Caddy-Docker-Proxy: Dynamic Reverse Proxy for Docker Containers
Summary
Caddy-Docker-Proxy is a powerful tool that enables Caddy to function as a dynamic reverse proxy for Docker containers. It automatically configures Caddy by scanning Docker metadata and labels, providing zero-downtime reloads upon changes. This simplifies reverse proxy management in Docker environments, offering features like automatic HTTPS.
Repository Info
Tags
Click on any tag to explore related repositories
Introduction
Caddy-Docker-Proxy is a plugin that extends Caddy, allowing it to act as a reverse proxy for Docker containers and services. It dynamically generates Caddy configurations based on Docker labels, ensuring that your proxy setup is always in sync with your container deployments. This eliminates the need for manual Caddyfile updates, providing a seamless and automated solution for exposing your Dockerized applications.
The plugin works by continuously scanning Docker metadata for labels that indicate a service or container should be served by Caddy. It then constructs an in-memory Caddyfile, pointing to each Docker service by its DNS name or container IP. Any changes in Docker objects trigger a graceful, zero-downtime reload of Caddy, ensuring continuous service availability.
Installation
To get started with Caddy-Docker-Proxy, you typically use docker-compose. First, create a Docker network for Caddy to communicate with your services:
docker network create caddy
Next, define your Caddy service using a docker-compose.yml file. This example uses the ci-alpine image, exposes ports 80 and 443, and mounts the Docker socket for metadata access and a volume for Caddy's data:
version: "3.7"
services:
caddy:
image: lucaslorentz/caddy-docker-proxy:ci-alpine
ports:
- 80:80
- 443:443/tcp
- 443:443/udp
environment:
- CADDY_INGRESS_NETWORKS=caddy
networks:
- caddy
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- caddy_data:/data
restart: unless-stopped
networks:
caddy:
external: true
volumes:
caddy_data: {}
Deploy your Caddy service:
docker-compose up -d
Examples
Once Caddy-Docker-Proxy is running, you can easily expose your applications by adding specific labels to your Docker services or containers. Here's an example using a whoami service:
version: '3.7'
services:
whoami:
image: traefik/whoami
networks:
- caddy
labels:
caddy: whoami.example.com
caddy.reverse_proxy: "{{upstreams 80}}"
networks:
caddy:
external: true
Deploy the whoami service:
docker-compose up -d
Now, if you visit https://whoami.example.com (after configuring your DNS or /etc/hosts), Caddy will automatically serve the whoami application over HTTPS with a certificate issued by Let's Encrypt or ZeroSSL.
Why Use It
Caddy-Docker-Proxy offers several compelling advantages for managing reverse proxies in Docker environments:
- Dynamic Configuration: Automatically generates and updates Caddy configurations based on Docker labels, eliminating manual Caddyfile management.
- Zero-Downtime Reloads: Gracefully reloads Caddy whenever Docker objects change, ensuring continuous service availability.
- Automatic HTTPS: Leverages Caddy's built-in automatic HTTPS, providing free SSL/TLS certificates from Let's Encrypt or ZeroSSL with minimal configuration.
- Simplified Deployment: Integrates seamlessly with Docker Compose and Docker Swarm, allowing you to define proxy rules directly within your service definitions.
- Flexibility: Supports Go templates within labels for advanced configuration, enabling dynamic upstream resolution and custom Caddyfile directives.
- Execution Modes: Offers standalone, controller, and server modes to fit various deployment architectures, from single-host setups to distributed Swarm clusters.
Links
For more detailed documentation, advanced examples, and to contribute to the project, visit the official GitHub repository:
- GitHub Repository: https://github.com/lucaslorentz/caddy-docker-proxy
- Docker Hub: https://hub.docker.com/r/lucaslorentz/caddy-docker-proxy/