diff --git a/examples/reverse-proxies/caddy2-in-container/Caddyfile b/examples/reverse-proxies/caddy2-in-container/Caddyfile new file mode 100644 index 000000000..9f1128c2f --- /dev/null +++ b/examples/reverse-proxies/caddy2-in-container/Caddyfile @@ -0,0 +1,43 @@ +matrix.example.tld { + + handle { + encode zstd gzip + + # Use the docker service name instead of localhost or 127.0.0.1 here + matrix-traefik:8080 { + header_up X-Forwarded-Port {http.request.port} + header_up X-Forwarded-TlsProto {tls_protocol} + header_up X-Forwarded-TlsCipher {tls_cipher} + header_up X-Forwarded-HttpsProto {proto} + } + } +} + +# Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443) +https://matrix.example.tld:8448 { + handle { + encode zstd gzip + + # Use the docker service name instead of localhost or 127.0.0.1 here + reverse_proxy matrix-traefik:8448 { + header_up X-Forwarded-Port {http.request.port} + header_up X-Forwarded-TlsProto {tls_protocol} + header_up X-Forwarded-TlsCipher {tls_cipher} + header_up X-Forwarded-HttpsProto {proto} + } + } +} + + +example.tld { +# Uncomment this if you are following "(Option 3): Setting up reverse-proxying of the well-known files from the base domain's server to the Matrix server" of https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md#option-3-setting-up-reverse-proxying-of-the-well-known-files-from-the-base-domains-server-to-the-matrix-server + @wellknown { + path /.well-known/matrix/* + } + + handle @wellknown { + reverse_proxy https://matrix.example.tld { + header_up Host {http.reverse_proxy.upstream.hostport} + } + } +} diff --git a/examples/reverse-proxies/caddy2-in-container/README.md b/examples/reverse-proxies/caddy2-in-container/README.md new file mode 100644 index 000000000..783145de7 --- /dev/null +++ b/examples/reverse-proxies/caddy2-in-container/README.md @@ -0,0 +1,19 @@ +# Caddy reverse-proxy fronting the playbook's integrated Traefik reverse-proxy + +This directory contains a sample config that shows you how to front the integrated [Traefik](https://traefik.io/) reverse-proxy webserver with your own **containerized** [Caddy](https://caddyserver.com/) reverse-proxy. If you have a server with a Caddy container already serving several applications and you want to install Matrix on it (with no changes to existing traffic routing), then this guide is for you. + +Note: if you're running Caddy on the host itself (not in a container), refer to the [caddy2](../caddy2/README.md) example instead. + + +## Prerequisite configuration + +To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix./vars.yml`). + +Then, adjust your Caddy `docker-compose.yaml` file (if you're using docker-compose for running your Caddy container). See [examples/reverse-proxies/caddy2-in-container/docker-compose.yaml](./docker-compose.yaml). + +## Using the Caddyfile + +You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile. +In both cases make sure to replace all the `example.tld` domains with your own domain. + +This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`). diff --git a/examples/reverse-proxies/caddy2-in-container/docker-compose.yaml b/examples/reverse-proxies/caddy2-in-container/docker-compose.yaml new file mode 100644 index 000000000..5884018dd --- /dev/null +++ b/examples/reverse-proxies/caddy2-in-container/docker-compose.yaml @@ -0,0 +1,23 @@ +--- +version: "3.9" + +services: + caddy: + image: caddy:2.5.1-alpine + networks: + # add this, so that caddy can talk to the playbook-managed-traefik + - traefik + ports: + - "80:80" + - "443:443" + - "8448:8448" + volumes: + - ./Caddyfile:/etc/caddy/Caddyfile + # - ./site:/var/www + # Other configurations ... + +networks: + # add this as well + traefik: + name: traefik + external: true