From 7c402b5c380e9354d6d3468d6438cde9e8cc27a1 Mon Sep 17 00:00:00 2001
From: Simon Kuehn <simon@kuehn.de>
Date: Sun, 17 May 2026 17:58:56 +0000
Subject: [PATCH] feat: configure Caddy for ss3k.schaunwama.de via PHP-FPM Unix
 socket

Replaces TCP app:9000 with a shared Unix socket volume, adds domain
with automatic Let's Encrypt TLS, and exposes ports 80/443 on Caddy.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 docker-compose.yml     | 14 ++++++++++++++
 docker/app/Dockerfile  |  1 +
 docker/app/www.conf    |  3 +++
 docker/caddy/Caddyfile |  4 ++--
 4 files changed, 20 insertions(+), 2 deletions(-)
 create mode 100644 docker/app/www.conf

diff --git a/docker-compose.yml b/docker-compose.yml
index 47155a9..2449038 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,6 +8,7 @@ services:
       HOME: /tmp
     volumes:
       - .:/var/www
+      - php_socket:/var/run/php
     depends_on:
       postgres:
         condition: service_healthy
@@ -17,10 +18,14 @@ services:
 
   caddy:
     image: caddy:2-alpine
+    ports:
+      - "80:80"
+      - "443:443"
     volumes:
       - ./docker/caddy/Caddyfile:/etc/caddy/Caddyfile
       - .:/var/www
       - caddy_data:/data
+      - php_socket:/var/run/php
     depends_on:
       - app
 
@@ -117,3 +122,12 @@ volumes:
   postgres_data:
   redis_data:
   caddy_data:
+  php_socket:
+
+networks:
+  default:
+    driver: bridge
+    ipam:
+      config:
+        - subnet: 172.18.0.0/24
+          gateway: 172.18.0.1
diff --git a/docker/app/Dockerfile b/docker/app/Dockerfile
index 51c87e3..33e384a 100644
--- a/docker/app/Dockerfile
+++ b/docker/app/Dockerfile
@@ -17,3 +17,4 @@ COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 WORKDIR /var/www
 
 COPY docker/app/php.ini /usr/local/etc/php/conf.d/app.ini
+COPY docker/app/www.conf /usr/local/etc/php/php-fpm.d/www.conf
diff --git a/docker/app/www.conf b/docker/app/www.conf
new file mode 100644
index 0000000..2e9ba03
--- /dev/null
+++ b/docker/app/www.conf
@@ -0,0 +1,3 @@
+[www]
+listen = /var/run/php/php-fpm.sock
+listen.mode = 0660
diff --git a/docker/caddy/Caddyfile b/docker/caddy/Caddyfile
index 06d3dd3..c9c821d 100644
--- a/docker/caddy/Caddyfile
+++ b/docker/caddy/Caddyfile
@@ -2,9 +2,9 @@
     admin off
 }
 
-:80 {
+ss3k.schaunwama.de {
     root * /var/www/public
-    php_fastcgi app:9000
+    php_fastcgi unix//var/run/php/php-fpm.sock
     file_server
     encode gzip