akanealw/caddy-proxy-manager
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
2c70f2859a514b56738b0dabcf6f7bf851d62041
caddy-proxy-manager/docker/caddy/Dockerfile
fuomag9 2c70f2859a Add multi-provider DNS registry for ACME DNS-01 challenges 
Replace hardcoded Cloudflare DNS-01 with a data-driven provider registry
supporting 11 providers (Cloudflare, Route 53, DigitalOcean, Duck DNS,
Hetzner, Vultr, Porkbun, GoDaddy, Namecheap, OVH, Linode). Users can
configure multiple providers with encrypted credentials and select a
default. Per-certificate provider override is supported via providerOptions.

- Add src/lib/dns-providers.ts with provider definitions, credential
  encrypt/decrypt, and Caddy config builder
- Change DnsProviderSettings to multi-provider format with default selection
- Auto-migrate legacy Cloudflare settings on startup (db.ts)
- Normalize old single-provider format on read (getDnsProviderSettings)
- Refactor buildTlsAutomation() to use provider registry
- Add GET /api/v1/dns-providers endpoint for provider discovery
- Add dns-provider settings group to REST API and instance sync
- Replace Cloudflare settings card with multi-provider UI (add/remove
  providers, set default, dynamic credential forms)
- Add 10 DNS provider modules to Caddy Dockerfile
- Update OpenAPI spec, E2E tests, and unit test mocks

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-17 18:01:16 +02:00

64 lines
2.2 KiB
Docker
Raw Blame History

# syntax=docker/dockerfile:1.6
FROM golang:1.26 AS builder
# Install xcaddy
RUN go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
# Build Caddy with plugins
# GOPROXY=direct bypasses the module proxy cache so the latest commit is always fetched
RUN GOPROXY=direct xcaddy build \
--with github.com/caddy-dns/cloudflare \
--with github.com/caddy-dns/route53 \
--with github.com/caddy-dns/digitalocean \
--with github.com/caddy-dns/duckdns \
--with github.com/caddy-dns/hetzner \
--with github.com/caddy-dns/vultr \
--with github.com/caddy-dns/porkbun \
--with github.com/caddy-dns/godaddy \
--with github.com/caddy-dns/namecheap \
--with github.com/caddy-dns/ovh \
--with github.com/caddy-dns/linode \
--with github.com/mholt/caddy-l4 \
--with github.com/fuomag9/caddy-blocker-plugin \
--with github.com/corazawaf/coraza-caddy/v2 \
--output /usr/bin/caddy
FROM ubuntu:24.04
# Accept build args for user/group IDs to support rootless operation
# Using 10000 as default to avoid conflicts with system users
ARG PUID=10000
ARG PGID=10000
# Install runtime dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \
wget \
&& rm -rf /var/lib/apt/lists/*
# Copy caddy binary from builder
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
# Create caddy user and directories with configurable IDs for rootless operation
# Remove any existing users/groups with the same UID/GID to avoid conflicts
RUN (getent group ${PGID} && groupdel $(getent group ${PGID} | cut -d: -f1) || true) && \
(getent passwd ${PUID} && userdel $(getent passwd ${PUID} | cut -d: -f1) || true) && \
groupadd -g ${PGID} caddy && \
useradd -r -u ${PUID} -g caddy -m -d /home/caddy caddy && \
mkdir -p /data /config /logs && \
chown -R caddy:caddy /data /config /logs /home/caddy
COPY --chown=caddy:caddy docker/caddy/Caddyfile /etc/caddy/Caddyfile
EXPOSE 80 443 2019
# Set environment variables to use /data and /config like official Caddy image
ENV XDG_CONFIG_HOME=/config
ENV XDG_DATA_HOME=/data
# Run as non-root user (fully rootless)
USER caddy
CMD ["caddy", "run", "--resume", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]
Reference in New Issue View Git Blame Copy Permalink