a9e2a736fc
The xcaddy/Go compile burns ~1GB RAM this VPS can't spare (per ~/docs/caddy.md "Custom Binary"). Pull the prebuilt L4-enabled binary from the Caddy build server instead and swap it over the stock binary in the official image. Built and verified: caddy v2.11.3 with layer4.handlers.proxy + proxy_protocol. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
22 lines
1.0 KiB
Docker
22 lines
1.0 KiB
Docker
# Caddy with the layer-4 (TCP/UDP) app so it can proxy raw mail ports.
|
|
#
|
|
# Built the house way (see ~/docs/caddy.md "Custom Binary"): grab the prebuilt
|
|
# static binary from caddyserver.com's build server, NOT a local xcaddy/Go
|
|
# build. The compile burns ~1GB RAM, which this VPS can't spare — the download
|
|
# server does it for us. The base image only contributes its entrypoint + CA
|
|
# certs; we swap in the L4-enabled binary over the stock one.
|
|
#
|
|
# docker build -t tailwart-caddy ./caddy
|
|
#
|
|
# Add more plugins by appending &p=<url-encoded module path> to CADDY_DOWNLOAD,
|
|
# e.g. ...&p=github.com%2Fmholt%2Fcaddy-ratelimit (the main box build has that).
|
|
FROM caddy:2.11
|
|
|
|
ARG CADDY_DOWNLOAD="https://caddyserver.com/api/download?os=linux&arch=amd64&p=github.com%2Fmholt%2Fcaddy-l4"
|
|
|
|
RUN apk add --no-cache curl \
|
|
&& curl -fsSL -o /usr/bin/caddy "$CADDY_DOWNLOAD" \
|
|
&& chmod 0755 /usr/bin/caddy
|
|
# Fail the build loudly if the L4 module isn't actually in the binary.
|
|
RUN caddy list-modules | grep -q 'layer4' || { echo 'caddy-l4 missing from binary!'; exit 1; }
|