Dockerfile, Caddyfile, and github action

Actual Caddyfile

{
    auto_https off
}


:443 {
    bind tailscale+tls/app
    handle / {
        reverse_proxy / http://192.168.1.1:29552
    }

}

caddy.yml

name: Caddy Build
on:
    workflow_dispatch:
    push:

env:
    DOCKER_BUILDKIT: '1'
    XCADDY_VERSION: v0.3.4
    # Configures xcaddy to build with this version of Caddy
    CADDY_VERSION: v2.6.4
    # Configures xcaddy to not clean up post-build (unnecessary in a container)
    XCADDY_SKIP_CLEANUP: 1
    # Sets capabilities for output caddy binary to be able to bind to privileged ports
    XCADDY_SETCAP: 1

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      # setup golang to install xcaddy
      - name: Setup Go
        uses: actions/setup-go@v4
        with:
          go-version: 'stable'
      - name: Install xcaddy
        run: go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
      # build caddy with plugins
      - name: Build Caddy
        run: xcaddy build --with github.com/tailscale/caddy-tailscale
      # upload built binary as artifact
      - name: Upload Artifact
        uses: actions/upload-artifact@v3
        with:
          name: caddy
          path: caddy
  docker:
    runs-on: ubuntu-latest
    needs: build
    services:
      registry:
        image: registry:2
        ports:
          - 5000:5000
    steps:
      # checkout source code
      - name: Checkout
        uses: actions/checkout@v3

      # download built binary from artifact
      - name: Download Artifact
        uses: actions/download-artifact@v3
        with:
          name: caddy
          path: .

      # setup qemu
      - name: Setup QEMU
        uses: docker/setup-qemu-action@v2

      # setup docker buildx
      - name: Setup Docker Buildx
        uses: docker/setup-buildx-action@v2
        with:
          driver-opts: network=host

      - name: Login to Docker Hub
        uses: docker/login-action@v2
        with:
          username: clly
          password: ${{ secrets.DOCKERHUB_TOKEN }}

      # build docker image
      - name: Build Docker Image
        uses: docker/build-push-action@v2
        with:
          context: .
          file: build/caddy/Dockerfile
          platforms: linux/amd64
          push: true
          tags: |
            clly/caddy:latest
            clly/caddy:${{ env.CADDY_VERSION}}

Default Caddyfile

:80

route {
    respond "Hello, world!"
}

Dockerfile

cat build/caddy/Dockerfile 
# Dockerfile to build Caddy container image using an on disk caddy binary and a Caddyfile

FROM alpine:3.7

ENV XCADDY_VERSION v0.3.4
# Configures xcaddy to build with this version of Caddy
ENV CADDY_VERSION v2.6.4
# Configures xcaddy to not clean up post-build (unnecessary in a container)
ENV XCADDY_SKIP_CLEANUP 1
# Sets capabilities for output caddy binary to be able to bind to privileged ports
ENV XCADDY_SETCAP 1

RUN apk add --no-cache ca-certificates libcap mailcap

RUN set -eux; \
    mkdir -p /config/caddy \
      /data/caddy \
      /etc/caddy \
      /usr/share/caddy

COPY caddy /usr/bin/caddy
COPY build/caddy/Caddyfile /etc/caddy/Caddyfile

ENV XDG_CONFIG_HOME /config
ENV XDG_DATA_HOME /data

LABEL org.opencontainers.image.version=v2.6.4
LABEL org.opencontainers.image.title=Caddy
LABEL org.opencontainers.image.description="a powerful, enterprise-ready, open source web server with automatic HTTPS written in Go"
LABEL org.opencontainers.image.url=https://caddyserver.com
LABEL org.opencontainers.image.documentation=https://caddyserver.com/docs
LABEL org.opencontainers.image.vendor="Light Code Labs"
LABEL org.opencontainers.image.licenses=Apache-2.0
LABEL org.opencontainers.image.source="https://github.com/caddyserver/caddy-docker"

EXPOSE 80
EXPOSE 443
EXPOSE 443/udp
EXPOSE 2019

WORKDIR /srv

CMD ["/usr/bin/caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]