- commit
- 760d3c6
- parent
- 8dfc7cc
- author
- Antonio Mika
- date
- 2024-10-11 16:21:02 +0000 UTC
Update caddyfiles
5 files changed,
+55,
-124
+0,
-13
1@@ -1,9 +1,4 @@
2 {
3- on_demand_tls {
4- ask http://web:3000/check
5- interval 1m
6- burst 10
7- }
8 servers {
9 metrics
10 }
11@@ -129,11 +124,3 @@
12 Access-Control-Allow-Headers "*"
13 }
14 }
15-
16-:443 {
17- reverse_proxy web:3000
18- tls {$APP_EMAIL} {
19- on_demand
20- }
21- encode zstd gzip
22-}
+0,
-102
1@@ -1,102 +0,0 @@
2-{
3- on_demand_tls {
4- ask http://web:3000/check
5- interval 1m
6- burst 10
7- }
8- servers {
9- metrics
10- }
11-}
12-
13-*.{$APP_DOMAIN}, {$APP_DOMAIN} {
14- reverse_proxy web:3000
15- tls {$APP_EMAIL} {
16- dns cloudflare {$CF_API_TOKEN}
17- resolvers 1.1.1.1
18- }
19- encode zstd gzip
20-
21- header {
22- # disable FLoC tracking
23- Permissions-Policy interest-cohort=()
24-
25- # enable HSTS
26- Strict-Transport-Security max-age=31536000;
27-
28- # disable clients from sniffing the media type
29- X-Content-Type-Options nosniff
30-
31- # clickjacking protection
32- X-Frame-Options DENY
33-
34- # keep referrer data off of HTTP connections
35- Referrer-Policy no-referrer-when-downgrade
36-
37- Content-Security-Policy "default-src 'self'; img-src * 'unsafe-inline'; style-src * 'unsafe-inline'"
38-
39- X-XSS-Protection "1; mode=block"
40- }
41-
42- @caddymetrics {
43- host {$APP_DOMAIN}
44- path /_caddy/metrics
45- }
46-
47- metrics @caddymetrics {
48- disable_openmetrics
49- }
50-
51- @appmetrics {
52- host {$APP_DOMAIN}
53- path /_app/metrics
54- }
55-
56- handle @appmetrics {
57- rewrite * /metrics
58- reverse_proxy ssh:9222
59- }
60-}
61-
62-monitoring.{$MONITORING_APP_DOMAIN}, prometheus.{$MONITORING_APP_DOMAIN}, grafana.{$MONITORING_APP_DOMAIN} {
63- @grafana {
64- host grafana.{$MONITORING_APP_DOMAIN}
65- }
66-
67- @prometheus {
68- host prometheus.{$MONITORING_APP_DOMAIN}
69- }
70-
71- tls {$MONITORING_APP_EMAIL} {
72- dns cloudflare {$CF_API_TOKEN}
73- resolvers 1.1.1.1
74- }
75-
76- encode zstd gzip
77-
78- reverse_proxy @grafana grafana:3000
79-
80- basicauth @prometheus {
81- eric JDJhJDE0JDdPOXhoNUdhSmNVNDl6UWpmeTE0cWVkLjRwcUNJUnc0dVQ4MTZNSmVaNjA1TlptaVZYY1hh
82- antonio JDJhJDE0JHI5dkVtMW0vcGxIb011OG4vME5HOU91c3U2VjM2QTZiWVpUeXdSbEg3VUtNZVdhN3BRazFH
83- bot JDJhJDE0JFVsRlNHSDlJbFhDeUd0NldRR2JkcGVFYUJtWGluTHZDVlc5L3QwNWNwWUMuODRlcXZNZHpT
84- }
85- reverse_proxy @prometheus prometheus:9090
86-
87- @caddymetrics {
88- host monitoring.{$MONITORING_APP_DOMAIN}
89- path /_caddy/metrics
90- }
91-
92- metrics @caddymetrics {
93- disable_openmetrics
94- }
95-}
96-
97-:443 {
98- reverse_proxy web:3000
99- tls {$APP_EMAIL} {
100- on_demand
101- }
102- encode zstd gzip
103-}
+1,
-1
1@@ -1,4 +1,4 @@
2-{$APP_DOMAIN}, tmp.pico.sh {
3+{$APP_DOMAIN} {
4 reverse_proxy https://pico-docs-prod.pgs.sh {
5 header_up Host pico-docs-prod.pgs.sh
6 }
+54,
-0
1@@ -0,0 +1,54 @@
2+{
3+ servers {
4+ metrics
5+ }
6+}
7+
8+*.{$APP_DOMAIN}, {$APP_DOMAIN} {
9+ reverse_proxy web:3000
10+ tls {$APP_EMAIL} {
11+ dns cloudflare {$CF_API_TOKEN}
12+ resolvers 1.1.1.1
13+ }
14+ encode zstd gzip
15+
16+ header {
17+ # disable FLoC tracking
18+ Permissions-Policy interest-cohort=()
19+
20+ # enable HSTS
21+ Strict-Transport-Security max-age=31536000;
22+
23+ # disable clients from sniffing the media type
24+ X-Content-Type-Options nosniff
25+
26+ # clickjacking protection
27+ X-Frame-Options DENY
28+
29+ # keep referrer data off of HTTP connections
30+ Referrer-Policy no-referrer-when-downgrade
31+
32+ Content-Security-Policy "default-src 'self'; img-src * 'unsafe-inline'; style-src * 'unsafe-inline'"
33+
34+ X-XSS-Protection "1; mode=block"
35+ }
36+
37+ @caddymetrics {
38+ host {$APP_DOMAIN}
39+ path /_caddy/metrics
40+ }
41+
42+ metrics @caddymetrics {
43+ disable_openmetrics
44+ }
45+
46+ @appmetrics {
47+ host {$APP_DOMAIN}
48+ path /_app/metrics
49+ }
50+
51+ handle @appmetrics {
52+ rewrite * /metrics
53+ reverse_proxy ssh:9222
54+ }
55+}
+0,
-8
1@@ -1,8 +0,0 @@
2-{$APP_DOMAIN} {
3- reverse_proxy web:3000
4-
5- tls {$APP_EMAIL} {
6- dns cloudflare {$CF_API_TOKEN}
7- resolvers 1.1.1.1
8- }
9-}