Setting Up Caddy Reverse Proxy with Docker

Getting Started with Caddy Using Docker

Introduction

Caddy is a powerful and easy-to-use web server that comes with automatic HTTPS by default. It’s ideal for modern development workflows, particularly when integrated with Docker. This guide will walk you through setting up Caddy in a Docker environment, configuring reverse proxies, and ensuring secure and reliable web serving for your applications.

Prerequisites

Before you begin, make sure you have the following:

• Docker: Installed on your local machine or server. You can install Docker.
• Caddy Docker Image: The official Docker image for Caddy can be found on the Caddy Docker Hub.

Setting Up Caddy with Docker

1. Create a Docker Compose File

   Begin by creating a docker-compose.yml file to define your Caddy service:

   version: '3.7'
   
   services:
    caddy:
      image: caddy:latest
      restart: unless-stopped
      ports:
        - "80:80"
        - "443:443"
        - "443:443/udp"
      volumes:
        - ./Caddyfile:/etc/caddy/Caddyfile
        - ./site:/srv
        - ./data:/data
        - ./config:/config
      extra_hosts:
        - "host.docker.internal:host-gateway"

2. Create a Caddyfile

   The Caddyfile is where you define your reverse proxies and other Caddy settings. Here’s an example configuration:

   nextcloud.example.com {
      reverse_proxy host.docker.internal:4002
   }
   
   jellyfin.example.com {
      reverse_proxy host.docker.internal:8096
   }
   
   gitea.example.com {
      reverse_proxy host.docker.internal:8001
   }

   Key Notes:

   • Replace example.com with your actual domain.
   • Use host.docker.internal to reference services running on the host machine.
   • Ensure DNS records for your domain point to the server running Caddy.

3. Run Caddy

   Start your Caddy server using Docker Compose:

   docker-compose up -d

   This command will launch Caddy in the background, automatically managing HTTPS certificates and serving your configured sites.

Testing Caddy Configuration

For testing your Caddy configuration directly from the command prompt, you can use the following command:

caddy reverse-proxy --from yourdomain.duckdns.org --to 192.168.8.178:3005
caddy run --config "/path/to/Caddyfile"

This is useful for verifying your Caddyfile's configurations before deploying it in a Docker environment.

Understanding host.docker.internal

When using Docker, the host.docker.internal hostname allows your Docker containers to access services running on the host machine. This is particularly useful when setting up reverse proxies with Caddy to target services on your host.

Here’s a breakdown of how it works:

• host.docker.internal: This is a special DNS name that resolves to the host machine's internal IP address. It allows services inside your Docker container to communicate with services running on the host.

• How It Works:

  • The --add-host flag in your Docker Compose file adds an entry in the container's /etc/hosts file, mapping host.docker.internal to the IP address of the Docker host (typically 172.17.0.1 on the default bridge network).
  • The host-gateway keyword in Docker resolves to the host's gateway IP, which is used by host.docker.internal.

For example, your Docker container might resolve host.docker.internal to 172.17.0.1, allowing the container to access a service running on the host at host.docker.internal:[service_port].

Example Usage:

services:
  caddy:
    ...
    extra_hosts:
      - "host.docker.internal:host-gateway"

Caddyfile Example:

pancakepuncher.com {
  handle_path /code* {
    reverse_proxy host.docker.internal:8080
  }
}

This setup allows you to use host.docker.internal instead of hardcoding IP addresses, making your configuration more portable and easier to manage.

For more information, check out the discussions on Stack Overflow about host.docker.internal and the specific issue related to reverse proxies.

Troubleshooting Common Issues

If you encounter issues where Caddy cannot find the reverse proxy target:

• Ensure the IP is correct: Use the local IP addresses of your services instead of localhost or 127.0.0.1.
• Check Docker Networking: Ensure that Docker containers can communicate with the host network. In some cases, using host.docker.internal can resolve communication issues.

For more detailed troubleshooting, see this Stack Overflow discussion on reverse proxy issues.

Resources and References

• Caddy Documentation
• Caddy Docker Hub
• Docker Documentation
• Stack Overflow: Reverse Proxy Issues
• Stack Overflow: host.docker.internal Explanation

Conclusion

This guide provides a complete setup for using Caddy as a reverse proxy in a Docker environment, including tips on testing and troubleshooting.