In case it helps someone else, this is what I do:

    FROM caddy:2-builder AS builder

    RUN xcaddy build \
        --with github.com/caddy-dns/cloudflare \
        --with github.com/greenpau/caddy-security

    FROM caddy:2

    COPY --from=builder /usr/bin/caddy /usr/bin/caddy

    COPY Caddyfile /etc/caddy/Caddyfile

Then just build & run it via docker compose