vielle.dev / server-config
Config files for my server. Except not my secrets
fork atom

refactor caddyfile

vielle.dev ac9ebb52 bb710e17

verified
options
unified split
Changed files
+59 -84
caddy
Caddyfile
+59 -84
caddy/Caddyfile
··· 20 20 } 21 21 } 22 22 23 - {$HOST:localhost} { 24 - log prs { 25 - output stdout 26 - format console 27 - } 28 - 29 - reverse_proxy prs:4321 30 - } 31 - 32 - # redirect www. to not www. 33 - www.{$HOST:localhost} { 34 - redir https://{$HOST:localhost}{uri} 35 - } 36 - 37 - http://dongs.zip { 38 - redir https://dongs.zip{uri} 39 - } 40 - 41 - https://dongs.zip { 42 - log dong { 43 - output stdout 44 - format console 45 - } 46 - 47 - # atproto thing 23 + (did-web) { 48 24 handle /.well-known/atproto-did { 49 25 header Access-Control-Allow-Origin "*" 50 - respond "did:web:dongs.zip" 26 + respond "did:web:{args[0]}" 51 27 } 52 28 53 29 handle /.well-known/did.json { ··· 60 36 "https://w3id.org/security/multikey/v1", 61 37 "https://w3id.org/security/suites/secp256k1-2019/v1" 62 38 ], 63 - "id": "did:web:dongs.zip", 39 + "id": "did:web:{args[0]}", 64 40 "alsoKnownAs": [ 65 - "at://dongs.zip" 41 + "at://{args[1]}" 66 42 ], 67 43 "verificationMethod": [ 68 44 { 69 - "id": "did:web:dongs.zip#atproto", 45 + "id": "did:web:{args[0]}#atproto", 70 46 "type": "Multikey", 71 - "controller": "did:web:dongs.zip", 72 - "publicKeyMultibase": "zQ3sha8L4YgButkPAFtN4LB2cNai6bBbm7yFJ2kS5iG6KySxd" 47 + "controller": "did:web:{args[0]}", 48 + "publicKeyMultibase": "{args[2]}" 73 49 } 74 50 ], 75 51 "service": [ 76 52 { 77 53 "id": "#atproto_pds", 78 54 "type": "AtprotoPersonalDataServer", 79 - "serviceEndpoint": "https://pds.vielle.dev" 55 + "serviceEndpoint": "https://{args[3]}" 80 56 } 81 57 ] 82 58 } 83 59 JSON 200 84 60 } 61 + } 62 + 63 + ## main site 64 + www.{$HOST:vielle.dev} { 65 + redir https://{$HOST:vielle.dev}{uri} 66 + } 67 + 68 + {$HOST:vielle.dev} { 69 + log prs { 70 + output stdout 71 + format console 72 + } 73 + 74 + reverse_proxy prs:4321 75 + } 76 + 77 + ## dongs.zip 78 + {$DONG_HOST:dongs.zip} { 79 + log dong { 80 + output stdout 81 + format console 82 + } 83 + 84 + import did-web "{$DONG_HOST:dongs.zip}" "{$DONG_HOST:dongs.zip}" "zQ3sha8L4YgButkPAFtN4LB2cNai6bBbm7yFJ2kS5iG6KySxd", "pds.vielle.dev" 85 + import error 85 86 86 87 encode 87 88 root /srv/dong-web 88 - import error 89 89 file_server 90 90 } 91 91 92 - dong.{$HOST:localhost} { 93 - redir https://dongs.zip{uri} 92 + ## misc did:web 93 + alt.{$HOST:vielle.dev} { 94 + import did-web "alt.{$HOST:vielle.dev}" "alt.{$HOST:vielle.dev}" "zQ3shpgbkbxvf5UjBwQcnjf68rg2DKTRQSttBEGokZbx2BzxY" "pds.vielle.dev" 95 + } 96 + 97 + ## send old dong.vielle.dev => dongs.zip 98 + dong.{$HOST:vielle.dev} { 99 + redir https://{$DONG_HOST:dongs.zip}{uri} 94 100 } 95 101 96 - saltire-the-gays.{$HOST:localhost} { 102 + ## toy projects 103 + saltire-the-gays.{$HOST:vielle.dev} { 97 104 log saltire { 98 105 output stdout 99 106 format console ··· 105 112 file_server 106 113 } 107 114 108 - dnd.