jbc.lol / wafrn
unoffical wafrn mirror wafrn.net
atproto social-network activitypub
fork atom
wafrn / packages / frontend / Caddyfile.example
at angular21 127 lines 3.4 kB view raw
Gabriel Amador García test
125ffdf6
1{ 2 email ${{ACME_EMAIL}} 3 4 log { 5 6 } 7 8 metrics { 9 per_host 10 } 11 12 admin 0.0.0.0:2019 13 14 on_demand_tls { 15 ask http://${{PDS_HOST:-pds:3000}}/tls-check 16 } 17 18 import /etc/caddy/config/global/* ${{DOMAIN_NAME}} 19} 20 21${{MEDIA_DOMAIN}} { 22 import /etc/caddy/config/media_domain_pre/* ${{DOMAIN_NAME}} ${{MEDIA_DOMAIN}} 23 24 handle { 25 root * /var/www/html/uploads/ 26 try_files {path} /index.html 27 file_server 28 } 29 30 import /etc/caddy/config/media_domain_post/* ${{DOMAIN_NAME}} ${{MEDIA_DOMAIN}} 31} 32 33${{CACHE_DOMAIN}} { 34 import /etc/caddy/config/cache_domain_pre/* ${{DOMAIN_NAME}} ${{CACHE_DOMAIN}} 35 36 handle /api/cache* { 37 reverse_proxy ${{CACHE_HOST:-backend:9000}} 38 } 39 40 handle /api/v2/cache/* { 41 reverse_proxy ${{CACHE_HOST:-backend:9000}} 42 } 43 44 import /etc/caddy/config/cache_domain_post/* ${{DOMAIN_NAME}} ${{CACHE_DOMAIN}} 45} 46 47${{DOMAIN_NAME}} { 48 encode zstd gzip 49 50 import /etc/caddy/config/main_domain_pre/* ${{DOMAIN_NAME}} 51 52 header * { 53 Service-Worker-Allowed: "/", 54 # Cache-Control: no-cache, no-store, must-revalidate 55 Content-Security-Policy "default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://${{CACHE_DOMAIN}} https://${{MEDIA_DOMAIN}} ; script-src 'self' 'unsafe-inline' 'unsafe-eval'; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval'; script-src-attr 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' data: 'unsafe-inline'; style-src-elem 'self' data: 'unsafe-inline'; style-src-attr 'self' data: 'unsafe-inline'; object-src 'self'; frame-src 'self'; worker-src 'self'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; manifest-src 'self'" 56 } 57 58 59 handle_path /api/websocket/notifications { 60 reverse_proxy ${{WEBSOCKET_HOST:-backend:9000}} 61 } 62 63 @api path /api* /fediverse* /contexts* /post* /blog* /.well-known* 64 65 handle @api { 66 reverse_proxy ${{BACKEND_HOST:-backend:9000}} 67 } 68 69 handle_path /adminer* { 70 reverse_proxy ${{ADMINER_HOST:-adminer:8080}} 71 } 72 73 import /etc/caddy/config/main_domain_mid/* ${{DOMAIN_NAME}} 74 75 handle { 76 root * /var/www/html/frontend/ 77 try_files {path} /index.html 78 file_server 79 } 80 81 import /etc/caddy/config/main_domain_post/* ${{DOMAIN_NAME}} 82} 83 84monitoring.${{DOMAIN_NAME}} { 85 import /etc/caddy/config/monitoring_domain_pre/* ${{DOMAIN_NAME}} 86 87 reverse_proxy ${{GRAFANA_HOST:-grafana:2345}} 88 89 import /etc/caddy/config/monitoring_domain_post/* ${{DOMAIN_NAME}} 90} 91 92${{PDS_DOMAIN_NAME}} { 93 import /etc/caddy/config/pds_domain_pre/* ${{DOMAIN_NAME}} ${{PDS_DOMAIN_NAME}} 94 95 tls { 96 on_demand 97 } 98 99 handle / { 100 root * /pds-homepage 101 try_files {path} /pds.txt 102 file_server 103 } 104 105 reverse_proxy ${{PDS_HOST:-pds:3000}} 106 107 import /etc/caddy/config/pds_domain_post/* ${{DOMAIN_NAME}} ${{PDS_DOMAIN_NAME}} 108} 109 110 *.${{PDS_DOMAIN_NAME}} { 111 import /etc/caddy/config/pds_domain_pre/* ${{DOMAIN_NAME}} ${{PDS_DOMAIN_NAME}} 112 113 tls { 114 on_demand 115 } 116 117 handle / { 118 rewrite * /api/fromBluesky/{host} 119 reverse_proxy ${{BACKEND_HOST:-backend:9000}} 120 } 121 122 reverse_proxy ${{PDS_HOST:-pds:3000}} 123 124 import /etc/caddy/config/pds_domain_post/* ${{DOMAIN_NAME}} ${{PDS_DOMAIN_NAME}} 125} 126 127import /etc/caddy/config/vhosts/* ${{DOMAIN_NAME}}