1.6 KiB
1.6 KiB
Exactly — keep one central Caddy outside Docker (systemd) and proxy to whatever runs inside containers, VMs, or localhost.
That’s the single source of truth you want.
- Central Caddyfile (systemd) – one file rules them all
sudo nano /etc/caddy/Caddyfile
Content (add more blocks as you spin up services):
# Git service inside Docker
git.crazystorm-andromeda.duckdns.org {
reverse_proxy localhost:3000 # Docker published port
encode gzip
header -Server
}
# Future service – just add another block
# next.crazystorm-andromeda.duckdns.org {
# reverse_proxy localhost:4000
# }
- Reload after any edit
sudo systemctl reload caddy
- Benefits you keep
- One Let’s Encrypt account, one cert cache, one log stream
- No extra Caddy container to babysit
- Any backend (Docker, native, remote IP) just becomes another
reverse_proxyline - Survives Docker Compose restarts; systemd starts before Docker
- House-keeping
# validate syntax
caddy validate --config /etc/caddy/Caddyfile
# live reload
sudo systemctl reload caddy
That’s the central, primitive, single-file setup — add a block, reload, done.