- commit
- 2980e3e
- parent
- 2dc8060
- author
- Antonio Mika
- date
- 2022-08-04 05:28:48 +0000 UTC
Format Caddyfile
1 files changed,
+45,
-45
+45,
-45
1@@ -1,63 +1,63 @@
2 {
3- on_demand_tls {
4- ask http://web:3000/check
5- interval 1m
6- burst 10
7- }
8+ on_demand_tls {
9+ ask http://web:3000/check
10+ interval 1m
11+ burst 10
12+ }
13 }
14
15 *.{$APP_DOMAIN}, {$APP_DOMAIN} {
16- reverse_proxy web:3000
17- tls {$APP_EMAIL} {
18- dns cloudflare {$CF_API_TOKEN}
19- }
20- encode zstd gzip
21+ reverse_proxy web:3000
22+ tls {$APP_EMAIL} {
23+ dns cloudflare {$CF_API_TOKEN}
24+ }
25+ encode zstd gzip
26
27- header {
28- # disable FLoC tracking
29- Permissions-Policy interest-cohort=()
30+ header {
31+ # disable FLoC tracking
32+ Permissions-Policy interest-cohort=()
33
34- # enable HSTS
35- Strict-Transport-Security max-age=31536000;
36+ # enable HSTS
37+ Strict-Transport-Security max-age=31536000;
38
39- # disable clients from sniffing the media type
40- X-Content-Type-Options nosniff
41+ # disable clients from sniffing the media type
42+ X-Content-Type-Options nosniff
43
44- # clickjacking protection
45- X-Frame-Options DENY
46+ # clickjacking protection
47+ X-Frame-Options DENY
48
49- # keep referrer data off of HTTP connections
50- Referrer-Policy no-referrer-when-downgrade
51+ # keep referrer data off of HTTP connections
52+ Referrer-Policy no-referrer-when-downgrade
53
54- Content-Security-Policy "default-src 'self'; img-src * 'unsafe-inline'; style-src * 'unsafe-inline'"
55+ Content-Security-Policy "default-src 'self'; img-src * 'unsafe-inline'; style-src * 'unsafe-inline'"
56
57- X-XSS-Protection "1; mode=block"
58- }
59+ X-XSS-Protection "1; mode=block"
60+ }
61
62- @caddymetrics {
63- host {$APP_DOMAIN}
64- path /_caddy/metrics
65- }
66+ @caddymetrics {
67+ host {$APP_DOMAIN}
68+ path /_caddy/metrics
69+ }
70
71- metrics @caddymetrics {
72- disable_openmetrics
73- }
74+ metrics @caddymetrics {
75+ disable_openmetrics
76+ }
77
78- @appmetrics {
79- host {$APP_DOMAIN}
80- path /_app/metrics
81- }
82+ @appmetrics {
83+ host {$APP_DOMAIN}
84+ path /_app/metrics
85+ }
86
87- handle @appmetrics {
88- rewrite * /metrics
89- reverse_proxy ssh:9222
90- }
91+ handle @appmetrics {
92+ rewrite * /metrics
93+ reverse_proxy ssh:9222
94+ }
95 }
96
97 :443 {
98- reverse_proxy web:3000
99- tls {$APP_EMAIL} {
100- on_demand
101- }
102- encode zstd gzip
103-}
104+ reverse_proxy web:3000
105+ tls {$APP_EMAIL} {
106+ on_demand
107+ }
108+ encode zstd gzip
109+}