I’m trying to get caddy to work in a userspace docker container (I have other containers which I’d prefer to keep well isolated), so I can’t set_cap, as docker build is run as a userspace user, and doesn’t have permissions for that.
So I start caddy like this in Docker:
/usr/local/bin/caddy -agree -email email@example.com -ca https://acme-staging-v02.api.letsencrypt.org/directory -conf /etc/Caddyfile -http-port 8080 -https-port 4433
And Docker maps port 8080 to 80, and 4433 to 443.
The thing is, it activates privacy features (meaning, that letsencrypt can access my server at port 80). The issue is that right afterwards it says:
listen tcp :443: bind: permission denied
Of course it doesn’t work. It’s run as a regular user! But I just set -https-port
to 4433, not 443. Is there a way to get this to work (to get caddy to use 4433 as the secure port)?