43 lines
1.1 KiB
Markdown
43 lines
1.1 KiB
Markdown
# Caddy Podman installation
|
|
|
|
## Configuration
|
|
|
|
```bash
|
|
# Set secret
|
|
podman secret create addy-token $PATH_TO_FILE_CONTAINING_DESEC_TOKEN
|
|
|
|
# Copy templates
|
|
cp config.env.tmpl config.env
|
|
cp Caddyfile.tmpl Caddyfile
|
|
```
|
|
|
|
## Connecting services
|
|
|
|
Add the `proxy.network` to the service you would like to proxy. This can be done by either editing the quadlet directly or creating a systemd override like so:
|
|
|
|
1. Create a folder next to the container/pod file: `$name.$type.d/` (e.g. `nginx.container.d/`)
|
|
2. Create a config file (e.g. `proxy.conf`) in this folder with the following contents:
|
|
1. Container
|
|
```yaml
|
|
[Container]
|
|
Network=proxy.network
|
|
```
|
|
2. Kube
|
|
```yaml
|
|
[Kube]
|
|
Network=proxy.network:alias:my-service
|
|
```
|
|
|
|
> [!TIP]
|
|
> Configurations are also available to copy under `assets/`!
|
|
|
|
## Firewall settings
|
|
|
|
```bash
|
|
# Create port forwardings for port 80 and 443
|
|
sudo firewall-cmd --permanent --add-forward-port=port=80:proto=tcp:toport=8080
|
|
sudo firewall-cmd --permanent --add-forward-port=port=443:proto=tcp:toport=8443
|
|
|
|
# Reload firewall
|
|
sudo firewall-cmd --reload
|
|
``` |