caddy-docker-proxy icon indicating copy to clipboard operation
caddy-docker-proxy copied to clipboard
verified publisher icon lucaslorentz

Define controller networks using the network name

Open lucaslorentz opened this issue 3 years ago • 0 comments

Currently, there is only 1 way to configure CDP in distributed mode (controllers + servers):

  • Setting CADDY_CONTROLLER_NETWORK with network CIDR on both controller and servers

What I'm changing:

  • CADDY_CONTROLLER_NETWORK can be configured with the network name when configured in controllers, or completely omitted if the controller is connected to a single network.
  • CADDY_CONTROLLER_NETWORK can be replaced by CADDY_CONTROLLER_URL on servers, and servers will fetch the controller network information from a new endpoint exposed in controllers.
  • When both CADDY_CONTROLLER_NETWORK and CADDY_CONTROLLER_URL are omitted on servers, they will allow configuration from all networks they're connected to.

This simplifies configuration for distributed mode and removes the need to hardcode network CIDRs:

  • When having a single network for ingress and controlling, you don't have to configure any of those settings anymore. Keep in mind that this approach is less secure, as any proxied container will have access to CDP servers' admin endpoints.
  • When separating ingress and controlling networks, the easiest configuration now is setting CADDY_CONTROLLER_NETWORK with the network name in controllers and setting CADDY_CONTROLLER_URL on servers.

Fixes #286

lucaslorentz avatar Nov 28 '22 23:11 lucaslorentz