docker-compose-kitchen

docker-compose-kitchen

View on GitHub

To test custom TLS certs with docker-caddy

Directory structure

local-mac/task-012-caddy-https-domain-test-with-custom-certs
├── Caddyfile
├── ReadMe.md
├── certs
│   ├── star_domain.com.key
│   └── star_domain_com.chained.crt
├── docker-compose.yml
├── index.html
└── password-generation.yml
version: "3.7"

services:
  caddy:
    image: caddy:latest
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - $PWD/index.html:/usr/share/caddy/index.html
      - $PWD/Caddyfile:/etc/caddy/Caddyfile
      - $PWD/caddy_data:/data
      - ./certs:/etc/ssl/certs
    networks:
      - host

volumes:
  data01:
    driver: local

networks:
  host:
cert-validation-srv.domain.com:443 {
    tls /etc/ssl/certs/star_domain_com.chained.crt /etc/ssl/certs/star_domain.com.key
    root * /usr/share/caddy
    file_server
    basicauth * {
            username JDJiJDEyJGIuMEhnMU9IRkhCLlB4cUZPMVpJcWU0azVvdDcxQUdISHFOdE40eDVkdThRODlqRDFJRHJX
    }
}
hello world
- hosts: localhost
  gather_facts: false
  tasks:
    - debug:
        msg: "Password to be encrypted - password_admin"
$ ls certs          
star_domain.com.key         star_domain_com.chained.crt 
$ cat /etc/hosts | grep cert-validation
127.0.0.1 cert-validation-srv.domain.com
docker-compose up
$ curl  http://cert-validation-srv.domain.com 

$ curl -L http://cert-validation-srv.domain.com
hello world

$ curl https://cert-validation-srv.domain.com
hello world
$ ansible-playbook password-generation.yml -v
ok: [localhost] => {
    "msg": "JDJiJDEyJGRrWnExWmJGbnp0b3BoZmVjSVRnNk9TZXZ3T3VLNTFHUS9nRGs4a00yZ0lZQTZrSUR6MDUy"
}