linderhof/roles/caddy/templates/compose.yml.j2

services:
  caddy:
    image: caddy:{{ caddy_version }}
    container_name: caddy
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "443:443/udp"
    healthcheck:
      test: ["CMD-SHELL", "wget -q -O /dev/null http://localhost:{{ caddy_metrics_port }}/metrics || exit 1"]
      interval: 30s
      timeout: 5s
      retries: 3
      start_period: 30s
    volumes:
      - /srv/caddy/Caddyfile:/etc/caddy/Caddyfile:ro
      - /srv/caddy/data:/data
      - /srv/caddy/config:/config
      - /srv/caddy/sites:/srv/sites:ro
      - /srv/goaccess/reports:/srv/goaccess/reports:ro
      - /var/www/acme:/var/www/acme:ro
    environment:
{% if enable_goaccess | default(true) %}
      GOACCESS_USER: "{{ goaccess_user }}"
      GOACCESS_HASH: "{{ caddy_goaccess_hash_stdout | replace('$', '$$') }}"
{% endif %}
    networks:
      - caddy
{% if enable_mail | default(true) %}
      - webmail
{% endif %}
{% if enable_forgejo | default(true) %}
      - git
{% endif %}
{% if enable_monitoring | default(true) %}
      - monitoring
{% endif %}
{% if enable_tuwunel | default(true) %}
      - tuwunel
{% endif %}
{% if enable_radicale | default(false) %}
      - radicale
{% endif %}

networks:
  caddy:
    external: true
{% if enable_mail | default(true) %}
  webmail:
    external: true
{% endif %}
{% if enable_forgejo | default(true) %}
  git:
    external: true
{% endif %}
{% if enable_monitoring | default(true) %}
  monitoring:
    external: true
{% endif %}
{% if enable_tuwunel | default(true) %}
  tuwunel:
    external: true
{% endif %}
{% if enable_radicale | default(false) %}
  radicale:
    external: true
{% endif %}