tvh-linux/caddy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
backup
caddy/Caddyfile
Tord-Vincent Heggland 3653c4d072 toConf
2026-04-27 09:37:00 +02:00

104 lines
1.8 KiB
Caddyfile
Raw Permalink Blame History

{
email {$ACME_EMAIL}
}
### FUNKSJONER ###
(remote-ip) {
@internal remote_ip 10.10.10.0/24 172.16.0.0/12 127.0.0.1/8
@external remote_ip 0.0.0.0/0
}
(common-auth) {
basicauth {
tvh {$HASH}
}
}
(rate-limit) {
rate_limit {
zone git_zone {
key {remote_host}
events 30
window 10s
}
}
}
(read-only) {
@readonly {
method POST PUT DELETE PATCH
}
respond @readonly 403
}
(dns-tls) {
tls {
dns domainnameshop {$DOMENESHOP_API_TOKEN} {$DOMENESHOP_API_SECRET}
propagation_delay 90s
}
}
### TJENESTER ###
git.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import rate-limit
reverse_proxy gitea:3000
}
}
lms.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy lms:9000
}
respond "Forbidden" 403
}
pihole.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
redir / /admin
reverse_proxy pihole:80
}
}
nextcloud.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import rate-limit
encode gzip zstd
reverse_proxy nextcloud-app:80
}
}
portainer.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import common-auth
import rate-limit
import read-only
reverse_proxy portainer:9000
}
respond "Forbidden" 403
}
portainer.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy portainer:9000
}
respond "Forbidden" 403
}
kuma.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy kuma:3001
}
respond "Forbidden" 403
}
vault.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy vaultwarden:80
}
respond "Forbidden" 403
}
Reference in New Issue View Git Blame Copy Permalink