
+      when: docker_info.rc != 0
+      
+    - name: Check container status using shell
+      ansible.builtin.shell: |
+        for container in caddy myapi; do
+          if docker ps --format '{{ '{{.Names}}' }}' | grep -q "^$container$"; then
+            echo "$container:running"
+          else
+            echo "$container:stopped"
+          fi
+        done
+      register: container_status
+      changed_when: false
+      
+    - name: Display container status
+      ansible.builtin.debug:
+        msg: "Container {{ item.split(':')[0] }} is {{ 'running' if item.endswith('running') else 'not running' }}"
+      loop: "{{ container_status.stdout_lines }}"
+      
+    - name: Set container status fact
+      ansible.builtin.set_fact:
+        all_containers_running: "{{ container_status.stdout | regex_replace('\\n', '') == 'caddy:runningmyapi:running' }}"
+        
+    - name: Fail if containers are not running
+      ansible.builtin.fail:
+        msg: "Some containers are not running. Please check with 'docker-compose ps'"
+      when: not all_containers_running
+      
+    - name: Ensure virtualenv is available
+      ansible.builtin.pip:
+        name: virtualenv
+        state: present
+        executable: "{{ ansible_python_interpreter | default('python3') }}"
+      delegate_to: localhost
+      run_once: true
+      become: false
+      
+    - name: Create a virtual environment
+      ansible.builtin.command: "{{ ansible_python_interpreter | default('python3') }} -m venv {{ playbook_dir }}/.venv"
+      args:
+        creates: "{{ playbook_dir }}/.venv/bin/activate"
+      delegate_to: localhost
+      run_once: true
+      become: false
+      
+    - name: Install required Python packages
+      ansible.builtin.pip:
+        name:
+          - requests
+          - urllib3
+        state: present
+        virtualenv: "{{ playbook_dir }}/.venv"
+        virtualenv_python: "{{ ansible_python_interpreter | default('python3') }}"
+      delegate_to: localhost
+      become: false
+      
+    - name: Test Caddy HTTPS endpoint
+      ansible.builtin.uri:
+        url: "https://{{ caddy_domain }}"
+        method: GET
+        validate_certs: "{{ validate_certs }}"
+        status_code: 200
+        timeout: 10
+      register: caddy_test
+      retries: 3
+      delay: 5
+      until: caddy_test is defined and caddy_test.status == 200
+      ignore_errors: true
+      
+    - name: Test FastAPI endpoint
+      ansible.builtin.uri:
+        url: "https://{{ caddy_domain }}/docs"
+        method: GET
+        validate_certs: "{{ validate_certs }}"
+        status_code: 200
+        timeout: 10
+      register: fastapi_test
+      retries: 3
+      delay: 5
+      until: fastapi_test is defined and fastapi_test.status == 200
+      ignore_errors: true
+      
+    - name: Display test results
+      ansible.builtin.debug:
+        msg: |
+          === Test Results ===
+          Caddy HTTPS: {{ '✅ PASS' if caddy_test.status == 200 else '❌ FAIL' }}
+          FastAPI Docs: {{ '✅ PASS' if fastapi_test.status == 200 else '❌ FAIL' }}
+          ===================
+      
+    - name: Get container logs if tests failed
+      ansible.builtin.shell: docker logs --tail 20 {{ item }}
+      register: container_logs
+      loop:
+        - caddy
+        - myapi
+      when: 
+        - caddy_test is defined 
+        - fastapi_test is defined
+        - (caddy_test.status | default(0) != 200) or (fastapi_test.status | default(0) != 200)
+      changed_when: false
+      ignore_errors: true
+      
+    - name: Show container logs if tests failed
+      ansible.builtin.debug:
+        msg: |
+          === Container Logs ===
+          {% for log in container_logs.results %}
+          --- {{ log.item }} ---
+          {{ log.stdout | default('No logs available') }}
+          
+          {% endfor %}
+      when: container_logs is defined and container_logs.results is defined
+      
+    - name: Fail if tests failed
+      ansible.builtin.fail:
+        msg: |
+          Some tests failed. Check the logs above for details.
+          Caddy status: {{ caddy_test.status | default('Not tested') }}
+          FastAPI status: {{ fastapi_test.status | default('Not tested') }}
+      when: 
+        - caddy_test is defined 
+        - fastapi_test is defined
+        - (caddy_test.status | default(0) != 200) or (fastapi_test.status | default(0) != 200)

