27 Apr 2019, 02:01

Deploying a website with Caddy, Git and Kubernetes


Caddy is the swiss army of the web server, and with the recent commercial license changes, it’s time to give it some love back.

I have several static websites, some generated with Hugo, some are plain HTML.
I wanted a small container, to run it inside a Kubernetes cluster, capable of pulling some git repos and serve them.


Caddy is already capable of that with the help of caddy-git unfortunately it is only working with ssh keys.
I wanted it to use Github access token, also the current implementation is relying on the git command and sh, I wanted mine to be able to run on Distroless.


I’ve used go-git a pure Go implementation of git, to first make a clone of the git command: minigit.
minigit can be useful in devops environnements and scriptings to facilitate git pulls.
Faking the git command with minigit into your image and tweak caddy-git to pass an extra parameter --ghtoken

root /public
git https://github.com/myuser/repo {
   path /public
   clone_args --ghtoken XXXXXXXXXXXXX
   pull_args --ghtoken XXXXXXXXXXXXX
   interval 3600

It’s nice but I wanted something cleaner and get rid of the sh dependency, I had to fork caddy-git.


So here is caddy-puregit, a fork without execs but native pure Go git calls.
Give it your token and it will clone then pull on regular intervals.

root /public
puregit https://github.com/myuser/repo {
   path /public
   auth_token XXXXXXXXXXXXX 
   interval 3600

I’ve also created a Caddy + Hugo image, so you can trigger a Hugo build on every commits.

root /public
puregit https://github.com/myuser/hugo-blog {
   path /data
   then hugo --destination=/public --source=/data
   auth_token XXXXXXXXXXXXX 
   interval 3600

Here is caddy-puregit and associated Docker image & Dockerfile


Since Caddy supports environment variables it’s easy to deploy in k8s:

root /public
puregit {$REPO} {
    auth_token {$TOKEN}

Put your token into a secret and expose it as an environment variable.

Here is a template which will deploy caddy and pull your repo then serving it according to the config.


For development purpose, to work on a new Caddy plugin you can use the RegisterDevDirective, or you have to fork Caddy.

I don’t plan on maintaining this fork but I’ll reach out to the author since a pure Go git concept is working maybe he will be interested.