This repository contains a Dockerized version of Caddy v2 with the Cloudflare DNS provider module (caddy-dns/cloudflare
). This setup enables automatic HTTPS with DNS-based challenge support, using Cloudflare as the DNS provider.
- Automatic HTTPS: Caddy automatically manages SSL/TLS certificates.
- Cloudflare DNS Integration: Easily manage DNS records through the Cloudflare API.
- Dockerized: Run Caddy in a container with a pre-built Cloudflare DNS module.
- CI/CD with GitHub Actions: Automated builds and deployments using GitHub Actions.
- Automated Dependency Updates: Keep dependencies up-to-date with Renovate.
The Docker image for this project is available at:
- Latest Version:
ghcr.io/jkpe/caddy-cloudflare:latest
- Specific Version (v2.8.4):
ghcr.io/jkpe/caddy-cloudflare:v2.8.4
These images are built for both linux/arm64
and linux/amd64
architectures.
- Docker installed on your machine.
- A Cloudflare account and API token with DNS edit permissions.
git clone https://github.com/jkpe/caddy-cloudflare.git
cd caddy-cloudflare
To build the Docker image locally:
docker build -t caddy-cloudflare .
To run the container:
docker run -d -p 80:80 -p 443:443 \
-e CLOUDFLARE_API_TOKEN=your_cloudflare_api_token \
-v $(pwd)/Caddyfile:/etc/caddy/Caddyfile \
caddy-cloudflare
Replace your_cloudflare_api_token
with your actual Cloudflare API token.
The Caddyfile
is where you define your site's configuration. Below is a basic example:
example.com {
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
reverse_proxy localhost:8080
}
This configuration:
- Sets up a site for
example.com
. - Uses Cloudflare DNS to manage TLS certificates.
- Proxies requests to a local service running on port 8080.
This repository includes a GitHub Actions workflow for building and publishing Docker images.
- Push to Main: Builds and publishes the Docker image.
- Tag Creation: Publishes a versioned Docker image.
- Scheduled Builds: Runs every day at a specified time (
cron
).
The workflow is configured to push images to the GitHub Container Registry (GHCR) by default. You can change the registry by modifying the REGISTRY
and IMAGE_NAME
environment variables in the workflow file.
This project uses Renovate to keep dependencies up-to-date automatically. The configuration is located in renovate.json
, which extends the recommended settings provided by Renovate.
Contributions are welcome! Please open an issue or submit a pull request if you have any improvements or bug fixes.
This project is licensed under the MIT License. See the LICENSE file for more details.