All apps · 0 apps
binhex-caddy-duckdns
Docker app from Binhex's Repository
Overview
Readme
View on GitHubApplication
Description
Caddy is a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go. This image includes the DuckDNS DNS challenge plugin, enabling automatic TLS certificate issuance and renewal via Let's Encrypt for DuckDNS hostnames without requiring port 80 to be open. Ideal for use as a reverse proxy on a home network.
Build notes
Latest GitHub release.
Usage
docker run -d \
--name=<container name> \
-p <https port>:8443 \
-p <http port>:8080 \
-p <admin port>:2019 \
-v <path for config files>:/config \
-v /etc/localtime:/etc/localtime:ro \
-e DUCKDNS_TOKEN=<your duckdns token> \
-e ENABLE_HEALTHCHECK=<yes|no> \
-e HEALTHCHECK_COMMAND=<command> \
-e HEALTHCHECK_ACTION=<action> \
-e HEALTHCHECK_HOSTNAME=<hostname> \
-e UMASK=<umask for created files> \
-e PUID=<uid for user> \
-e PGID=<gid for user> \
ghcr.io/binhex/arch-caddy-duckdns
Please replace all user variables in the above command defined by <> with the correct values.
Access application
http://<host ip>:8080
Caddyfile
Place your Caddyfile at /config/caddy/Caddyfile. An example Caddyfile with commented-out
reverse proxy configurations is provided on first run at this location. The global block
must define http_port and https_port to match the ports mapped above, e.g.:-
{
http_port 8080
https_port 8443
}
Your DuckDNS token should be passed in via the DUCKDNS_TOKEN environment variable and
referenced in your Caddyfile as {env.DUCKDNS_TOKEN}, e.g.:-
mydomain.duckdns.org:8443 {
tls {
dns duckdns {env.DUCKDNS_TOKEN}
}
reverse_proxy my-server-ip:8096
}
See the example Caddyfile at /config/caddy/Caddyfile for subdomain, root base URL and
app base URL reverse proxy configurations.
Example
docker run -d \
--name=caddy-duckdns \
-p 8443:8443 \
-p 8080:8080 \
-p 2019:2019 \
-v /apps/docker/caddy-duckdns:/config \
-v /etc/localtime:/etc/localtime:ro \
-e DUCKDNS_TOKEN=your-duckdns-token \
-e ENABLE_HEALTHCHECK=yes \
-e UMASK=000 \
-e PUID=99 \
-e PGID=100 \
ghcr.io/binhex/arch-caddy-duckdns
Notes
- Your DuckDNS token can be found by logging into DuckDNS.
- Caddy stores Let's Encrypt account data and certificates under
/config/caddy/data/— this path sits inside the/configbind mount, so certs survive container recreation without hitting Let's Encrypt rate limits. If you have an existing deployment, addstorage file_system /config/caddy/datato the global options block of your Caddyfile. - The admin API endpoint on port
2019is optional; it allows runtime configuration via the Caddy API. - Logs are written to
/config/caddy/logs/access.log.
User ID (PUID) and Group ID (PGID) can be found by issuing the following command for the user you want to run the container as:-
id <username>
If you appreciate my work, then please consider buying me a beer :D
Install binhex-caddy-duckdns on Unraid in a few clicks.
Find binhex-caddy-duckdns in Community Apps on your Unraid server, review the template, and click Install. Unraid handles the Docker app or plugin setup from the published template.
Requirements
Caddyfile
Place your Caddyfile at '/config/caddy/Caddyfile'.
Categories
Download Statistics
Related apps
Explore more like this
Explore allLinks
Details
ghcr.io/binhex/arch-caddy-duckdnsRuntime arguments
- Web UI
http://[IP]:[PORT:8080]- Network
bridge- Shell
bash- Privileged
- false
- Extra Params
--restart=unless-stopped
Template configuration
The HTTPS port Caddy listens on. Must match https_port in your Caddyfile.
- Target
- 8443
- Default
- 8443
The HTTP port Caddy listens on (used for redirects). Must match http_port in your Caddyfile.
- Target
- 8080
- Default
- 8080
The admin edpoint port for Caddy.
- Target
- 2019
- Default
- 2019
This is the container path to your Caddy configuration file (Caddyfile) and logs.
- Target
- /config
- Default
- /mnt/user/appdata/caddy-duckdns
Duck DNS token for automatic TLS certificate issuance and renewal, sign into Duck DNS to view your token.
- Target
- DUCKDNS_TOKEN
Enable or disable healthchecks.
- Target
- ENABLE_HEALTHCHECK
- Default
- yes|no
The command or script to execute, if not specified then the script healthcheck.sh will be used (process, dns and https checking).
- Target
- HEALTHCHECK_COMMAND
The action to execute if the healthcheck command returns a non zero exit code, if not specified the action will be 'exit 1', if you want the container to exit on failure then set the action to 'kill 1'.
- Target
- HEALTHCHECK_ACTION
The hostname used when performing HTTPS and DNS healthchecking.
- Target
- HEALTHCHECK_HOSTNAME
- Default
- google.com
User ID for the running container
- Target
- PUID
- Default
- 99
Group ID for the running container
- Target
- PGID
- Default
- 100
UMASK for the running container
- Target
- UMASK
- Default
- 000
