🐳 caddy-cloudflare

The Caddy Docker image with the added caddy-dns/cloudflare module for DNS-01 ACME validation support.
Built for the same platforms as the upstream Caddy project (except Windows, sorry)!

Note

This image does not change anything with original Caddy Docker image except replace the caddy binary.

# Docker Hub
docker pull iarekylew00t/caddy-cloudflare:latest

# GHCR
docker pull ghcr.io/iarekylew00t/caddy-cloudflare:latest

Tags

The following tags are the latest available for the iarekylew00t/caddy-cloudflare image.

• latest
• 2.10.2
• 2.10
• 2

Check the GitHub Tags for a list of all versions!

Usage

Docker

Since this is built off the official Docker image all of the same Volumes, Environment variables, etc. can be used with this container. Please refer to the official Caddy Docker image and docs for more information on using Caddy.

Simply create the container as usual and include your CF_API_TOKEN (email no longer required for API Tokens). We can utilize Caddy's support for Environment varaiables to pass these values into our Caddyfile.

Important

Be sure to create your Caddyfile beforehand to avoid Docker startup errors.

docker run --rm -it \
  --name caddy \
  -p 80:80 \
  -p 443:443 \
  -v caddy_data:/data \
  -v caddy_config:/config \
  -v $PWD/Caddyfile:/etc/caddy/Caddyfile \
  -e CF_API_TOKEN=UhKLc...JD9jk \
  iarekylew00t/caddy-cloudflare:latest

If you prefer docker-compose you can use the provided docker-compose.yml after updating it with your CF_API_TOKEN.

docker compose up

Caddy

Set the global acme_dns directive in your Caddyfile

{
  acme_dns cloudflare {env.CF_API_TOKEN}
}

or via JSON

{
  "module": "acme",
  "challenges": {
    "dns": {
      "provider": {
        "name": "cloudflare",
        "api_token": "{env.CF_API_TOKEN}"
      }
    }
  }
}

See the caddy-dns/cloudflare module and tls directive for advanced usage.

Creating a Cloudflare API Token

You can generate a Cloudflare API token via the Cloudflare web console using the following steps:

1. Login to your Dashboard
2. Go to Account Profile > API Tokens
3. Click "Create token" (Use the "Create Custom Token" option)
4. Grant the following permissions:
   • Zone > Zone > Read
   • Zone > DNS > Edit

Building

You can easily build the Docker image locally by doing

docker build -t caddy-cloudflare .

If you prefer docker-compose you can use the provided docker-compose.yml for building

docker compose build

Container signatures

All container images will be automatically signed via Cosign using keyless signatures. You can use the following command to verify the integrity of these images yourself.

cosign verify \
  --certificate-oidc-issuer https://token.actions.githubusercontent.com \
  --certificate-identity-regexp https://github.com/IAreKyleW00t/docker-caddy-cloudflare/.github/workflows/ \
  iarekylew00t/caddy-cloudflare:latest

Contributing

Feel free to contribute and make things better by opening an Issue or Pull Request.

License

See LICENSE.