adapt stirling-pdf to caddy

proxy/Caddyfile

@@ -1,76 +1,18 @@
 {
-	email {env.EMAIL}
+	auto_https disable_redirects
+	local_certs
+	pki {
+		ca local {
+			name "{$LOCAL_CA_NAME}"
+		}
+	}
 	log default {
 		output stdout
 		format console
 	}
-	debug
 }
 
-*.{$DOMAIN} {
-	tls {
-		dns netcup {
-			customer_number {env.NETCUP_CUSTOMER_NUMBER}
-			api_key {env.NETCUP_API_KEY}
-			api_password {env.NETCUP_API_PASSWORD}
-		}
-		propagation_timeout 900s
-		propagation_delay 600s
-		resolvers 9.9.9.9
-	}
-	#header Strict-Transport-Security "max-age=63072000"
-
-	@whoami host whoami.{$DOMAIN}
-	handle @whoami {
-		reverse_proxy whoami:80
-	}
-
-	@dashboard host dashboard.{$DOMAIN}
-	handle @dashboard {
-		reverse_proxy homer:8080
-	}
-
-	@hassi host hassi.{$DOMAIN}
-	handle @hassi {
-		# reverse_proxy homeassistant:8123
-		reverse_proxy {host}:8123
-	}
-
-	@zigbee2mqtt host zigbee2mqtt.{$DOMAIN}
-	handle @zigbee2mqtt {
-		reverse_proxy zigbee2mqtt:8080
-	}
-
-	@jellyfin host jellyfin.{$DOMAIN}
-	handle @jellyfin {
-		reverse_proxy jellyfin:8096
-	}
-
-	@paperless host paperless.{$DOMAIN}
-	handle @paperless {
-		reverse_proxy paperless-ngx:8000
-	}
-
-	@download host download.{$DOMAIN}
-	handle @download {
-		reverse_proxy pyload:8000
-	}
-
-	@uptime host uptime.{$DOMAIN}
-	handle @uptime {
-		reverse_proxy uptime-kuma:3001
-	}
-
-	@torrent host torrent.{$DOMAIN}
-	handle @torrent {
-		reverse_proxy transmission:9091
-	}
-
-	# Fallback unhandled (sub)domains
-	handle {
-		error 404
-	}
-
+(errorhandler) {
 	handle_errors {
 		root * /usr/share/caddy/web
 		rewrite * /error.html
@@ -80,3 +22,70 @@
 		}
 	}
 }
+
+(localtls) {
+	tls internal
+}
+
+whoami.{$DOMAIN} http://whoami.{$DOMAIN} {
+	reverse_proxy whoami:80
+	import errorhandler
+}
+
+dashboard.{$DOMAIN}  http://dashboard.{$DOMAIN} {
+	reverse_proxy homer:8080
+	import errorhandler
+}
+
+hassi.{$DOMAIN} http://hassi.{$DOMAIN} {
+	# reverse_proxy homeassistant:8123
+	reverse_proxy {host}:8123
+	import errorhandler
+}
+
+zigbee2mqtt.{$DOMAIN} http://zigbee2mqtt.{$DOMAIN} {
+	reverse_proxy zigbee2mqtt:8080
+	import errorhandler
+}
+
+jellyfin.{$DOMAIN} http://jellyfin.{$DOMAIN} {
+	reverse_proxy jellyfin:8096
+	import errorhandler
+}
+
+paperless.{$DOMAIN} http://paperless.{$DOMAIN} {
+	reverse_proxy paperless-ngx:8000
+	import errorhandler
+}
+
+download.{$DOMAIN} http://download.{$DOMAIN} {
+	reverse_proxy pyload:8000
+	import errorhandler
+}
+
+uptime.{$DOMAIN} http://uptime.{$DOMAIN} {
+	reverse_proxy uptime-kuma:3001
+	import errorhandler
+}
+
+torrent.{$DOMAIN} http://torrent.{$DOMAIN} {
+	reverse_proxy transmission:9091
+	import errorhandler
+}
+
+pdf.{$DOMAIN} http://pdf.{$DOMAIN} {
+	reverse_proxy stirling-pdf:8080
+	import errorhandler
+}
+
+root-ca.{$DOMAIN} http://root-ca.{$DOMAIN} {
+	file_server * {
+		root /usr/share/caddy/web
+		hide .git Readme.md
+	}
+	file_server /root.crt {
+		root /data/caddy/pki/authorities/local/
+		hide *.key
+	}
+	import errorhandler
+}

