|
| 1 | +# SSL Proxy |
| 2 | + |
| 3 | +A Dockerized Caddy reverse proxy with automatic SSL certificate generation for local development. |
| 4 | + |
| 5 | +## Features |
| 6 | + |
| 7 | +- Automatic SSL certificate generation via mkcert |
| 8 | +- Strips Content-Security-Policy headers |
| 9 | +- HTTP to HTTPS redirect |
| 10 | +- Configurable domain and upstream URL |
| 11 | + |
| 12 | +## Quick Start |
| 13 | + |
| 14 | +1. Configure your domain in `.env`: |
| 15 | + |
| 16 | + ``` |
| 17 | + DOMAIN=local.example.com |
| 18 | + UPSTREAM_URL=http://host.docker.internal:3000 |
| 19 | + ``` |
| 20 | + |
| 21 | + `UPSTREAM_URL` must include the scheme and port. |
| 22 | + |
| 23 | +2. Add to `/etc/hosts`: |
| 24 | + |
| 25 | + ``` |
| 26 | + 127.0.0.1 local.example.com |
| 27 | + ``` |
| 28 | + |
| 29 | +3. Generate certificates (first time only): |
| 30 | + |
| 31 | + ```bash |
| 32 | + docker-compose --profile setup run --rm mkcert |
| 33 | + ``` |
| 34 | + |
| 35 | +4. Install the CA certificate (one-time): |
| 36 | + |
| 37 | + ```bash |
| 38 | + sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ./certs/local.example.com.rootCA.pem |
| 39 | + ``` |
| 40 | + |
| 41 | +5. Start the proxy: |
| 42 | + |
| 43 | + ```bash |
| 44 | + docker-compose up -d |
| 45 | + ``` |
| 46 | + |
| 47 | +6. Visit: `https://local.example.com:8443` |
| 48 | + |
| 49 | +Note (Linux): Requires Docker Engine 20.10+ for `host-gateway` support. |
| 50 | + |
| 51 | +## Configuration |
| 52 | + |
| 53 | +| Variable | Default | Description | |
| 54 | +| --------------- | ----------- | ---------------------- | |
| 55 | +| `DOMAIN` | `localhost` | Domain for SSL cert | |
| 56 | +| `UPSTREAM_URL` | `http://host.docker.internal:3000` | URL for your local app | |
| 57 | + |
| 58 | +## Ports |
| 59 | + |
| 60 | +- `8080` - HTTP (redirects to HTTPS) |
| 61 | +- `8443` - HTTPS |
| 62 | + |
| 63 | +## Layout |
| 64 | + |
| 65 | +``` |
| 66 | +├── config/Caddyfile # Caddy configuration |
| 67 | +├── scripts/mkcert/entrypoint.sh # Cert generation script |
| 68 | +├── docker-compose.yml # Service definitions |
| 69 | +├── Dockerfile.caddy # Caddy image |
| 70 | +├── Dockerfile.mkcert # Certificate generator |
| 71 | +└── .env # Your configuration |
| 72 | +``` |
0 commit comments