jeet/kube_build
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2026-03-22. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
af072a0877a66c42143aed37025926a0d5ca2ac6
kube_build/docker/caddy/Caddyfile
T
madereddy 694a3ca2f4 Add CaddyFile
2023-12-11 14:31:08 -05:00

90 lines
2.2 KiB
Caddyfile
Raw Blame History

{
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
#servers {
# trusted_proxies cloudflare {
# interval 12h
# timeout 15s
# }
# client_ip_headers Cf-Connecting-Ip
#}
}
outsideuptimedev.madereddy.com {
reverse_proxy uptime:3001
}
oracledev.madereddy.com {
log {
level INFO
output file "/data/oracleaccess.log" {
roll_size 10MB
roll_keep 10
}
}
reverse_proxy syncthing:8384 {
transport http {
tls_insecure_skip_verify
}
}
route /hook* {
rewrite /hook/ /
reverse_proxy webhook:8080
}
}
bitwardenhome.madereddy.com {
log {
level INFO
output file "/data/access.log" {
roll_size 10MB
roll_keep 10
}
}
# Uncomment this if you want to get a cert via ACME (Let's Encrypt or ZeroSSL).
#tls {
# dns cloudflare "KOVqE-q6TxjLRofG1rDVRR3KoI0SLVxLyA8QefHZ"
#}
# Or uncomment this if you're providing your own cert. You would also use this option
# if you're running behind Cloudflare.
# tls {$SSL_CERT_PATH} {$SSL_KEY_PATH}
# This setting may have compatibility issues with some browsers
# (e.g., attachment downloading on Firefox). Try disabling this
# if you encounter issues.
encode gzip
# Uncomment to improve security (WARNING: only use if you understand the implications!)
# header {
# # Enable HTTP Strict Transport Security (HSTS)
# Strict-Transport-Security "max-age=31536000;"
# # Enable cross-site filter (XSS) and tell browser to block detected attacks
# X-XSS-Protection "1; mode=block"
# # Disallow the site to be rendered within a frame (clickjacking protection)
# X-Frame-Options "DENY"
# # Prevent search engines from indexing (optional)
# X-Robots-Tag "none"
# # Server name removing
# -Server
# }
# Uncomment to allow access to the admin interface only from local networks
# @insecureadmin {
# not remote_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8
# path /admin*
# }
# redir @insecureadmin /
# Proxy everything else to Rocket
reverse_proxy bitwarden:8080 {
# Send the true remote IP to Rocket, so that vaultwarden can put this in the
# log, so that fail2ban can ban the correct IP.
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
}
}
foundrydev.madereddy.com {
reverse_proxy foundry-dr:30000
}
Reference in New Issue View Git Blame Copy Permalink