oppi.li / git-pages
forked from whitequark.org/git-pages
fork of whitequark.org/git-pages with mods for tangled
fork atom

Clean up Caddyfile, removing Fly.io-isms.

The grebedoc.dev infrastructure is no longer directly tied to
the container built from this repository, so we don't have to
pollute the configuration with Fly.io-isms.

whitequark.org 5b8cb4ba d887ae16

options
unified split
Changed files
+6 -72
Dockerfile
conf
Caddyfile
+1 -1
Dockerfile
··· 38 38 COPY conf/config.example.toml /app/config.toml 39 39 40 40 # Caddy ports: 41 - EXPOSE 80/tcp 443/tcp 443/udp 2019/tcp 41 + EXPOSE 80/tcp 443/tcp 443/udp 42 42 # git-pages ports: 43 43 EXPOSE 3000/tcp 3001/tcp 3002/tcp 44 44
+5 -71
conf/Caddyfile
··· 1 - (proxy) { 2 - listener_wrappers { 3 - proxy_protocol { 4 - timeout 1s 5 - allow {$ALLOW_PROXY} 6 - } 7 - tls 8 - } 9 - } 10 - 11 1 { 12 2 storage s3 { 13 3 host "{env.PAGES_STORAGE_S3_ENDPOINT}" ··· 21 11 22 12 persist_config off 23 13 24 - log { 25 - output stderr 26 - level WARN 27 - exclude admin http.auto_https 28 - format console { 29 - time_key "" 30 - } 31 - } 32 - 33 - metrics 34 - 35 14 email {env.ACME_EMAIL} 36 15 37 16 auto_https disable_redirects ··· 39 18 on_demand_tls { 40 19 permission http http://localhost:3001 41 20 } 42 - 43 - servers :80 { 44 - name http 45 - protocols h1 h2c 46 - import proxy 47 - } 48 - 49 - servers :443 { 50 - name https 51 - protocols h1 h2 52 - import proxy 53 - } 54 - 55 - servers {$UDP_BIND_TO:0.0.0.0}:443 { 56 - name http3 57 - protocols h3 58 - } 59 - 60 - servers :2019 { 61 - name metrics 62 - protocols h1 63 - } 64 21 } 65 22 66 - (backend) { 23 + https://, http:// { 67 24 tls { 68 25 on_demand 69 26 } 70 27 71 - @h2c `{env.PAGES_FEATURES}.matches(r"\bserve-h2c\b")` 72 - reverse_proxy @h2c h2c://{$GIT_PAGES_ADDRESS:localhost}:3000 73 - reverse_proxy http://{$GIT_PAGES_ADDRESS:localhost}:3000 28 + # initial PUT/POST for a new domain has to happen over HTTP 29 + @upgrade `method('GET') && protocol('http')` 30 + redir @upgrade https://{host}{uri} 301 74 31 32 + reverse_proxy http://localhost:3000 75 33 header Alt-Svc `h3=":443"; persist=1, h2=":443"; persist=1` 76 34 encode 77 35 } 78 - 79 - http:// { 80 - # initial PUT/POST for a new domain has to happen over HTTP; 81 - # health check also has to reach the backend over HTTP 82 - @upgrade `method('GET') && !header({'Health-Check': '*'})` 83 - redir @upgrade https://{host}{uri} 301 84 - 85 - import backend 86 - } 87 - 88 - https:// { 89 - import backend 90 - } 91 - 92 - https:// { 93 - # Fly.io requires UDP sockets to be bound to a different IP 94 - bind {$UDP_BIND_TO:0.0.0.0} 95 - 96 - import backend 97 - } 98 - 99 - http://:2019 { 100 - metrics 101 - }