diff --git a/caddy/Caddyfile b/caddy/Caddyfile index a31a9b3..9c53cf1 100644 --- a/caddy/Caddyfile +++ b/caddy/Caddyfile @@ -2,6 +2,7 @@ email {$ACME_EMAIL} } ### FUNKSJONER ### +import snippets/* (remote-ip) { @internal remote_ip 10.10.10.0/24 172.16.0.0/12 127.0.0.1/8 @external remote_ip 0.0.0.0/0 @@ -11,15 +12,15 @@ tvh {$HASH} } } -(rate-limit) { - rate_limit { - zone git_zone { - key {remote_host} - events 30 - window 10s - } - } -} +#(rate-limit) { +# rate_limit { +# zone git_zone { +# key {remote_host} +# events 30 +# window 10s +# } +# } +#} (read-only) { @readonly { method POST PUT DELETE PATCH @@ -83,14 +84,14 @@ portainer.home.{$DOMENESHOP_DNS} { } respond "Forbidden" 403 } -kuma.home.{$DOMENESHOP_DNS} { - import dns-tls - import remote-ip - handle @internal { - reverse_proxy kuma:3001 - } - respond "Forbidden" 403 -} +#kuma.home.{$DOMENESHOP_DNS} { +# import dns-tls +# import remote-ip +# handle @internal { +# reverse_proxy kuma:3001 +# } +# respond "Forbidden" 403 +#} vault.home.{$DOMENESHOP_DNS} { import dns-tls import remote-ip @@ -101,3 +102,4 @@ vault.home.{$DOMENESHOP_DNS} { } +import sites/* diff --git a/caddy/sites/kuma.caddy b/caddy/sites/kuma.caddy new file mode 100644 index 0000000..e2afd88 --- /dev/null +++ b/caddy/sites/kuma.caddy @@ -0,0 +1,8 @@ +kuma.home.{$DOMENESHOP_DNS} { + import dns-tls + import remote-ip + handle @internal { + reverse_proxy kuma:3001 + } + respond "Forbidden" 403 +} diff --git a/caddy/snippets/rate-limit.caddy b/caddy/snippets/rate-limit.caddy new file mode 100644 index 0000000..6c06ecd --- /dev/null +++ b/caddy/snippets/rate-limit.caddy @@ -0,0 +1,9 @@ +(rate-limit) { + rate_limit { + zone git_zone { + key {remote_host} + events 30 + window 10s + } + } +}