decentral1se/caddy-incus-upstreams
1
0
Fork 1
Code Issues 4 Pull Requests Activity
14 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
decentral1se e0bd6cbeb3
docs: how to install
2024-12-18 15:49:44 +01:00
.gitignore
feat: init
2024-12-12 15:31:54 +01:00
go.mod
feat: init
2024-12-12 15:31:54 +01:00
go.sum
feat: init
2024-12-12 15:31:54 +01:00
incus.go
refactor: less info/error
2024-12-18 15:47:59 +01:00
LICENSE
feat: init
2024-12-12 15:31:54 +01:00
README.md
docs: how to install
2024-12-18 15:49:44 +01:00

README.md

caddy-incus-upstreams

Status: HIGHLY experimental, patches welcome 🚩

Incus dynamic upstreams for Caddy v2+ 🧨

Usage

Set the following config on your Incus instance.

incus config set <instance-name> user.caddyserver.http.enable=true
incus config set <instance-name> user.caddyserver.http.matchers.host=<domain>
incus config set <instance-name> user.caddyserver.http.upstream.port=<port>

Build a fresh caddy with this plugin.

xcaddy build \
  --with=git.coopcloud.tech/decentral1se/caddy-incus-upstreams \
  --replace=go.opentelemetry.io/otel/sdk=go.opentelemetry.io/otel/sdk@v1.25.0

Wire up a Caddyfile based on this example.

example.com {
  reverse_proxy {
    dynamic incus
  }
}

Notes

The plugin responds to the following Incus events:

  • api.EventLifecycleInstanceCreated
  • api.EventLifecycleInstanceRestarted
  • api.EventLifecycleInstanceResumed
  • api.EventLifecycleInstanceStarted

There is a rather crude implementation for handling these events. We simply wire up a few seconds of sleep to allow for the network part of the instance to come up. Otherwise, there is not network address to retrieve.

We currently only match against the upstream ipv4 addresses of instances.

The system user that runs Caddy must be root or be in the incus-admin group so that it can make queries across projects for different instances.

FAQ

Does this support wildcard certificates?

Yes! You'll need to enable a DNS plugin and wire up something like this in a Caddyfile.

{
  acme_dns <your-provider-here> <your-token-here>
}

*.example.org {
  reverse_proxy {
    dynamic incus
  }
}

Hackin'

Install xcaddy and Incus.

Create this Caddyfile in the root of the project repository.

{
  debug
  http_port 6565
}

http://foo.localhost {
  reverse_proxy {
    dynamic incus
  }
}

Then create a new instance and assign the relevant config.

incus launch images:alpine/3.20 foo
incus config set foo user.caddyserver.http.enable=true
incus config set foo user.caddyserver.http.matchers.host=foo.localhost
incus config set foo user.caddyserver.http.upstream.port=80

Serve something from your instance.

incus shell foo
apk add python3
python3 -m http.server 80

Run Caddy with the plugin baked in.

xcaddy run

And finally, route a request to the instance via Caddy.

curl -X GET http://foo.localhost:6565

🧨

ACK

License

Description
Incus dynamic upstreams for Caddy v2+ 🧨
Readme 198 KiB
Languages
Go 100%