{$HOST:localhost} { 115 + dnd.{$HOST:vielle.dev} { 109 116 log dnd { 110 117 output stdout 111 118 format console ··· 117 124 file_server 118 125 } 119 126 120 - pds.{$HOST:localhost} { 127 + ## atproto services 128 + ### pds 129 + pds.{$HOST:vielle.dev} { 121 130 log pds { 122 131 output stdout 123 132 format console ··· 142 151 } 143 152 } 144 153 145 - *.pds.{$HOST:localhost} { 154 + *.pds.{$HOST:vielle.dev} { 146 155 log pds-did { 147 156 output stdout 148 157 format console ··· 154 163 155 164 # required as magicDNS (tailscale) doesn't support 156 165 # subdomains without running own dns server 166 + # changes example.PDS_DOMAIN/.well-known/atproto-did to PDS_DOMAIN/.well-known/atproto-did/example.PDS_DOMAIN 167 + # requires support in the pds (see https://tangled.org/vielle.dev/pi-config) 157 168 rewrite /.well-known/atproto-did /.well-known/atproto-did/{http.request.host} 158 169 159 - reverse_proxy {$PI_ADDRESS:pi}:8000 { 170 + reverse_proxy {$PI_ADDRESS:pi}:{$PI_PORT_PDS:8000} { 160 171 transport http { 161 172 dial_timeout 5s 162 173 } 163 174 } 164 175 } 165 176 166 - knot.{$HOST:localhost} { 177 + ### tangled knot 178 + # (see nginx.conf for ssh proxying) 179 + knot.{$HOST:vielle.dev} { 167 180 log knot { 168 181 output stdout 169 182 format console ··· 173 186 @landing path /knot /styles.css 174 187 reverse_proxy @landing landing:8000 175 188 176 - reverse_proxy {$PI_ADDRESS:pi}:5555 189 + reverse_proxy {$PI_ADDRESS:pi}:{$PI_PORT_KNOT:5555} 177 190 } 178 191 179 - piper.{$HOST:localhost} { 192 + ### piper instance 193 + # technically publicly visible... its _fine_ (+ i cant do jack shit abt it rn so) 194 + piper.{$HOST:vielle.dev} { 180 195 log piper { 181 196 output stdout 182 197 format console 183 198 } 184 199 185 - reverse_proxy {$PI_ADDRESS:pi}:8010 186 - } 187 - 188 - alt.vielle.dev { 189 - handle /.well-known/atproto-did { 190 - header Access-Control-Allow-Origin "*" 191 - respond "did:web:alt.vielle.dev" 192 - } 193 - 194 - handle /.well-known/did.json { 195 - header Content-Type "application/json" 196 - header Access-Control-Allow-Origin "*" 197 - respond <<JSON 198 - { 199 - "@context": [ 200 - "https://www.w3.org/ns/did/v1", 201 - "https://w3id.org/security/multikey/v1", 202 - "https://w3id.org/security/suites/secp256k1-2019/v1" 203 - ], 204 - "id": "did:web:alt.vielle.dev", 205 - "alsoKnownAs": [ 206 - "at://alt.vielle.dev" 207 - ], 208 - "verificationMethod": [ 209 - { 210 - "id": "did:web:alt.vielle.dev#atproto", 211 - "type": "Multikey", 212 - "controller": "did:web:alt.vielle.dev", 213 - "publicKeyMultibase": "zQ3shpgbkbxvf5UjBwQcnjf68rg2DKTRQSttBEGokZbx2BzxY" 214 - } 215 - ], 216 - "service": [ 217 - { 218 - "id": "#atproto_pds", 219 - "type": "AtprotoPersonalDataServer", 220 - "serviceEndpoint": "https://pds.vielle.dev" 221 - } 222 - ] 223 - } 224 - JSON 200 225 - } 200 + reverse_proxy {$PI_ADDRESS:pi}:{$PO_PORT_PIPER:8010} 226 201 }