proxy/Dockerfile

@@ -1,7 +0,0 @@
-FROM caddy:2-builder AS builder
-
-RUN xcaddy build --with github.com/caddy-dns/netcup
-
-FROM caddy:2
-
-COPY --from=builder /usr/bin/caddy /usr/bin/caddy

proxy/docker-compose.yaml

@@ -1,7 +1,7 @@
 services:
 
   caddy:
-    build: ./
+    image: caddy:2
     restart: unless-stopped
     ports:
       - 80:80
@@ -17,10 +17,6 @@ services:
     environment:
       - DOMAIN=${DOMAIN}
       - LOCAL_CA_NAME=${LOCAL_CA_NAME}
-      - NETCUP_CUSTOMER_NUMBER=${NETCUP_CUSTOMER_NUMBER}
-      - NETCUP_API_KEY=${NETCUP_API_KEY}
-      - NETCUP_API_PASSWORD=${NETCUP_API_PASSWORD}
-      - EMAIL=${LETSENCRYPT_MAIL}
     cap_add:
       - cap_net_bind_service
 

proxy/web/error.html

@@ -1,35 +0,0 @@
-<!DOCTYPE html>
-<html lang="de">
-
-<head>
-   <meta charset="UTF-8">
-   <title>Fehler</title>
-   <meta name="viewport" content="width=device-width, initial-scale=1">
-   <style>
-      :root {
-         max-width: 80ch;
-         padding: 3em 1em;
-         margin: auto;
-         font-size: 1.25em;
-         font-family: Arial, Helvetica, sans-serif;
-      }
-      footer {
-         position: absolute;
-         bottom: 0;
-         height: 50px;
-      }
-   </style>
-</head>
-
-<body>
-   <h1>{{placeholder "http.error.status_code"}}</h1>
-
-   {{placeholder "http.error.status_text"}}
-</body>
-
-<footer>
-   <a href="http://dashboard.home.florianzirker.de/">Dashboard</a>
-</footer>
-
-
-</html>

proxy/web/index.html

@@ -37,7 +37,7 @@
 
       <li>
          Um das CA-Certifikat in den Linux-Truststore zu installieren führen Sie folgende Befehle aus:
-         <pre><code>curl -o caddy-root-ca.crt <span id="url">http://example.home.florianzirker.de/</span>root.crt
+         <pre><code>curl -o caddy-root-ca.crt <span id="url">http://example.lan/</span>root.crt
 sudo mkdir -p /usr/local/share/ca-certificates/extra
 sudo cp caddy-root-ca.crt /usr/local/share/ca-certificates/extra/
 sudo update-ca-certificates

tools/docker-compose.yml

@@ -0,0 +1,22 @@
+services:
+
+  stirling-pdf:
+    image: frooodle/s-pdf:latest
+    # ports:
+    #   - '8080:8080'
+    networks:
+      - web
+    volumes:
+      - ${VOLUMES_PATH}/tools/stirling-pdf/trainingData:/usr/share/tesseract-ocr/5/tessdata #Required for extra OCR languages
+      - ${VOLUMES_PATH}/tools/stirling-pdf/extraConfigs:/configs
+#      - ${VOLUMES_PATH}/tools/stirling-pdf/customFiles:/customFiles/
+#      - ${VOLUMES_PATH}/tools/stirling-pdf/logs:/logs/
+    environment:
+      - DOCKER_ENABLE_SECURITY=false
+
+
+networks:
+  paperless:
+  web:
+    external: true
+