267 lines
7.2 KiB
Caddyfile
267 lines
7.2 KiB
Caddyfile
{
|
|
email {env.CLOUDFLARE_EMAIL}
|
|
acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
|
|
acme_ca https://acme-v02.api.letsencrypt.org/directory
|
|
debug
|
|
|
|
# WICHTIG: replace MUSS vor encode & vor reverse_proxy laufen
|
|
order replace before encode
|
|
order replace before reverse_proxy
|
|
}
|
|
# Prod: Neue Domains
|
|
www.bizmatch.net {
|
|
handle /pictures/* {
|
|
root * /home/aknuth/git/bizmatch-project-prod/bizmatch-server # Prod-Ordner
|
|
file_server
|
|
}
|
|
handle {
|
|
root * /home/aknuth/git/bizmatch-project-prod/bizmatch/dist/bizmatch/browser # Neuer Prod-Dist-Ordner
|
|
try_files {path} {path}/ /index.html
|
|
file_server
|
|
}
|
|
log {
|
|
output file /var/log/caddy/access.prod.log # Separate Logs
|
|
}
|
|
encode gzip
|
|
}
|
|
bizmatch.net {
|
|
redir https://www.bizmatch.net{uri} permanent
|
|
}
|
|
bayarea-cc.com {
|
|
# TLS-Direktive entfernen, falls Cloudflare die Verbindung terminiert
|
|
# tls {
|
|
# dns cloudflare {env.CLOUDFLARE_API_TOKEN}
|
|
# }
|
|
|
|
handle /api {
|
|
reverse_proxy host.docker.internal:3001
|
|
}
|
|
handle {
|
|
root * /app
|
|
try_files {path} /index.html
|
|
file_server
|
|
}
|
|
log {
|
|
output stderr
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
www.bayarea-cc.com {
|
|
redir https://bayarea-cc.com{uri} permanent
|
|
}
|
|
fancytextstuff.com {
|
|
# wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
|
|
handle {
|
|
reverse_proxy host.docker.internal:3010
|
|
}
|
|
log {
|
|
output file /var/log/caddy/fancytext.log
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
cielectrical.bayarea-cc.com {
|
|
# wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
|
|
handle {
|
|
reverse_proxy host.docker.internal:3000
|
|
}
|
|
log {
|
|
output file /var/log/caddy/cielectrical.log
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
hamptonbrown.bayarea-cc.com {
|
|
# wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
|
|
handle {
|
|
reverse_proxy host.docker.internal:3010
|
|
}
|
|
log {
|
|
output file /var/log/caddy/hamptonbrown.log
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
nqsltd.bayarea-cc.com {
|
|
# wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
|
|
handle {
|
|
reverse_proxy host.docker.internal:3020
|
|
}
|
|
log {
|
|
output file /var/log/caddy/nqsltd.log
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
gregknoppcpa.bayarea-cc.com {
|
|
# wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
|
|
handle {
|
|
reverse_proxy host.docker.internal:3030
|
|
}
|
|
log {
|
|
output file /var/log/caddy/gregknoppcpa.log
|
|
format console
|
|
}
|
|
encode gzip
|
|
}
|
|
|
|
iitwelders.bayarea-cc.com {
|
|
route {
|
|
# 1) Nur Text-Responses bearbeiten (HTML, CSS, JS, JSON, XML ...)
|
|
@text header Content-Type *text/* *javascript* *json* *xml*
|
|
|
|
# 2) Replace-Handler (muss VOR dem Proxy stehen!)
|
|
replace @text {
|
|
# Substring-Rewrites
|
|
https://iitwelders.com https://iitwelders.bayarea-cc.com
|
|
//iitwelders.com //iitwelders.bayarea-cc.com
|
|
|
|
# Optional robuster (Regex, case-insensitive):
|
|
# re (?i)https://iitwelders\.com https://iitwelders.bayarea-cc.com
|
|
# re (?i)//iitwelders\.com //iitwelders.bayarea-cc.com
|
|
}
|
|
|
|
# 3) Proxy holt unkomprimiert vom Origin (damit replace arbeiten kann)
|
|
reverse_proxy https://iitwelders.com {
|
|
header_up Host iitwelders.com
