a4262da7c9
- Changed ownership of all files to scheianu:scheianu - Set directories to 755 permissions (rwxr-xr-x) - Set files to 644 permissions (rw-r--r--) - Made shell scripts executable (755) - Allows development without requiring sudo for file modifications - Improves development workflow and security
1.5 KiB
1.5 KiB
DigiServer v2 - HTTPS Setup with Caddy
This setup uses Caddy as a reverse proxy with automatic HTTPS via Let's Encrypt.
Quick Setup
1. Configure Domain
Create a .env file or edit the existing one:
cp .env.example .env
Edit .env and set:
DOMAIN=your-domain.com
EMAIL=admin@your-domain.com
2. Point Your Domain
Make sure your domain's DNS A record points to your server's IP address.
3. Start Services
docker compose up -d
That's it! Caddy will automatically:
- Obtain SSL certificates from Let's Encrypt
- Renew certificates before expiration
- Redirect HTTP to HTTPS
- Enable HTTP/2 and HTTP/3
Access Your Site
- HTTP: http://your-domain.com (redirects to HTTPS)
- HTTPS: https://your-domain.com
Testing Locally (Without Domain)
If you don't have a domain yet, leave DOMAIN as localhost:
DOMAIN=localhost
Then access: http://localhost (no HTTPS, but app works)
Certificate Storage
SSL certificates are stored in Docker volumes:
caddy-data- Certificate datacaddy-config- Caddy configuration
Troubleshooting
Check Caddy logs:
docker logs digiserver-caddy
Verify certificates:
docker exec digiserver-caddy caddy list-certificates
Force certificate renewal:
docker exec digiserver-caddy caddy reload --config /etc/caddy/Caddyfile
Port Forwarding
Make sure your firewall/router allows:
- Port 80 (HTTP - for Let's Encrypt challenge)
- Port 443 (HTTPS)