Switch from a custom caddy-dns/gandi image built on-host to the official caddy:2 image with per-host ACME HTTP-01 certificates. Removes the Dockerfile, env.j2 (Gandi token), on-host image build/ship/load tasks, the caddy-image Makefile target, and the wildcard DNS-01 Caddyfile. Each route now gets its own server block and automatic certificate. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
6 lines
363 B
YAML
6 lines
363 B
YAML
---
|
|
# Caddy reverse proxy (ADR-024). Vanilla Caddy; TLS via ACME HTTP-01 (public hosts).
|
|
reverse_proxy__base_dir: /opt/services/reverse_proxy
|
|
reverse_proxy__acme_email: admin@example.test
|
|
reverse_proxy__routes: [] # each: {host: x, upstream: "svc:port"} OR {host: x, respond: "text"}
|
|
reverse_proxy__manage: true # set false in Molecule to render without Docker
|