Sign in Subscribe

如何用caddy在一台电脑上架起无数个网站?如何设置docker的网络?

Last updated on 
如何用caddy在一台电脑上架起无数个网站?如何设置docker的网络?

写这篇文章原因是,我想在一个电脑上架设好几个网站,每个都希望用caddy进行反向代理。初始想法是每个docker-compose里都带一个caddy,这样就不用考虑网络问题。

但实际测试过程中发现,caddy使用的let's encryt(CA机构)只支持2种生成网站证书的方式:

  • http 自动化申请(需要开放80端口,其他端口会出现acme认证错误,实际情况是每个caddy都需要一个80端口)
  • dns 手动申请 (在dns资源列表上手动添加txt项目,来证明这个域名属于你,失去了使用caddy自动化增加ssl的意义)

所以进行了docker-compose外部网络的一点点了解:
https://docs.docker.com/compose/compose-file/06-networks/#external

  1. docker 创建一个在compose之外的网络
docker network create codimd_and_blog_net
  1. 创建codimd的docker-compose
    cat docker-compose.yml

version: "3"
services:
  database:
    image: postgres:11.6-alpine
    environment:
      - POSTGRES_USER=codimd
      - POSTGRES_PASSWORD=*********
      - POSTGRES_DB=codimd
    volumes:
      - ./data:/var/lib/postgresql/data
    restart: always

  codimd:
    image: hackmdio/hackmd:2.4.2
    environment:
      - CMD_DB_URL=postgres://*****
      - CMD_USECDN=false
      - CMD_GITHUB_CLIENTID=******
      - CMD_GITHUB_CLIENTSECRET=*****
    depends_on:
      - database
    # 需要注意的是codimd的port不需要公开,由caddy反向代理
    #ports:
    #  - "3000:3000"
    volumes:
      - ./upload:/home/hackmd/app/public/uploads
    restart: always
    # 这里需要2个网络,一个default用来和compose里数据库交流,另一个codimd_and_blog_net是用来和其他的docker-compose交流
    networks:
      - default
      - codimd_and_blog_net

networks:
# 说明一下引用那个外部生成的网络
  codimd_and_blog_net:
    external: true
  1. 创建blog的docker-compose
    整体思路和codimd的想法一样,cat docker-compose.yml
version: '3.1'

services:

  ghost:
    image: ghost:4-alpine
    restart: always
#  这里的port同样也不要公开
#    ports:
#      - 2368:2368
    volumes:
      - ./content:/var/lib/ghost/content
    environment:
      # see https://ghost.org/docs/config/#configuration-options
      database__client: mysql
      database__connection__host: db
      database__connection__user: root
      database__connection__password: *******
      database__connection__database: ghost
      # this url value is just an example, and is likely wrong for your environment!
      url: https://blog.wisepace.de
    #这里network的思路也是和codimd一致
    networks:
      - codimd_and_blog_net
      - default         
      # contrary to the default mentioned in the linked documentation, this image defaults to NODE_ENV=production (so development mode needs to be explicitly specified if desired)
      #  NODE_ENV: production

  db:
    image: mysql:8.0
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: *******
    volumes:
      - ./mysql_data/:/var/lib/mysql
      - ./mysql_conf/:/etc/mysql/conf.d
networks:
  codimd_and_blog_net:
    external: true
  1. 创建Caddy的docker-compose在整个系统中只有caddy作为反向代理,暴露80和443端口
root@v2202303188595221375:~/caddy# cat docker-compose.yml 
version: "3"
services:
  caddy:
    image: caddy:2.6.2-alpine
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
    networks:
      - codimd_and_blog_net
# 同样这里也是使用已经创建好的外部网络
networks:
  codimd_and_blog_net:
    external: true
  1. 进行反向代理的Caddy
    Caddyfile 按照如下设置,反向代理到相应service的port
cat Caddyfile 
codimd.your_domain.com {
	reverse_proxy  codimd:3000
}
gpt.your_domain.com {
	reverse_proxy  gpt:8018
}
blog.your_domain.com {
	reverse_proxy  ghost:2368
}
  1. 进行DNS资源条目的配置
    77088