We've updated the Caddy web server binary and restored the ca-certificates.crt store to ensure secure transit and up-to-date functionality. Keeping these core dependencies current helps maintain the integrity of our networking stack.

This change refreshes the embedded Caddy executable and updates the image metadata from 2.4.6-rc.1 to 2.4.6 for the custom Cloudflare DNS-enabled build. It’s a small but meaningful maintenance update that moves the container off a release candidate and onto the stable upstream version without changing how the image is run. In practice, consumers get a cleaner, more production-ready base image.

This update bumps the Caddy binary to v2.4.6 and updates the default Caddyfile configuration to match the new v2 syntax. The buildcaddy.bash script was removed in favor of using xcaddy for future builds, and dead links were cleaned up from the README. This transition brings the container image up to date with modern Caddy standards.

This update bumps the Caddy server version to 2.4.6 and modernizes the Caddyfile configuration and README examples to reflect current Caddy v2 patterns. The build process was also updated to favor xcaddy over the legacy buildcaddy.bash script, ensuring a more stable and standard build pipeline.

This update bumps the bundled Caddy binary to version 2.4.6 and simplifies the container configuration. The buildcaddy.bash script was removed in favor of using xcaddy for builds, and the default Caddyfile has been modernized for the latest Caddy syntax. These changes streamline the build process and ensure the container runs on a current, stable version of Caddy.

This push migrates the image from Caddy 1.x to Caddy 2.4.5, including a new default CMD ["run"], a v2-style Caddyfile, and refreshed README examples for mounting content and configuring TLS. It also removes the bundled CA certificate bundle from the image, keeping the container more minimal while aligning the docs and runtime layout with how Caddy v2 is expected to run. For anyone using this image, the practical effect is a breaking-but-useful modernization: existing v1 configs will need updating, but the container is now aligned with current Caddy behavior.

This change adds docker-compose.yml to .gitignore after noting that the file contains sensitive information. It helps prevent accidental commits of local secrets or environment-specific config into the repository. The practical effect is safer local development with less risk of leaking credentials.

This change extends the compose template with a dedicated goaccess container and mounts Caddy’s GoAccess data directory into the existing setup. It also exposes GoAccess on port 7890 and adds the necessary volume mappings so access logs and generated reports can be read and served consistently. The practical effect is that traffic analytics can now run as part of the same container stack instead of being managed separately.

This commit introduces a docker-compose.yml.template for running Caddy with the expected bind mounts for web content plus persisted .caddy, .local, and .config state. It also wires in the Cloudflare token environment variables and exposes HTTP/HTTPS ports, making the container setup much closer to a ready-to-run deployment. The practical effect is a more reproducible local or server deployment with fewer manual setup steps.

This updates the Dockerfile to expose both 8080 and 8443 instead of only 8080. The change makes the container's intended HTTP and HTTPS ports explicit, which is especially useful when running as a non-root user and avoiding privileged ports like 80/443. In practice, deployments and local testing should now work more cleanly for TLS-enabled setups.

This push rolls the packaged Caddy binary forward to v1.0.5, updates the bundled CA certificate store from Fedora 31, and cleans out the old rkt service and documentation now that rkt is EOL. It also tightens up the README’s example port mappings so the runtime behavior is documented more accurately. The practical effect is a more current image with fresher trust roots and less dead deployment baggage.

This update significantly refreshes the container image, bumping the bundled Caddy HTTP server to a v1.0.0-beta release built using Go 1.12.4. In a notable security improvement, the Dockerfile has been modified to run the server as an unprivileged user (65534:65534), exposing port 8080 by default via a new minimal Caddyfile. Additionally, the build script now relies natively on Go modules instead of Caddy’s legacy custom build routines. These updates make the default image much safer to run out-of-the-box and the build tooling more idiomatic.

This push updates the checked-in rootfs/bin/caddy binary, specifically rebuilding Caddy v0.11.5 with the Go 1.12 toolchain. There’s no source-level application change here, but it does affect the runtime artifact that gets distributed with the image or rootfs. The practical effect is an updated packaged server binary, likely for compatibility or build-environment consistency.

This push refreshes the embedded Caddy binary to v0.11.3 and updates the supporting build script, systemd unit, and run documentation to match. The change is mostly a version sync, but it matters because the binary, service configuration, and operational docs all need to stay consistent for deployments and local testing. In practice, anyone using this branch will now build and run against the newer Caddy release.