Switch to Caddy
This commit is contained in:
52
proxy/Caddyfile
Normal file
52
proxy/Caddyfile
Normal file
@@ -0,0 +1,52 @@
|
||||
# Global options
|
||||
{
|
||||
# Disable auto HTTPS since we're using existing certificates
|
||||
auto_https off
|
||||
}
|
||||
|
||||
# HTTP to HTTPS redirect
|
||||
:80 {
|
||||
redir https://{host}{uri} permanent
|
||||
}
|
||||
|
||||
# Main domain - oily.dad and www.oily.dad
|
||||
oily.dad, www.oily.dad {
|
||||
# Root directory (not strictly needed for reverse proxy)
|
||||
root * /var/www/html
|
||||
|
||||
# Use existing SSL certificates
|
||||
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
|
||||
|
||||
# Onion-Location header
|
||||
header Onion-Location http://oilydada7ckiseinkbeathsefwgkvjrce743xy7x7iiybkuxh4vheead.onion{path}
|
||||
|
||||
# Reverse proxy to backend
|
||||
reverse_proxy http://backend:8000 {
|
||||
# Preserve original host header
|
||||
header_up Host {host}
|
||||
header_up X-Real-IP {remote}
|
||||
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
|
||||
}
|
||||
}
|
||||
|
||||
# Subdomain for Gitea - gut.oily.dad
|
||||
gut.oily.dad {
|
||||
# Root directory (not strictly needed for reverse proxy)
|
||||
root * /var/www/html
|
||||
|
||||
# Use existing SSL certificates
|
||||
tls /etc/letsencrypt/live/oily.dad/fullchain.pem /etc/letsencrypt/live/oily.dad/privkey.pem
|
||||
|
||||
# Reverse proxy to Gitea
|
||||
reverse_proxy http://gitea:3000 {
|
||||
# WebSocket support for Gitea
|
||||
header_up Connection {>Connection}
|
||||
header_up Upgrade {>Upgrade}
|
||||
|
||||
# Preserve original headers
|
||||
header_up Host {host}
|
||||
header_up X-Real-IP {remote}
|
||||
# X-Forwarded-For and X-Forwarded-Proto are set automatically by Caddy
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user