Caddyfile config use case: I don’t use it as a proxy but only to host a static website. No auth or anything fancy here.

Why forking?

I maintained a fork of the official project because:

• Cache is active
• Run under alpine 3.8 (not scratch)
• Added UPX
• Added curl to do the healthcheck when docker service create. You must use healthcheck for serious orchestration.
• Added tiny, init for containers
• Removed exposing 80 443 as it's managed by Traefik (proxy). See my super-duper docker-stack for a better context.

Security Header screenshot

Get an A+ on security header out of the box.

Before I was using CloudFlare worker (5$ per month) to get the same result. I asked myself, how does a ‘real server’ is configured to manage the security-header? This is how.

Smaller than the official image

More features, much lighter. In the screenshot, you see the uncompressed sized on my local machine.

Usage

Launch those three bash scripts from your terminal:

./runup.sh
./runup-caddyfile.sh (mount the Caddyfile)
./rundown.sh