由于 caddy 使用了 cf 的 dns 插件,更新的时候比较麻烦,所以想着使用 docker 来部署,自己只需要 build 最新的 caddy 镜像就可以了。
一. build caddy的镜像
镜像包含 amd64/arm64 两种架构,这里使用 buildx 来编译。使用包管理器安装的 docker engine 已经包含了 docekr buildx。
buildx 安装教程:https://docs.docker.com/build/install-buildx/
新建一个 buildx 实例并使用
默认的 buildx 不支持多架构编译,这里新建一个并使用。
1
|
docker buildx create --name mybuilder --driver docker-container --bootstrap --use
|
启用 binfmt_misc
如果你使用的是 Docker 桌面版(包含 macOS 和 Windows)默认已启用,而对于 Linux 系统,可通过运行一个特权容器来启用 binfmt_misc
1
|
docker run --privileged --rm tonistiigi/binfmt --install all
|
验证是 binfmt_misc 否开启:
1
|
ls -al /proc/sys/fs/binfmt_misc/
|
buildx 会通过 QEMU 模拟器和 binfmt_misc 模拟不同平台构建镜像,请查看是否包含 qemu-*文件,如下:
1
2
3
4
5
6
7
8
9
10
11
12
|
total 0
drwxr-xr-x 2 root root 0 Dec 25 16:47 .
dr-xr-xr-x 1 root root 0 Dec 24 17:08 ..
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-i386
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-mips64
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-mips64el
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-ppc64le
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-riscv64
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-s390x
-rw-r--r-- 1 root root 0 Feb 23 09:49 qemu-x86_64
--w------- 1 root root 0 Dec 25 16:47 register
-rw-r--r-- 1 root root 0 Dec 25 16:47 status
|
build 多架构 caddy 镜像
可提前通过 docker login命令登录 Docker Hub,在完成构建多平台镜像后,会同时推送镜像至 Docker Hub。
caddy Dockerfile 如下:
1
2
3
4
5
6
7
8
9
10
|
# vim Dockerfile
FROM caddy:builder-alpine AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare
FROM caddy:alpine
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
|
使用 buildx build 多架构镜像并推送 docker hub
1
|
docker buildx build --push --platform linux/amd64,linux/arm64 -f Dockerfile . -t lovelonger/caddy:latest-cf
|
建议使用性能较好的机器运行 buildx,由于vps性能不足,最终使用本机的 docker-desktop 完成编译(跳过启用 binfmt_misc步骤),编译时间 27 min
二. docker-compose 部署caddy
创建 caddy 网络,后续所有需要 caddy 反代的容器都使用这个网络
1
|
docker network create public
|
使用的 yaml 文件如下:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
# vim docker-compose.yml
version: "3.7"
services:
caddy:
container_name: caddy
image: lovelonger/caddy:latest-cf #使用自己build的镜像
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./caddy_data:/data
- ./caddy_config:/config
networks:
- public #使用已经存在的网络
networks:
public:
external: true
|
创建一个默认配置的 Caddyfile 文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
# vim Caddyfile
# The Caddyfile is an easy way to configure your Caddy web server.
#
# Unless the file starts with a global options block, the first
# uncommented line is always the address of your site.
#
# To use your own domain name (with automatic HTTPS), first make
# sure your domain's A/AAAA DNS records are properly pointed to
# this machine's public IP, then replace ":80" below with your
# domain name.
:80 {
# Set this path to your site's directory.
root * /usr/share/caddy
# Enable the static file server.
file_server
# Another common task is to set up a reverse proxy:
# reverse_proxy localhost:8080
# Or serve a PHP site through php-fpm:
# php_fastcgi localhost:9000
}
# Refer to the Caddy docs for more information:
# https://caddyserver.com/docs/caddyfile
|
启动 caddy
访问 caddy
1
2
3
4
5
6
7
8
9
|
# curl -I http://localhost:80
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 18677
Content-Type: text/html; charset=utf-8
Etag: "rq34kxeet"
Last-Modified: Tue, 14 Feb 2023 19:24:33 GMT
Server: Caddy
Date: Thu, 23 Feb 2023 06:43:15 GMT
|
