From 39f6809393ce0b4af2833e21dd83a28db172bcab Mon Sep 17 00:00:00 2001 From: traveler Date: Thu, 30 Apr 2026 21:53:37 -0500 Subject: [PATCH] docs(gremlin): update caddy --- Netgrimoire/Services/caddy/caddy.md | 113 ++++++++++++++++++++++++++-- 1 file changed, 107 insertions(+), 6 deletions(-) diff --git a/Netgrimoire/Services/caddy/caddy.md b/Netgrimoire/Services/caddy/caddy.md index 7c65b6f..330a423 100644 --- a/Netgrimoire/Services/caddy/caddy.md +++ b/Netgrimoire/Services/caddy/caddy.md @@ -1,15 +1,116 @@ -# caddy Stack -description: Caddy reverse proxy in NetGrimoire Docker Swarm environment. +--- +title: caddy Stack +description: Reverse proxy for NetGrimoire services +published: true +date: 2026-05-01T02:51:41.019Z +tags: docker,swarm,caddy,netgrimoire +editor: markdown +dateCreated: 2026-05-01T02:51:41.019Z --- + +# caddy + ## Overview -Caddy is a secure web server that includes support for HTTPS, HTTP/2, WebSockets, VPNs, DNS, and more. It's designed to be highly configurable and secure. The `caddy` service provides access to the Caddy proxy, while also exposing internal services through reverse proxy. +The Caddy stack is a reverse proxy service that provides secure and efficient access to NetGrimoire services. It utilizes the Docker Swarm management system to deploy and manage multiple containers, ensuring high availability and scalability. ---- ## Architecture | Service | Image | Port | Role | |---------|-----|-----|---------| - **Host:** docker4 - **Network:** netgrimoire -- **Exposed via:** `http://netgrimoire:80`, `https://netgrimoire:443` -- **Homepage group:** `homepage` \ No newline at end of file +- **Exposed via:** `caddy:80`, `caddy:443` (internal only) +- **Homepage group:** [homepage](#homepage-group) + +--- + +## Build & Configuration + +### Prerequisites +* Docker and Docker Swarm installed on the manager node (`znas`) +* `docker4` worker nodes available in the swarm cluster + +### Volume Setup +```bash +mkdir -p /DockerVol/caddy-logs +mkdir -p /DockerVol/crowdsec-db +``` + +### Environment Variables +```bash +# generate: openssl rand -hex 32 +CADDY_INGRESS_NETWORKS: netgrimoire +CADDY_DOCKER_EVENT_THROTTLE_INTERVAL: 2000 +BYSLg/wKOa7wlHYzChJpBVJA06Ukc7G6fKJCvBwjyZg # Caddy bouncer API key +``` + +### Deploy +```bash +cd services/swarm/stack/caddy +set -a && source .env && set +a +docker stack config --compose-file caddy-stack.yml > resolved.yml +docker stack deploy --compose-file resolved.yml caddy +rm resolved.yml +docker stack services caddy +``` + +### First Run +After deploying the Caddy stack, verify that it is functioning correctly by accessing the `caddy:80` and `caddy:443` endpoints. + +--- + +## User Guide + +### Accessing caddy +| Service | URL | Purpose | +|---------|-----|---------| +- **Caddy** | `http://localhost:8900` | Reverse proxy for NetGrimoire services | +- **CrowdSec** | `http://localhost:8901` | Crowd security service | + +### Primary Use Cases +The Caddy stack provides secure reverse proxying and access control for NetGrimoire services, ensuring the integrity and confidentiality of sensitive data. + +### NetGrimoire Integrations +The Caddy stack integrates with other NetGrimoire services through environment variables and labels, including: + +* `kuma.*` labels for monitoring and logging +* `homepage.*` labels for dashboard integration + +--- + +## Operations + +### Monitoring +Use the `docker stack services caddy` command to view Caddy logs and monitoring information. + +```bash +docker stack services caddy +``` + +### Backups +Critical services, such as Caddy and CrowdSec, should be backed up regularly using the `/DockerVol/caddy-logs` volume. Non-critical services can be restored from the `/DockerVol/crowdsec-db` volume. + +--- + +## Common Failures +| Symptom | Cause | Fix | +|---------|------|-----| +* Caddy not accessible | Incorrect network configuration | Verify `CADDY_INGRESS_NETWORKS` environment variable is set to `netgrimoire` | +* CrowdSec not functioning | Missing API key in environment variables | Update `BYSLg/wKOa7wlHYzChJpBVJA06Ukc7G6fKJCvBwjyZg` with correct Caddy bouncer API key | + +--- + +## Changelog + +| Date | Commit | Summary | +|------|--------|---------| +| 2026-04-30 | 5dc452a7 | Initial documentation and configuration for the Caddy stack | +| 2026-04-30 | 40f19721 | Added environment variable for Caddy bouncer API key | +| 2026-02-24 | f51eba0f | Updated `caddy-stack.yml` file to include additional services and configurations | + +--- + +## Notes +* Generated by Gremlin on 2026-05-01T02:51:41.019Z +* Source: swarm/stack/caddy/caddy.yaml +* Review User Guide and Changelog sections \ No newline at end of file