Vaultwarden + caddy-duckdns in Portainer

Mosconi8 · January 2, 2023, 10:47pm

Hello together,

i try to get run the combination of vaultwarden and caddy-duckdns on my docker system on my RPI. I don’t want to open ports so i try to run a composer file from the GitHub vaultwarden wiki. But every time it’s not possible the build the caddy container. The Vaultwarden container works fine.

1. Output of `caddy version`:

i try to pull the latest version. I cannot find a version number on docker.
bebound/caddy-duckdns (latest from docker hub)

2. How I run Caddy:

I try to get caddy run on a Raspberry Pi 4 in docker / Portainer.

version: '3'

services:
  *vaultwarden:*
*    image: vaultwarden/server:latest*
*    container_name: vaultwarden*
*    restart: always*
*    environment:*
*      WEBSOCKET_ENABLED: "true"  # Enable WebSocket notifications.*
*    volumes:*
*      - ./vw-data:/data*

  caddy:
    image: bebound/caddy-duckdns
    container_name: caddy
    restart: always
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./caddy:/usr/bin/caddy  # Your custom build of Caddy.
      - ./Caddyfile:/etc/caddy/Caddyfile:ro
      - ./caddy-config:/config
      - ./caddy-data:/data
    environment:
      DOMAIN: "http://vw-jstrobel.duckdns.org"  # Your domain.
      EMAIL: "myEmail"                 # The email address to use for ACME registration.
      DUCKDNS_TOKEN: "mytoken"                   # Your Duck DNS token.
      LOG_FILE: "/data/access.log"

a. System environment:

Docker with Portainer

d. My complete Caddyfile:

{$DOMAIN}:443 {
  log {
    level INFO
    output file {$LOG_FILE} {
      roll_size 10MB
      roll_keep 10
    }
  }

  # Use the ACME DNS-01 challenge to get a cert for the configured domain.
  tls {
    dns duckdns {$DUCKDNS_TOKEN}
  }

  # This setting may have compatibility issues with some browsers
  # (e.g., attachment downloading on Firefox). Try disabling this
  # if you encounter issues.
  encode gzip

  # Notifications redirected to the WebSocket server
  reverse_proxy /notifications/hub vaultwarden:3012

  # Proxy everything else to Rocket
  reverse_proxy vaultwarden:80
}

4. Error messages and/or full log output:

Error response from daemon:
failed to create shim task:
OCI runtime create failed:
runc create failed:
unable to start container process:
error during container init:
error mounting “/data/compose/2/Caddyfile” to rootfs at “/etc/caddy/Caddyfile”:
mount /data/compose/2/Caddyfile:/etc/caddy/Caddyfile (via /proc/self/fd/6), flags: 0x5001: not a directory:
unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type

6. Links to relevant resources:

Thanx so far!

francislavoie · January 3, 2023, 12:29am

Are you sure you have a file called Caddyfile at that location, and not a directory?

That’s an error with docker-compose, not with Caddy.

Mosconi8 · January 3, 2023, 9:06am

Thank you very much. I think this is my problem.
Caddyfile is a folder.

gyfer · January 3, 2023, 12:13pm

Make sure you have file ./Caddyfile before you fire up the new container because Caddyfile in container is ReadOnly /etc/caddy/Caddyfile:ro

If file doesn’t exist when you start, container can’t create one either (resulted a new folder name Caddyfile). And without it Docker-Caddy cannot start correctly

Mosconi8 · January 3, 2023, 12:58pm

hmmm, only to be sure… The Caddyfile is inside the folder /etc/caddy?
I testet a few things. And after i modified the directory-string from /etc/caddy/Caddyfile to /etc/caddy the composer.yml worked. After that i put the Caddyfile into the /etc/caddy -Folder and restart the caddy container.

How can i test if caddy works fine with the Caddyfile?

gyfer · January 3, 2023, 2:28pm

Based on this, Caddyfile is at current directory where you run docker-compose up at HOST computer , and /etc/caddy/Caddyfile INSIDE the container

You don’t have to keep restarting the container when you make changes to your Caddyfile. To restart the service, you can just run command docker-compose exec -w /etc/caddy caddy caddy reload or docker exec -it caddy caddy reload --config /etc/caddy/Caddyfile ( assuming your caddy container name is caddy, and Caddyfile remain at /etc/caddy )

You can also validate the Caddyfile to check for error
docker-compose exec -w /etc/caddy caddy caddy validate , or
docker exec -it caddy caddy validate --config /etc/caddy/Caddyfile

system · February 1, 2023, 10:48pm

This topic was automatically closed after 30 days. New replies are no longer allowed.