1. Caddy version (caddy version
):
I am using the caddy:latest
container image.
/srv # caddy version
v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=
2. How I run Caddy:
a. System environment:
CentOS Linux release 7.9.2009 (Core)
Docker CE Server Version: 20.10.17
b. Command:
docker-compose up
c. Service/unit/compose file:
version: "3.2"
services:
caddy-int-01:
image: caddy:latest
container_name: ${name}
hostname: ${name}
restart: unless-stopped
volumes:
- ${vdata}:/data:rw
- ${vsrv}:/srv:rw
- ${vconfig}:/config:rw
- ${vresolvconf}:/etc/resolv.conf:ro
- ${vrootcert}:/root_ca.crt:ro
networks:
dck-macvlan0:
ipv4_address: ${ipv4_address}
networks:
dck-macvlan0:
external:
name: dck-macvlan0
d. My complete Caddyfile or JSON config:
{
"admin": {
"listen": ":2019"
},
"apps": {
"http": {
"servers": {
"srv0": {
"listen": [
":443"
],
"routes": [
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "reverse_proxy",
"upstreams": [
{
"dial": "10.0.0.1:80"
}
]
}
]
}
]
}
],
"match": [
{
"host": [
"1.example.com"
]
}
],
"terminal": true
},
{
"handle": [
{
"handler": "subroute",
"routes": [
{
"handle": [
{
"handler": "reverse_proxy",
"upstreams": [
{
"dial": "10.0.0.2:80"
}
]
}
]
}
]
}
],
"match": [
{
"host": [
"2.example.com"
]
}
],
"terminal": true
}
]
}
}
},
"tls": {
"automation": {
"policies": [
{
"issuers": [
{
"ca": "https://pki.example.com:9000/acme/acme/directory",
"email": "pki@example.com",
"module": "acme",
"trusted_roots_pem_files": [
"/root_ca.crt"
]
}
],
"subjects": [
"1.example.com",
"2.example.com"
]
}
]
}
}
}
}
3. The problem I’m having:
What is best way to make API managed caddy configure persistent when docker-compose is used?
My Docker host does automatic scheduled updates and reboots every other week.
How I can make this API managed configuration persistent when the docker container reboots? I know that there is --resume
flag, but I don’t understand that how I can pass it every time when the container reboots.
I also have second problem caused by this. Because the API configuration isn’t persistent, I can’t load new configuration to Caddy because in default configuration the admin API is only exposed to localhost. Should I create a Caddyfile where I have these admin configuration, so API endpoint is open even when autosave.json couldn’t be loaded or is this bad practice?
4. Error messages and/or full log output:
5. What I already tried:
I tested that I can reload my configuration directly inside docker container and that worked.