github homeall/caddy-reverse-proxy-cloudflare 2025.10.21
on GitHub

3 days ago

🚀 Docker Images for This Release

This release provides multi-architecture Docker images (amd64, arm64, and arm) published to both Docker Hub and GitHub Container Registry (GHCR).

🔹 Docker Hub

Note: Docker Hub is the world's most popular public container registry, but it enforces anonymous pull limits. If you are automating deployments or have many servers, consider using GHCR below to avoid interruptions.

Repository: homeall/caddy-reverse-proxy-cloudflare
Tags available: latest, 2025.10.21
Image Digest: sha256:bc82e541c17f365a466b7fa911f49170c8631a018c831aa0bc5e21205e12bc68

Pull commands: 

docker pull homeall/caddy-reverse-proxy-cloudflare:latest
docker pull homeall/caddy-reverse-proxy-cloudflare:2025.10.21

🔹 GitHub Container Registry (GHCR)

GHCR offers higher pull rate limits, strong integration with GitHub, and is recommended for most CI/CD or cloud-native environments.

Repository: ghcr.io/homeall/caddy-reverse-proxy-cloudflare
Tags available: latest, 2025.10.21

Pull commands: 

docker pull ghcr.io/homeall/caddy-reverse-proxy-cloudflare:latest
docker pull ghcr.io/homeall/caddy-reverse-proxy-cloudflare:2025.10.21

Pull by digest: 

docker pull ghcr.io/homeall/caddy-reverse-proxy-cloudflare@sha256:bc82e541c17f365a466b7fa911f49170c8631a018c831aa0bc5e21205e12bc68

🔒 Supply Chain Security

These images are signed and include:

  • SLSA Provenance: Downloadable and verifiable from the GitHub UI.
  • Cosign signatures: For tamper-evidence and trust.

How to verify:

1. Verify the image signature (recommended for everyone)

cosign verify \
  --certificate-identity "https://github.com/homeall/caddy-reverse-proxy-cloudflare/.github/workflows/main.yml@refs/heads/main" \
  --certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
  ghcr.io/homeall/caddy-reverse-proxy-cloudflare:@sha256:bc82e541c17f365a466b7fa911f49170c8631a018c831aa0bc5e21205e12bc68

2. Download provenance/SBOM from the workflow run artifacts below.

Then verify with:

gh attestation verify --owner homeall <provenance-or-sbom-file.json>

Links:

Download the 'spdx.json' or provenance artifact from the run above to verify.

Note: 'cosign verify-attestation' is not supported for this release, as attestations are not yet published to the registry. Use the provenance file and 'gh attestation verify' instead.

See Sigstore Cosign Docs and GitHub Attestation Docs for full instructions.

Need help or want to report an issue?

Open an issue on GitHub.

Check out latest releases or
releases around homeall/caddy-reverse-proxy-cloudflare 2025.10.21

Don't miss a new caddy-reverse-proxy-cloudflare release

NewReleases is sending notifications on new releases.

Get notifications