Open jgwehr opened 1 week ago
Potential change to Dockerfile:
ARG CADDY_VERSION=2.8.4
FROM caddy:${CADDY_VERSION}-builder-alpine AS builder
RUN xcaddy build \
--with github.com/caddy-dns/duckdns \
--with github.com/hslatman/caddy-crowdsec-bouncer/http \
--with github.com/hslatman/caddy-crowdsec-bouncer/layer4@main
FROM caddy:${CADDY_VERSION} AS caddy
WORKDIR /
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
The current example also includes layer4 support but... I'd like to see if CrowdSec can even be reliable before adding more features.
Investigation continues. Even with CrowdSec removed, there's still regular breaks in http connections. Unfortunately that means I need to do a full E2E investigation.
I've been getting "Let's Encrypt" Staging expiration emails for my subdomains - which should not be the case since I haven't used Staging in several years. This points me towards this thread (https://caddy.community/t/how-to-use-lets-encrypt-staging-endpoint-with-caddy/18514) which hints at a broader issue:
But if Caddy encounters isolated errors in production, it will gracefully fall back to Let’s Encrypt staging endpoint automatically
I'll look into how I've configured Caddy to see if something has been outdated.
Describe the solution you'd like Crowdsec has been a perpetual PITA since I started using it several years ago. While promising (and unique), each update seems to reset the API keys - causing unnecessary maintenance. Additionally it regularly breaks my reverse proxy without any explanation. The Crowdsec logs show no issues while Caddy throws LAPI errors. ~When crowdsec is removed, everything works fine.~
Multiple containers seem to have issues (Tandoor, Rallly especially).
That said, I haven't changed my implementation since I first started. It seems there's been updates to how Caddy+Crowdsec should be implemented: https://github.com/crowdsecurity/example-docker-compose/tree/main/caddy
Describe alternatives you've considered Are there any??
But, I also need to do an end to end trace. Other potential points of failure:
Additional context Add any other context or screenshots about the feature request here.