From 7ade56724a4fed6016835c59f18648af1b546206 Mon Sep 17 00:00:00 2001
From: Tord-Vincent Heggland <tordvh@hotmail.no>
Date: Fri, 3 Apr 2026 18:19:28 +0200
Subject: [PATCH] first

---
 .gitignore          | 55 +++++++++++++++++++++++++++++++++++++++++++++
 Caddyfile           | 15 +++++++++++++
 Dockerfile          | 10 +++++++++
 docker-compose.yaml | 26 +++++++++++++++++++++
 4 files changed, 106 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 Caddyfile
 create mode 100644 Dockerfile
 create mode 100644 docker-compose.yaml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..ca5a82d
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,55 @@
+./data
+./git
+
+# -------------------------
+# SSH private keys
+# -------------------------
+id_*
+*.pem
+*.key
+*.private
+
+# -------------------------
+# SSH runtime files
+# -------------------------
+authorized_keys
+known_hosts
+known_hosts.old
+
+# -------------------------
+# Agent / sockets
+# -------------------------
+ssh-agent*
+*.sock
+
+# -------------------------
+# Backup / temp
+# -------------------------
+*.bak
+*.tmp
+*.swp
+*~
+
+# -------------------------
+# Logs
+# -------------------------
+*.log
+
+# -------------------------
+# OS files
+# -------------------------
+.DS_Store
+Thumbs.db
+
+# -------------------------
+# Editors
+# -------------------------
+.vscode/
+.idea/
+
+# -------------------------
+# Git safety
+# -------------------------
+.env
+*.env
+*.secret
diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..1896cc4
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,15 @@
+{
+	email {$ACME_EMAIL}
+}
+
+git.tvheggland.no {
+	rate_limit {
+		zone git_zone {
+			key {remote_host}
+			events 30
+			window 10s
+		}
+	}
+
+	reverse_proxy gitea:3000
+}
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..468e0e8
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,10 @@
+FROM caddy:2-builder AS builder
+
+RUN --mount=type=cache,target=/go/pkg/mod \
+    --mount=type=cache,target=/root/.cache/go-build \
+    xcaddy build \
+    --with github.com/mholt/caddy-ratelimit
+
+FROM caddy:2
+
+COPY --from=builder /usr/bin/caddy /usr/bin/caddy
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..4bff411
--- /dev/null
+++ b/docker-compose.yaml
@@ -0,0 +1,26 @@
+services:
+  caddy:
+    build: .
+    container_name: caddy
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+    env_file:
+      - .env
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy_data:/data
+      - caddy_config:/config
+    networks:
+      - caddy_net
+
+networks:
+  caddy_net:
+    external: true
+
+volumes:
+  caddy_data:
+    name: docker_caddy_data
+  caddy_config:
+    name: docker_caddy_config