tvh-linux/caddy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3d14d51922e8d7bab9289726398b4b6643c43149
caddy/caddy/Caddyfile
Tord-Vincent Heggland 3d14d51922 exampleenv
2026-05-06 10:50:04 +02:00

96 lines
1.7 KiB
Caddyfile
Raw Blame History

{
email {$ACME_EMAIL}
}
### FUNKSJONER ###
import snippets/*.caddy
(remote-ip) {
@internal remote_ip 10.10.10.0/24 172.16.0.0/12 127.0.0.1/8
@external remote_ip 0.0.0.0/0
}
(common-auth) {
basicauth {
tvh {$HASH}
}
}
(read-only) {
@readonly {
method POST PUT DELETE PATCH
}
respond @readonly 403
}
(dns-tls) {
tls {
dns domainnameshop {$DOMENESHOP_API_TOKEN} {$DOMENESHOP_API_SECRET}
propagation_delay 90s
}
}
### TJENESTER ###
git.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import rate-limit
reverse_proxy gitea:3000
}
}
lms.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy lms:9000
}
respond "Forbidden" 403
}
pihole.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
redir / /admin
reverse_proxy pihole:80
}
}
nextcloud.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import rate-limit
encode gzip zstd
reverse_proxy nextcloud-app:80
}
}
portainer.{$DOMENESHOP_DNS} {
import remote-ip
handle @external {
import common-auth
import rate-limit
import read-only
reverse_proxy portainer:9000
}
respond "Forbidden" 403
}
portainer.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy portainer:9000
}
respond "Forbidden" 403
}
vault.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy vaultwarden:80
}
respond "Forbidden" 403
}
mail.home.{$DOMENESHOP_DNS} {
import dns-tls
import remote-ip
handle @internal {
reverse_proxy mail-front:80
}
respond "Forbidden" 403
}
import sites/*.caddy
Reference in New Issue View Git Blame Copy Permalink