I’ve been self hosting traditionally in debian, but I would like to be able to add services easier using docker. As such, I’m looking to move to a container based architecture.
One place I struggle is that I can’t seem to find a good container where the default image supports ACME to support Let’s encrypt for automatic cert renewal.
For Nginx, I would have you build my container. HAproxy ACME support seems to be a shell script.
Any suggestions?
I use Caddy and it’s great. ACME is very easy to configure, as is everything else. I haven’t tried running it in a container tho but they have official images published so it should work without issues.
I don’t think running Caddy in a container is needed. All my apps are docker images and Caddy is a system app. I treated as an important OS app.
Agreed
I run it in a container without problems. All you have you do is bind it to port 80 and 443. I prefer the container to running it directly within the host OS for ease of portability.
Also strongly recommend building it with support for DNS based validation. Using DNS validation you can have multiple instances running across the different servers you have to easily switch to or provide better local routing. For example please. I run one caddy frontend on a VPS that routes my traffic most of the time, but when I’m at home my DNS points me at a caddy instance that is running on my server on my home network avoiding the path of out to the internet and back home. Using http based validation would require me to sync certs around.