caddy/docker-compose.yml

@@ -1,19 +1,27 @@
 services:
   caddy:
-    image: caddy:2.8.0
+    image: lucaslorentz/caddy-docker-proxy:2.8.0-alpine
     container_name: caddy
     ports:
       - "80:80"
       - "443:443"
     volumes:
-      - ./Caddyfile:/etc/caddy/Caddyfile
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
       - caddy_data:/data
       - caddy_config:/config
+      - caddy_logs:/var/log/caddy
     environment:
       - CLOUDFLARE_API_TOKEN=${CLOUDFLARE_API_TOKEN}
+      - CLOUDFLARE_EMAIL=${CLOUDFLARE_EMAIL}
     networks:
       - web
     restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"]
+      interval: 10s
+      timeout: 5s
+      retries: 3
 
   myapi:
     build: .
@@ -30,4 +38,5 @@ networks:
 
 volumes:
   caddy_data:
-  caddy_config:
+  caddy_config:
+  caddy_logs:

caddy/install.sh

@@ -1,19 +1,43 @@
 #!/bin/bash
 
 set -e
-# from .env import all variables
-source .env
-
-# Function to run tests
-run_tests() {
-    echo "🚀 Running tests..."
-    if [ -f "tests/run_tests.sh" ]; then
-        cd tests
-        ./run_tests.sh
-        cd ..
-    else
-        echo "⚠️  Test script not found. Skipping tests."
-    fi
+
+# Load environment variables
+if [ -f ".env" ]; then
+    source .env
+else
+    echo "❌ Error: .env file not found"
+    exit 1
+fi
+
+# Default values
+DOMAIN=${DOMAIN:-localhost}
+APP_NAME=${APP_NAME:-app}
+
+# Function to check if a container is running
+container_is_running() {
+    docker ps --filter "name=$1" --format '{{.Names}}' | grep -q "^$1$"
+}
+
+# Function to wait for a container to be healthy
+wait_for_container() {
+    local container=$1
+    local max_attempts=30
+    local wait_seconds=5
+    
+    echo "⏳ Waiting for $container to be ready..."
+    
+    for ((i=1; i<=max_attempts; i++)); do
+        if container_is_running "$container"; then
+            echo "✅ $container is running"
+            return 0
+        fi
+        echo "⏳ $container not ready yet (attempt $i/$max_attempts)..."
+        sleep $wait_seconds
+    done
+    
+    echo "❌ Timeout waiting for $container to start"
+    return 1
 }
 
 echo "📁 Creating project structure..."
@@ -22,7 +46,8 @@ cd $APP_NAME
 
 # Create FastAPI app if it doesn't exist
 if [ ! -f "app/main.py" ]; then
-    echo "from fastapi import FastAPI\n\napp = FastAPI()\n\[email protected](\"/\")\nasync def read_root():\n    return {\"message\": \"Hello, World!\"}" > app/main.py
+    mkdir -p app
+    echo "from fastapi import FastAPI\nfrom fastapi.middleware.cors import CORSMiddleware\n\napp = FastAPI()\n\n# Enable CORS\napp.add_middleware(\n    CORSMiddleware,\n    allow_origins=[\"*\"],\n    allow_credentials=True,\n    allow_methods=[\"*\"],\n    allow_headers=[\"*\"],\n)\n\[email protected](\"/\")\nasync def read_root():\n    return {\"message\": \"Hello, World!\"}\n\[email protected](\"/health\")\nasync def health_check():\n    return {\"status\": \"healthy\"}\n" > app/main.py
 fi
 
 # Create requirements.txt if it doesn't exist
@@ -32,64 +57,69 @@ fi
 
 # Create Dockerfile if it doesn't exist
 if [ ! -f "Dockerfile" ]; then
-    echo "FROM python:3.9-slim\n\nWORKDIR /app\n\nCOPY requirements.txt .\nRUN pip install --no-cache-dir -r requirements.txt\n\nCOPY . .\n\nCMD [\"uvicorn\", \"app.main:app\", \"--host\", \"0.0.0.0\", \"--port\", \"8080\"]" > Dockerfile
+    echo "FROM python:3.9-slim\n\nWORKDIR /app\n\n# Install system dependencies\nRUN apt-get update && apt-get install -y --no-install-recommends \\\n    build-essential \\\n    && rm -rf /var/lib/apt/lists/*\n\n# Install Python dependencies\nCOPY requirements.txt .\nRUN pip install --no-cache-dir -r requirements.txt\n\n# Copy application code\nCOPY . .\n\n# Expose port\nEXPOSE 8080\n\n# Run the application\nCMD [\"uvicorn\", \"app.main:app\", \"--host\", \"0.0.0.0\", \"--port\", \"8080\"]" > Dockerfile
 fi
 
