# Caddy Podman installation

## Configuration

```bash
# Set secret
podman secret create addy-token $PATH_TO_FILE_CONTAINING_DESEC_TOKEN

# Copy templates
cp config.env.tmpl config.env
cp Caddyfile.tmpl Caddyfile
```

## Connecting services

Add the `proxy.network` to the service you would like to proxy. This can be done by either editing the quadlet directly or creating a systemd override like so:

1. Create a folder next to the container/pod file: `$name.$type.d/` (e.g. `nginx.container.d/`)
2. Create a config file (e.g. `proxy.conf`) in this folder with the following contents:
   1. Container
    ```yaml
    [Container]
    Network=proxy.network
    ```
    2. Kube
    ```yaml
    [Kube]
    Network=proxy.network:alias:my-service
    ```

> [!TIP]
> Configurations are also available to copy under `assets/`!

## Firewall settings

```bash
# Create port forwardings for port 80 and 443
sudo firewall-cmd --permanent --add-forward-port=port=80:proto=tcp:toport=8080
sudo firewall-cmd --permanent --add-forward-port=port=443:proto=tcp:toport=8443

# Reload firewall
sudo firewall-cmd --reload
```