Make Caddy container ports configurable via environment variables

[Copilot]

The Caddy container was hardcoded to expose ports 80/443, causing conflicts when those ports are already in use by other services.

Changes

• Added environment variables SPO_CADDY_PORT_HTTP (default: 80) and SPO_CADDY_PORT_HTTPS (default: 443)
• Updated Caddy's internal listen configuration to use configured ports
• Updated Docker port bindings to expose container on configured host ports

Implementation

Modified CaddyConfig.kt:

// Read configuration
private val caddyPortHttp: Int = config.readConfigValue(80, "SPO_CADDY_PORT_HTTP") { it.toInt() }
private val caddyPortHttps: Int = config.readConfigValue(443, "SPO_CADDY_PORT_HTTPS") { it.toInt() }

// Configure Caddy listen ports
val listen = if (enableTls) listOf(":$caddyPortHttps") else listOf(":$caddyPortHttp")

// Configure Docker port bindings
val ports = if (enableTls) listOf("$caddyPortHttp", "$caddyPortHttps") else listOf("$caddyPortHttp")

Defaults maintain backward compatibility. When TLS is enabled, both ports are exposed; otherwise only HTTP port is used.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• nexus.openanalytics.eu
  • Triggering command: /usr/lib/jvm/temurin-17-jdk-amd64/bin/java /usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/shinyproxy-operator/shinyproxy-operator org.codehaus.plexus.classworlds.launcher.Launcher clean compile -DskipTests (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Make the port for caddy user configurable</issue_title>
<issue_description>This project automatically spins up a caddy container exposed on port 80 (or 443 for tls). This is problematic when already running other services on those ports. Make these changeable by setting the following environment variables.

• SPO_CADDY_PORT_HTTP
• SPO_CADDY_PORT_HTTPS

The operator should take those variables and use them to set the port that caddy is exposed at. Adjust code as necessary to make the port be according to those environment variables. Be sure to also change any config files in the Caddy container as needed. If no environment variables are provided, the defaults should be 80/443.</issue_description>

Comments on the Issue (you are @copilot in this section)

• Fixes Make the port for caddy user configurable #1

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[jaredlander]

Will this automatically handle the Caddyfile.json?