 # Create docker-compose.yml if it doesn't exist
 if [ ! -f "../docker-compose.yml" ]; then
-    echo "services:
-  caddy:
-    image: caddy:2.8.0
-    container_name: caddy
-    ports:
-      - \"80:80\"
-      - \"443:443\"
-    volumes:
-      - ./Caddyfile:/etc/caddy/Caddyfile
-      - caddy_data:/data
-      - caddy_config:/config
-    environment:
-      - CLOUDFLARE_API_TOKEN=\${CF_API_TOKEN}
-    networks:
-      - web
-    restart: unless-stopped
-
-  myapi:
-    build: .
-    container_name: myapi
-    expose:
-      - \"8080\"
-    networks:
-      - web
-    command: uvicorn app.main:app --host 0.0.0.0 --port 8080 --reload
-
-networks:
-  web:
-    external: true
-
-volumes:
-  caddy_data:
-  caddy_config:" > ../docker-compose.yml
+    echo "version: '3.8'\n\nservices:\n  caddy:\n    image: caddy:2.8.0\n    container_name: caddy\n    ports:\n      - \"80:80\"\n      - \"443:443\"\n    volumes:\n      - ./Caddyfile:/etc/caddy/Caddyfile:ro\n      - caddy_data:/data\n      - caddy_config:/config\n    environment:\n      - CLOUDFLARE_API_TOKEN=\${CF_API_TOKEN}\n    networks:\n      - web\n    restart: unless-stopped\n    healthcheck:\n      test: [\"CMD\", \"curl\", \"-f\", \"http://localhost:80/\"]\n      interval: 10s\n      timeout: 5s\n      retries: 3\n\n  myapi:\n    build:\n      context: .\n      dockerfile: Dockerfile\n    container_name: myapi\n    expose:\n      - \"8080\"\n    networks:\n      - web\n    restart: unless-stopped\n    healthcheck:\n      test: [\"CMD\", \"curl\", \"-f\", \"http://localhost:8080/health\"]\n      interval: 10s\n      timeout: 5s\n      retries: 3\n\nnetworks:\n  web:\n    driver: bridge\n\nvolumes:\n  caddy_data:\n  caddy_config:\n" > ../docker-compose.yml
 fi
 
 # Create Caddyfile if it doesn't exist
 if [ ! -f "../Caddyfile" ]; then
-    echo "${DOMAIN} {
-    reverse_proxy myapi:8080
-    tls {
-        dns cloudflare {env.CLOUDFLARE_API_TOKEN}
-    }" > ../Caddyfile
+    echo "${DOMAIN} {\n    # Enable the admin API (optional, for debugging)\n    # admin\n    \n    # Logging\n    log {\n        output file /var/log/caddy/access.log\n        format json\n    }\n    \n    # Handle API requests\n    handle_path /api/* {\n        reverse_proxy myapi:8080\n    }\n    \n    # Handle all other requests\n    handle {\n        reverse_proxy myapi:8080\n    }\n    \n    # Enable TLS with Cloudflare DNS challenge\n    tls {\n        dns cloudflare {env.CLOUDFLARE_API_TOKEN}\n    }\n}" > ../Caddyfile
+fi
+
+# Create logs directory
+mkdir -p ../logs
+
+# Create web network if it doesn't exist
+if ! docker network inspect web >/dev/null 2>&1; then
+    echo "🌐 Creating Docker network 'web'..."
+    docker network create web
 fi
 
 echo "🚀 Starting services..."
 cd ..
+
+echo "🔧 Building and starting containers..."
 docker-compose up -d --build
 
-echo "⏳ Waiting for services to be ready..."
-sleep 10
+# Wait for containers to be ready
+wait_for_container "caddy"
+wait_for_container "myapi"
+
+echo "✅ Services started successfully!"
 
 # Run tests
-run_tests
+echo -e "\n🚀 Running tests..."
+
+# Run basic tests
+if [ -f "./run_tests.sh" ]; then
+    chmod +x ./run_tests.sh
+    if ! ./run_tests.sh; then
+        echo -e "\n${YELLOW}Basic tests failed. Check the output above for details.${NC}"
+    fi
+else
+    echo -e "\n${YELLOW}⚠️  Basic test script not found. Skipping basic tests.${NC}"
+fi
 
-echo "✅ Setup completed successfully!"
+# Run Ansible tests
+if [ -f "./run_ansible_tests.sh" ]; then
+    echo -e "\n🔍 Running Ansible tests..."
+    chmod +x ./run_ansible_tests.sh
+    if ./run_ansible_tests.sh; then
+        echo -e "\n${GREEN}✅ Ansible tests completed successfully!${NC}"
+    else
+        echo -e "\n${YELLOW}⚠️  Ansible tests completed with some failures.${NC}"
+    fi
+else
+    echo -e "\n${YELLOW}⚠️  Ansible test script not found. Skipping Ansible tests.${NC}"
+fi
+
+echo "\n✅ Setup completed successfully!"
 echo "🌐 Your FastAPI app should be available at: https://${DOMAIN}"
+echo "📝 API documentation: https://${DOMAIN}/docs"
+
+echo "\n📋 Container status:"
+docker ps --filter "name=caddy|myapi" --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"