ducoterra
9417e711a9
All checks were successful
Reese's Arch Toolbox / build-and-push-arch-toolbox (push) Successful in 24m47s
64 lines
1.0 KiB
Markdown
64 lines
1.0 KiB
Markdown
# Caddy Reverse Proxy
|
|
|
|
## Install Caddy
|
|
|
|
As root
|
|
|
|
```bash
|
|
mkdir /etc/caddy
|
|
vim /etc/caddy/Caddyfile
|
|
```
|
|
|
|
Caddy will automatically provision certificates if the server DNS points to the correct IP
|
|
and is accessible on the ports specifified. All you need to do is put `https` in the caddy conf.
|
|
|
|
```conf
|
|
# Nextcloud
|
|
https://nextcloud.reeseapps.com:443 {
|
|
reverse_proxy podman.reeselink.com:11000
|
|
}
|
|
|
|
https://nextcloud.reeseapps.com:8443 {
|
|
reverse_proxy podman.reeselink.com:11001 {
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
}
|
|
}
|
|
|
|
# Gitea
|
|
https://gitea.reeseapps.com:443 {
|
|
reverse_proxy podman.reeselink.com:3000
|
|
}
|
|
```
|
|
|
|
```bash
|
|
vim /etc/containers/systemd/caddy.container
|
|
```
|
|
|
|
```conf
|
|
[Unit]
|
|
Description=Caddy
|
|
|
|
[Container]
|
|
AddCapability=NET_ADMIN
|
|
ContainerName=caddy
|
|
Image=docker.io/caddy:2
|
|
Network=host
|
|
SecurityLabelDisable=true
|
|
Volume=/etc/caddy:/etc/caddy
|
|
Volume=caddy_data:/data
|
|
Volume=caddy_config:/config
|
|
|
|
[Service]
|
|
Restart=always
|
|
|
|
[Install]
|
|
WantedBy=default.target
|
|
```
|
|
|
|
```bash
|
|
systemctl daemon-reload
|
|
systemctl start caddy
|
|
```
|