I’m using docker-compose to start my project in production. I added a volume for Caddy to store the certificates and I can see them inside the directory but Caddy, at every docker-compose up
command keeps trying to provide certificates.
caddy:
image: abiosoft/caddy
container_name: caddy
restart: unless-stopped
depends_on:
- backend
environment:
- PORT=8000
ports:
- 80:80
- 443:443
volumes:
- ./Caddyfile:/etc/Caddyfile
- ./.caddy:/root/.caddy
This is the contents of my Caddyfile
:
static.mydomain.com {
root /static
gzip
tls user@gmail.com
}
mydomain.com {
proxy / backend:8000 {
transparent
}
header / {
# Don't show Caddy/Gunicorn as server header.
-Server
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS (do not use if only testing)
# Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
# Only send Referer header to same origin.
# Django CSRF protection is incompatible with referrer policy set to none.
Referrer-Policy "same-origin"
# Enable cross-site filter (XSS) and tell browser to block detected attacks.
X-XSS-Protection "1; mode=block"
# Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
X-Content-Type-Options "nosniff"
# Enable a strict content security policy.
# Edit this if you need external sources on your site.
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
# Content-Security-Policy "connect-src 'self'; default-src 'none'; form-action 'self'; frame-ancestors 'none';;"
# Don't allow resources to load within a frame/iframe.
# This is handled with frame-ancestors 'none' in the content security policy. But not yet supported by older browsers.
X-Frame-Options "DENY"
}
# The email address to use to generate a certificate with Letsencrypt.
tls user@gmail.com
}
The first time I brought everything up it provisioned the certificates immediately and it worked. I just don’t know why it’s constantly trying to get certificates even though the same volume is attached. Any ideaS?