nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-11-20 16:19:19 +08:00
Code Issues Projects Releases Packages Wiki Activity
all-in-one/community-containers/caddy
History
Simon L. 147630df6d make readme better readable by adjusting links 
Signed-off-by: Simon L. <szaimen@e.mail.de>
2025-02-26 13:33:37 +01:00
..
caddy.json caddy community-container: allow to disable the vaultwarden admin interface 2024-07-12 16:53:57 +02:00
readme.md make readme better readable by adjusting links 2025-02-26 13:33:37 +01:00

readme.md

Caddy with geoblocking

This container bundles caddy and auto-configures it for you. It also covers vaultwarden by listening on bw.$NC_DOMAIN, if installed. It also covers stalwart by listening on mail.$NC_DOMAIN, if installed. It also covers jellyfin by listening on media.$NC_DOMAIN, if installed. It also covers lldap by listening on ldap.$NC_DOMAIN, if installed. It also covers nocodb by listening on tables.$NC_DOMAIN, if installed. It also covers jellyseerr by listening on requests.$NC_DOMAIN, if installed.

Notes

  • This container is incompatible with the npmplus community container. So make sure that you do not enable both at the same time!
  • Make sure that no other service is using port 443 on your host as otherwise the containers will fail to start. You can check this with sudo netstat -tulpn | grep 443 before installing AIO.
  • If you want to use this with vaultwarden, make sure that you point bw.your-nc-domain.com to your server using a cname record so that caddy can get a certificate automatically for vaultwarden.
  • If you want to use this with stalwart, make sure that you point mail.your-nc-domain.com to your server using an A, AAAA or CNAME record so that caddy can get a certificate automatically for stalwart.
  • If you want to use this with jellyfin, make sure that you point media.your-nc-domain.com to your server using a cname record so that caddy can get a certificate automatically for jellyfin.
  • If you want to use this with lldap, make sure that you point ldap.your-nc-domain.com to your server using a cname record so that caddy can get a certificate automatically for lldap.
  • If you want to use this with nocodb, make sure that you point tables.your-nc-domain.com to your server using a cname record so that caddy can get a certificate automatically for nocodb.
  • If you want to use this with jellyseerr, make sure that you point requests.your-nc-domain.com to your server using a cname record so that caddy can get a certificate automatically for jellyseerr.
  • After the container was started the first time, you should see a new nextcloud-aio-caddy folder and inside there an allowed-countries.txt file when you open the files app with the default admin user. In there you can adjust the allowed country codes for caddy by adding them to the first line, e.g. IT FR would allow access from italy and france. Private ip-ranges are always allowed. Additionally, in order to activate this config, you need to get an account at https://dev.maxmind.com/geoip/geolite2-free-geolocation-data and download the GeoLite2-Country.mmdb and upload it with this exact name into the nextcloud-aio-caddy folder. Afterwards restart all containers from the AIO interface and your new config should be active!
  • You can add your own Caddy configurations in /data/caddy-imports/ inside the Caddy container (sudo docker exec -it nextcloud-aio-caddy bash). These will be imported on container startup.
  • See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack

Repository

https://github.com/szaimen/aio-caddy

Maintainer

https://github.com/szaimen