Caddy Docker 部署指南
本文将详细介绍如何在 Docker 环境中部署和运行 Caddy 服务器。
基础部署
使用官方镜像
# 拉取官方镜像docker pull caddy:latest
# 运行基础容器docker run -d \ --name caddy \ -p 80:80 \ -p 443:443 \ caddy使用自定义 Caddyfile
# 创建配置文件目录mkdir -p /path/to/caddy/config
# 创建 Caddyfilecat > /path/to/caddy/config/Caddyfile <<EOFexample.com { root * /srv file_server}EOF
# 运行带配置的容器docker run -d \ --name caddy \ -p 80:80 \ -p 443:443 \ -v /path/to/caddy/config/Caddyfile:/etc/caddy/Caddyfile \ -v caddy_data:/data \ -v caddy_config:/config \ caddyDocker Compose 配置
基础配置
version: '3.7'
services: caddy: image: caddy:latest container_name: caddy restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./Caddyfile:/etc/caddy/Caddyfile - ./site:/srv - caddy_data:/data - caddy_config:/config
volumes: caddy_data: caddy_config:与其他服务集成
version: '3.7'
services: caddy: image: caddy:latest container_name: caddy restart: unless-stopped ports: - "80:80" - "443:443" volumes: - ./Caddyfile:/etc/caddy/Caddyfile - caddy_data:/data - caddy_config:/config networks: - web
webapp: image: nginx:alpine container_name: webapp restart: unless-stopped volumes: - ./webapp:/usr/share/nginx/html networks: - web
networks: web: driver: bridge对应的 Caddyfile:
example.com { reverse_proxy webapp:80}自定义镜像
Dockerfile 示例
FROM caddy:builder AS builder
RUN xcaddy build \ --with github.com/caddy-dns/cloudflare \ --with github.com/greenpau/caddy-security
FROM caddy:latest
COPY --from=builder /usr/bin/caddy /usr/bin/caddyCOPY Caddyfile /etc/caddy/Caddyfile构建和运行
# 构建镜像docker build -t custom-caddy .
# 运行容器docker run -d \ --name custom-caddy \ -p 80:80 \ -p 443:443 \ custom-caddy生产环境配置
完整的 Docker Compose 配置
version: '3.7'
services: caddy: image: caddy:latest container_name: caddy restart: unless-stopped ports: - "80:80" - "443:443" - "443:443/udp" # For HTTP/3 volumes: - ./Caddyfile:/etc/caddy/Caddyfile:ro - ./site:/srv - caddy_data:/data - caddy_config:/config - ./logs:/var/log/caddy environment: - TZ=Asia/Shanghai networks: - web logging: driver: json-file options: max-size: "10m" max-file: "3" deploy: resources: limits: memory: 1G reservations: memory: 512M
volumes: caddy_data: driver: local caddy_config: driver: local
networks: web: driver: bridge生产环境 Caddyfile
{ acme_ca https://acme-v02.api.letsencrypt.org/directory
servers { protocols h1 h2 h2c h3 }
log { output file /var/log/caddy/access.log { roll_size 10mb roll_keep 10 } }}
example.com { root * /srv encode gzip
log { output file /var/log/caddy/example.com.log { roll_size 10mb roll_keep 10 } }
handle_errors { root * /srv/errors rewrite * /{http.error.status_code}.html file_server }
file_server}常见问题处理
权限问题
# 设置正确的文件权限chmod -R 755 /path/to/sitechown -R 1000:1000 /path/to/site
# 或在 docker run 时指定用户docker run -u $(id -u):$(id -g) ...证书持久化
version: '3.7'
services: caddy: volumes: - ./caddy/certificates:/data/caddy/certificates - ./caddy/config:/config日志轮转
services: caddy: logging: driver: "json-file" options: max-size: "10m" max-file: "3"监控和维护
健康检查
services: caddy: healthcheck: test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:80"] interval: 30s timeout: 10s retries: 3 start_period: 30s资源限制
services: caddy: deploy: resources: limits: cpus: '1' memory: 1G reservations: cpus: '0.5' memory: 512M