diff --git a/docker/caddy/Caddyfile b/docker/caddy/Caddyfile deleted file mode 100644 index be4259f8b3..0000000000 --- a/docker/caddy/Caddyfile +++ /dev/null @@ -1,24 +0,0 @@ -{ - # debug - local_certs - log { - format console - } - pki { - ca local { - name "Immich Local CA - TESTING ONLY" - intermediate_lifetime 3599d - } - } - grace_period 0 - shutdown_delay 0 - skip_install_trust - auto_https disable_redirects -} - -{$IMMICH_HOST}:3443 { - tls internal { - on_demand - } - reverse_proxy {$IMMICH_INTERNAL_URL} -} \ No newline at end of file diff --git a/docker/caddy/certs/README.md b/docker/caddy/certs/README.md deleted file mode 100644 index eee67c028f..0000000000 --- a/docker/caddy/certs/README.md +++ /dev/null @@ -1,15 +0,0 @@ -## What is in this folder? - -These are Caddy certificates necessary for local development using the service-worker, clipboard access, etc. - -This folder contains certs root and intermediate CAs. Caddy uses this to sign its server certs. - -These certificates have a 10yr expiration date. They should NOT be used in production. - -## How to use? -1. You should import these into your system keychain or truststore. (OS-specific) -2. Ensure 'immich-dev' resolves to the docker host. - * i.e. add entry in /etc/hosts that points to the host running the immich docker container. - -## Permissions -Caddy runs as root user. These files must be owned by root with 600 permissions. You make need to temporarily make these 644 so you can copy/import them into your trust store. \ No newline at end of file diff --git a/docker/caddy/certs/intermediate.crt b/docker/caddy/certs/intermediate.crt deleted file mode 100644 index 215814a39b..0000000000 --- a/docker/caddy/certs/intermediate.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIB2TCCAX+gAwIBAgIQaofX+uLl1ohUu1tDEoKbdjAKBggqhkjOPQQDAjA5MTcw -NQYDVQQDEy5JbW1pY2ggTG9jYWwgQ0EgLSBURVNUSU5HIE9OTFkgLSAyMDI1IEVD -QyBSb290MB4XDTI1MDMxNTE1MTMxOVoXDTM1MDEyMTE1MTMxOVowPDE6MDgGA1UE -AxMxSW1taWNoIExvY2FsIENBIC0gVEVTVElORyBPTkxZIC0gRUNDIEludGVybWVk -aWF0ZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABDIDN4PR36WU+XZYaUxzdRpd -R5PUJ34oeqnthRIvxz5k1v324pYvk/unKkr4/73+YiQgbGJYoXuS1RosMh6+J4aj -ZjBkMA4GA1UdDwEB/wQEAwIBBjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQW -BBSgTH3mPyuKmXKSfUn/XC9Ag69trTAfBgNVHSMEGDAWgBRjdUoajCqc0KfFvLbw -sdJQqL6iCjAKBggqhkjOPQQDAgNIADBFAiEA2zQBXgof4D7pk9RF/J5MKCMi+mGq -s8I8MQM0X0PWv6wCIG8R0KOvwiYPxsX+TDUtG4F2rYdSb6OHbcoYg0UEwMVZ ------END CERTIFICATE----- diff --git a/docker/caddy/certs/intermediate.key b/docker/caddy/certs/intermediate.key deleted file mode 100644 index 350e9b4ac9..0000000000 --- a/docker/caddy/certs/intermediate.