The Caddy Docker image with the added
caddy-dns/cloudflare module for
DNS-01 ACME validation support.
Built for the same platforms as the upstream Caddy project (except Windows, sorry)!
Note
This image does not change anything with original Caddy Docker image except
replace the caddy
binary.
# Docker Hub
docker pull iarekylew00t/caddy-cloudflare:latest
# GHCR
docker pull ghcr.io/iarekylew00t/caddy-cloudflare:latest
The following tags are the latest available for the
iarekylew00t/caddy-cloudflare
image.
Check the GitHub Tags for a list of all versions!
Since this is built off the official Docker image all of the same Volumes, Environment variables, etc. can be used with this container. Please refer to the official Caddy Docker image and docs for more information on using Caddy.
Simply create the container as usual and include your CF_API_TOKEN
(email no
longer required for API Tokens). We can utilize Caddy's support for
Environment varaiables
to pass these values into our Caddyfile
.
Important
Be sure to create your Caddyfile
beforehand to avoid Docker startup errors.
docker run --rm -it \
--name caddy \
-p 80:80 \
-p 443:443 \
-v caddy_data:/data \
-v caddy_config:/config \
-v $PWD/Caddyfile:/etc/caddy/Caddyfile \
-e CF_API_TOKEN=UhKLc...JD9jk \
iarekylew00t/caddy-cloudflare:latest
If you prefer docker-compose
you can use the provided
docker-compose.yml
after updating it with your
CF_API_TOKEN
.
docker compose up
Set the global
acme_dns directive
in your Caddyfile
{
acme_dns cloudflare {env.CF_API_TOKEN}
}
or via JSON
{
"module": "acme",
"challenges": {
"dns": {
"provider": {
"name": "cloudflare",
"api_token": "{env.CF_API_TOKEN}"
}
}
}
}
See the caddy-dns/cloudflare module
and tls
directive
for advanced usage.
You can generate a Cloudflare API token via the Cloudflare web console using the following steps:
- Login to your Dashboard
- Go to Account Profile > API Tokens
- Click "Create token" (Use the "Create Custom Token" option)
- Grant the following permissions:
Zone > Zone > Read
Zone > DNS > Edit
You can easily build the Docker image locally by doing
docker build -t caddy-cloudflare .
If you prefer docker-compose
you can use the provided
docker-compose.yml
for building
docker compose build
All container images will be automatically signed via Cosign using keyless signatures. You can use the following command to verify the integrity of these images yourself.
cosign verify \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
--certificate-identity-regexp https://github.com/IAreKyleW00t/docker-caddy-cloudflare/.github/workflows/ \
iarekylew00t/caddy-cloudflare:latest
Feel free to contribute and make things better by opening an Issue or Pull Request.
See LICENSE.