From d7224b038b942cd41cb12abcfa2daa080cf11bff Mon Sep 17 00:00:00 2001
From: ducoterra <git@ducoterra.net>
Date: Thu, 20 Nov 2025 17:58:53 -0500
Subject: [PATCH] switch to custom caddy with route53 dns support

---
 .gitea/workflows/caddy.yaml         | 30 +++++++++++++++++++++++++++++
 active/podman_caddy/Containerfile   |  8 ++++++++
 active/podman_caddy/caddy.container |  2 +-
 active/podman_caddy/caddy.md        | 13 +++++++++++++
 4 files changed, 52 insertions(+), 1 deletion(-)
 create mode 100644 .gitea/workflows/caddy.yaml
 create mode 100644 active/podman_caddy/Containerfile

diff --git a/.gitea/workflows/caddy.yaml b/.gitea/workflows/caddy.yaml
new file mode 100644
index 0000000..8376e51
--- /dev/null
+++ b/.gitea/workflows/caddy.yaml
@@ -0,0 +1,30 @@
+name: Podman DDNS Image
+run-name: Build and Push the Custom Caddy Image with Route53 DNS Certbot
+on:
+  push:
+    paths:
+      - active/podman_caddy/**
+      - .gitea/workflows/caddy.yaml
+  schedule:
+    - cron: '@daily'
+jobs:
+  build-and-push-ddns:
+    runs-on: ubuntu-latest
+    if: gitea.ref == 'refs/heads/main'
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Login to Gitea Registry
+        uses: docker/login-action@v2
+        with:
+          registry: gitea.reeseapps.com
+          username: ${{ secrets.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_PASSWORD }}
+      - name: Build and push Docker image
+        uses: https://github.com/docker/build-push-action@v5
+        with:
+          context: ${{ gitea.workspace }}/active/podman_caddy
+          file: ${{ gitea.workspace }}/active/podman_caddy/Containerfile
+          push: true
+          tags: "gitea.reeseapps.com/services/caddy:latest,gitea.reeseapps.com/services/caddy:${{gitea.sha}}"
+          no-cache: true
diff --git a/active/podman_caddy/Containerfile b/active/podman_caddy/Containerfile
new file mode 100644
index 0000000..9cb2285
--- /dev/null
+++ b/active/podman_caddy/Containerfile
@@ -0,0 +1,8 @@
+FROM docker.io/caddy:2-builder AS builder
+
+RUN xcaddy build \
+    --with github.com/caddy-dns/route53@v1.6.0
+
+FROM docker.io/caddy:2
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
diff --git a/active/podman_caddy/caddy.container b/active/podman_caddy/caddy.container
index db5b4aa..f9e029c 100644
--- a/active/podman_caddy/caddy.container
+++ b/active/podman_caddy/caddy.container
@@ -4,7 +4,7 @@ Description=Caddy
 [Container]
 AddCapability=NET_ADMIN
 ContainerName=caddy
-Image=docker.io/caddy:2
+Image=gitea.reeseapps.com/services/caddy:latest
 Network=host
 SecurityLabelDisable=true
 Volume=/etc/caddy:/etc/caddy
diff --git a/active/podman_caddy/caddy.md b/active/podman_caddy/caddy.md
index 772ed03..cdcffa0 100644
--- a/active/podman_caddy/caddy.md
+++ b/active/podman_caddy/caddy.md
@@ -1,11 +1,24 @@
 # Caddy Reverse Proxy
 
 - [Caddy Reverse Proxy](#caddy-reverse-proxy)
+  - [Custom Caddy Image](#custom-caddy-image)
   - [Install Caddy](#install-caddy)
     - [Ansible](#ansible)
     - [Manual](#manual)
   - [Adding a new Caddy Record](#adding-a-new-caddy-record)
 
+## Custom Caddy Image
+
+This repo builds a custom caddy image with route53 DNS certbot support.
+
+```bash
+podman image pull gitea.reeseapps.com/services/caddy:latest
+```
+
+To upgrade the image, check [the caddy-dns route53
+project](https://github.com/caddy-dns/route53/tags) releases and update the
+`Containerfile` with the new version.
+
 ## Install Caddy
 
 ### Ansible