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIPO0Ao4ha+T3Op2UljmdroXbvsDrKYMqGvu9762W+mZqoAoGCCqGSM49 -AwEHoUQDQgAEMgM3g9HfpZT5dlhpTHN1Gl1Hk9Qnfih6qe2FEi/HPmTW/fbili+T -+6cqSvj/vf5iJCBsYlihe5LVGiwyHr4nhg== ------END EC PRIVATE KEY----- diff --git a/docker/caddy/certs/root.crt b/docker/caddy/certs/root.crt deleted file mode 100644 index 4acf46212a..0000000000 --- a/docker/caddy/certs/root.crt +++ /dev/null @@ -1,12 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIBtzCCAVygAwIBAgIRAMd1v26Z7/BEBZVgNeUSPD8wCgYIKoZIzj0EAwIwOTE3 -MDUGA1UEAxMuSW1taWNoIExvY2FsIENBIC0gVEVTVElORyBPTkxZIC0gMjAyNSBF -Q0MgUm9vdDAeFw0yNTAzMTUxNTEzMTlaFw0zNTAxMjIxNTEzMTlaMDkxNzA1BgNV -BAMTLkltbWljaCBMb2NhbCBDQSAtIFRFU1RJTkcgT05MWSAtIDIwMjUgRUNDIFJv -b3QwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATcZGmAJUrSce1rOvNPcSAM9hDS -/9NopYW9833n52kqrC+ArUZsMHC2BxN5Ndlu+ac288oSrUKLOxzes0Lr+Jeto0Uw -QzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBATAdBgNVHQ4EFgQU -Y3VKGowqnNCnxby28LHSUKi+ogowCgYIKoZIzj0EAwIDSQAwRgIhAOQMD95mhs6G -qxzoMXbYgjw5S5cF4HP4yYBYcvrmuypVAiEAlG//Ayx9kicVHVeOchm4RyRCm1hU -zEBhaqC33ivd4D8= ------END CERTIFICATE----- diff --git a/docker/caddy/certs/root.key b/docker/caddy/certs/root.key deleted file mode 100644 index c5cc9bc59e..0000000000 --- a/docker/caddy/certs/root.key +++ /dev/null @@ -1,5 +0,0 @@ ------BEGIN EC PRIVATE KEY----- -MHcCAQEEIDrpG22VrpagAKo7dPL16RihojPr7MgYcKwZA5jSMrXioAoGCCqGSM49 -AwEHoUQDQgAE3GRpgCVK0nHtazrzT3EgDPYQ0v/TaKWFvfN95+dpKqwvgK1GbDBw -tgcTeTXZbvmnNvPKEq1Cizsc3rNC6/iXrQ== ------END EC PRIVATE KEY----- diff --git a/docker/docker-compose.dev.yml b/docker/docker-compose.dev.yml index 89ed673d14..f2f814fbd0 100644 --- a/docker/docker-compose.dev.yml +++ b/docker/docker-compose.dev.yml @@ -14,21 +14,6 @@ name: immich-dev services: - immich-caddy: - container_name: immich_caddy - image: caddy:2.9.1-alpine - restart: unless-stopped - ports: - - "2019:2019" - - "3443:3443" - - "3443:3443/udp" - environment: - IMMICH_HOST: immich-dev - IMMICH_INTERNAL_URL: http://immich-web:3000 - volumes: - - ./caddy:/etc/caddy - - ./caddy/certs:/data/caddy/pki/authorities/local - command: ["/bin/sh", "-c", "chown 0:0 /data/caddy/pki/authorities/local/*; chmod 600 /data/caddy/pki/authorities/local/*; caddy run --config /etc/caddy/Caddyfile --adapter caddyfile"] immich-server: container_name: immich_server command: ['/usr/src/app/bin/immich-dev'] diff --git a/docker/docker-compose.prod.yml b/docker/docker-compose.prod.yml index 554f539b3a..559dd55e72 100644 --- a/docker/docker-compose.prod.yml +++ b/docker/docker-compose.prod.yml @@ -10,20 +10,6 @@ name: immich-prod services: - immich-caddy: - container_name: immich_caddy - image: caddy:2.9.1-alpine - restart: unless-stopped - ports: - - "3443:3443" - - "3443:3443/udp" - environment: - IMMICH_HOST: immich-dev - IMMICH_INTERNAL_URL: http://immich-server:2283 - volumes: - - ./caddy:/etc/caddy - - ./caddy/certs:/data/caddy/pki/authorities/local - command: ["/bin/sh", "-c", "chown 0:0 /data/caddy/pki/authorities/local/*; chmod 600 /data/caddy/pki/authorities/local/*; caddy run --config /etc/caddy/Caddyfile --adapter caddyfile"] immich-server: container_name: immich_server image: immich-server:latest