Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (#3514)

* Added an example of fronting the playbook's integrated Traefik reverse-proxy with the existing Caddy container (not the `apt-get` or `yum` installed Caddy). Helpful for folks who have an existing server with a Caddy container already serving multiple applications. * Update examples/reverse-proxies/caddy2-in-container/README.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update examples/reverse-proxies/caddy2-in-container/README.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Update examples/reverse-proxies/caddy2-in-container/README.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * Code formatted, linted with yamllint * README.md updated * docs/configuring-playbook-own-webserver-caddy.md removed --------- Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2024-09-14 14:06:40 +08:00 · 2024-09-14 14:06:40 +08:00 · 11e241e30a
commit 11e241e30a
parent 4bb08d4a53
3 changed files with 85 additions and 0 deletions
--- a/examples/reverse-proxies/caddy2-in-container/Caddyfile
+++ b/examples/reverse-proxies/caddy2-in-container/Caddyfile
@ -0,0 +1,43 @@
+matrix.example.tld {
+
+  handle {
+        encode zstd gzip
+
+        # Use the docker service name instead of localhost or 127.0.0.1  here 
+        matrix-traefik:8080 {  
+               header_up X-Forwarded-Port {http.request.port}
+               header_up X-Forwarded-TlsProto {tls_protocol}
+               header_up X-Forwarded-TlsCipher {tls_cipher}
+               header_up X-Forwarded-HttpsProto {proto}
+        }
+  }
+}
+
+# Put `https://` at the beginning to enforce https protocol as 8448 is not the default https port (which is 443) 
+https://matrix.example.tld:8448 {
+    handle {
+        encode zstd gzip
+
+        #  Use the docker service name instead of localhost or 127.0.0.1  here 
+        reverse_proxy matrix-traefik:8448 {
+               header_up X-Forwarded-Port {http.request.port}
+               header_up X-Forwarded-TlsProto {tls_protocol}
+               header_up X-Forwarded-TlsCipher {tls_cipher}
+               header_up X-Forwarded-HttpsProto {proto}
+        }
+    }
+}
+
+
+example.tld {
+# Uncomment this if you are following "(Option 3): Setting up reverse-proxying of the well-known files from the base domain's server to the Matrix server" of https://github.com/spantaleev/matrix-docker-ansible-deploy/blob/master/docs/configuring-well-known.md#option-3-setting-up-reverse-proxying-of-the-well-known-files-from-the-base-domains-server-to-the-matrix-server
+    @wellknown {
+        path /.well-known/matrix/*
+    }
+
+    handle @wellknown {
+        reverse_proxy https://matrix.example.tld {
+            header_up Host {http.reverse_proxy.upstream.hostport}
+        }
+    }
+}
--- a/examples/reverse-proxies/caddy2-in-container/README.md
+++ b/examples/reverse-proxies/caddy2-in-container/README.md
@ -0,0 +1,19 @@
+# Caddy reverse-proxy fronting the playbook's integrated Traefik reverse-proxy
+
+This directory contains a sample config that shows you how to front the integrated [Traefik](https://traefik.io/) reverse-proxy webserver with your own **containerized** [Caddy](https://caddyserver.com/) reverse-proxy. If you have a server with a Caddy container already serving several applications and you want to install Matrix on it (with no changes to existing traffic routing), then this guide is for you.
+
+Note: if you're running Caddy on the host itself (not in a container), refer to the [caddy2](../caddy2/README.md) example instead.
+
+
+## Prerequisite configuration
+
+To get started, first follow the [front the integrated reverse-proxy webserver with another reverse-proxy](../../../docs/configuring-playbook-own-webserver.md#fronting-the-integrated-reverse-proxy-webserver-with-another-reverse-proxy) instructions and update your playbook's configuration (`inventory/host_vars/matrix.<your-domain>/vars.yml`).
+
+Then, adjust your Caddy  `docker-compose.yaml` file (if you're using docker-compose for running your Caddy container). See [examples/reverse-proxies/caddy2-in-container/docker-compose.yaml](./docker-compose.yaml).
+
+## Using the Caddyfile
+
+You can either just use the [Caddyfile](Caddyfile) directly or append its content to your own Caddyfile.
+In both cases make sure to replace all the `example.tld` domains with your own domain.
+
+This example does not include additional services like Element, but you should be able copy the first block and replace the `matrix.` subdomain with the subdomain of the some other service (e.g. `element.`).
--- a/examples/reverse-proxies/caddy2-in-container/docker-compose.yaml
+++ b/examples/reverse-proxies/caddy2-in-container/docker-compose.yaml
@ -0,0 +1,23 @@
+---
+version: "3.9"
+
+services:
+  caddy:
+    image: caddy:2.5.1-alpine
+    networks:
+      # add this, so that caddy can talk to the playbook-managed-traefik
+      - traefik
+    ports:
+      - "80:80"
+      - "443:443"
+      - "8448:8448"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile
+      # - ./site:/var/www
+    #  Other configurations ...
+
+networks:
+  # add this as well
+  traefik:
+    name: traefik
+    external: true