skkuding · jimin9038 · Jan 30, 2025 · Jan 30, 2025 · Jan 30, 2025
diff --git a/apps/infra/stage/coolify/caddy/Dockerfile b/apps/infra/stage/coolify/caddy/Dockerfile
@@ -0,0 +1,14 @@
+# Not included in CI/CD. Should be built manually
+
+ARG CADDY_VERSION=2.8.4
+FROM caddy:${CADDY_VERSION}-builder AS builder
+
+RUN xcaddy build \
+    --with github.com/lucaslorentz/caddy-docker-proxy/v2 \
+    --with github.com/caddy-dns/route53
+
+FROM caddy:${CADDY_VERSION}-alpine
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
+
+CMD ["caddy", "docker-proxy"]
diff --git a/apps/infra/stage/coolify/caddy/acme-challenge.caddy b/apps/infra/stage/coolify/caddy/acme-challenge.caddy
@@ -0,0 +1,13 @@
+# Not included in CI/CD. Should be added in coolify manually
+
+*.coolify.codedang.com, coolify.codedang.com {
+    tls {
+        dns route53 {
+            wait_for_propagation true # should be set true
+            # access_key_id $AWS_ACCESS_KEY_ID # $AWS_ACCESS_KEY_ID should be set as environmental variable in coolify's docker-compose.yml
+            # secret_access_key $AWS_SECRET_ACCESS_KEY # $AWS_SECRET_ACCESS_KEY should be set as environmental variable in coolify's docker-compose.yml
+            # region $AWS_REGION # $AWS_REGION should be set as environmental variable in coolify's docker-compose.yml
+        }
+    }
+    reverse_proxy localhost:5525 # route to frontend stage/preview deployments.
+}
diff --git a/apps/infra/stage/coolify/caddy/docker-compose.yml b/apps/infra/stage/coolify/caddy/docker-compose.yml
@@ -0,0 +1,31 @@
+networks:
+  coolify:
+    external: true
+services:
+  caddy:
+    container_name: coolify-proxy
+    image: 'jimin9038/caddy-docker-proxy-with-route53'
+    restart: unless-stopped
+    extra_hosts:
+      - 'host.docker.internal:host-gateway'
+    environment:
+      - CADDY_DOCKER_POLLING_INTERVAL=5s
+      - CADDY_DOCKER_CADDYFILE_PATH=/dynamic/Caddyfile
+      # For using DNS-01 challenge in Caddy, make an access key having access to use route53 - see: https://github.com/libdns/route53
+      - AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID
+      - AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY
+      - AWS_REGION=us-east-1
+    networks:
+      - coolify
+    ports:
+      - '80:80'
+      - '443:443'
+      - '443:443/udp'
+    labels:
+      - coolify.managed=true
+      - coolify.proxy=true
+    volumes:
+      - '/var/run/docker.sock:/var/run/docker.sock:ro'
+      - '/data/coolify/proxy/caddy/dynamic:/dynamic'
+      - '/data/coolify/proxy/caddy/config:/config'
+      - '/data/coolify/proxy/caddy/data:/data'