|
|
header_up Accept-Encoding identity
|
|
transport http {
|
|
tls_server_name iitwelders.com
|
|
}
|
|
# Falls 30x zurückkommt: Location auf Proxy-Domain biegen
|
|
header_down Location https://iitwelders.bayarea-cc.com{uri}
|
|
}
|
|
|
|
# 4) Zum Schluss für den Client komprimieren
|
|
encode zstd gzip
|
|
}
|
|
|
|
@health path /_health
|
|
respond @health "ok" 200
|
|
}
|
|
www.fancytextstuff.com {
|
|
redir https://fancytextstuff.com{uri} permanent
|
|
}
|
|
auth.bizmatch.net {
|
|
reverse_proxy https://bizmatch-net.firebaseapp.com {
|
|
header_up Host bizmatch-net.firebaseapp.com
|
|
header_up X-Forwarded-For {remote_host}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
header_up X-Real-IP {remote_host}
|
|
}
|
|
}
|
|
gitea.bizmatch.net {
|
|
reverse_proxy gitea:3500
|
|
}
|
|
|
|
dev.bizmatch.net {
|
|
handle /pictures/* {
|
|
root * /home/aknuth/git/bizmatch-project/bizmatch-server
|
|
file_server
|
|
}
|
|
|
|
handle {
|
|
root * /home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser
|
|
try_files {path} {path}/ /index.html
|
|
file_server
|
|
}
|
|
|
|
log {
|
|
output file /var/log/caddy/access.log {
|
|
roll_size 10MB
|
|
roll_keep 5
|
|
roll_keep_for 48h
|
|
}
|
|
}
|
|
|
|
encode gzip
|
|
|
|
}
|
|
|
|
# api-dev.bizmatch.net {
|
|
# reverse_proxy host.docker.internal:3000 {
|
|
# header_up X-Real-IP {http.request.header.CF-Connecting-IP}
|
|
# header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
|
|
# header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
|
|
# header_up CF-IPCountry {http.request.header.CF-IPCountry}
|
|
# }
|
|
# }
|
|
|
|
api.bizmatch.net {
|
|
reverse_proxy host.docker.internal:3001 { # Neu: Proxy auf Prod-Port 3001
|
|
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
|
|
header_up CF-IPCountry {http.request.header.CF-IPCountry}
|
|
}
|
|
}
|
|
mailsync.bizmatch.net {
|
|
reverse_proxy host.docker.internal:5000 {
|
|
header_up X-Real-IP {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
|
|
header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
|
|
header_up CF-IPCountry {http.request.header.CF-IPCountry}
|
|
}
|
|
}
|
|
|
|
mail.andreasknuth.de {
|
|
reverse_proxy nginx-mailcow:8080
|
|
}
|
|
web.email-bayarea.com {
|
|
reverse_proxy nginx-mailcow:8080
|
|
}
|
|
mail.email-srvr.com autodiscover.mail.email-srvr.com autoconfig.mail.email-srvr.com {
|
|
reverse_proxy nginx-mailcow:8080
|
|
}
|
|
# Roundcube für docker-mailserver
|
|
app.email-bayarea.com {
|
|
reverse_proxy roundcube-new:80
|
|
|
|
log {
|
|
output stderr
|
|
format console
|
|
}
|
|
|
|
encode gzip
|
|
}
|
|
|
|
# IMAP/SMTP Server für E-Mail-Clients
|
|
email-srvr.com {
|
|
# Für E-Mail-Client-Konfiguration (Autodiscover)
|
|
handle /.well-known/autoconfig/mail/config-v1.1.xml {
|
|
header Content-Type "application/xml"
|
|
respond `<?xml version="1.0" encoding="UTF-8"?>
|
|
<clientConfig version="1.1">
|
|
<emailProvider id="email-srvr.com">
|
|
<domain>andreasknuth.de</domain>
|
|
<displayName>Andreas Knuth Mail</displayName>
|
|
<displayShortName>AK Mail</displayShortName>
|
|
<incomingServer type="imap">
|
|
<hostname>email-srvr.com</hostname>
|
|
<port>993</port>
|
|
<socketType>SSL</socketType>
|
|
<authentication>password-cleartext</authentication>
|
|
<username>%EMAILADDRESS%</username>
|
|
</incomingServer>
|
|
<outgoingServer type="smtp">
|
|
<hostname>email-srvr.com</hostname>
|
|
<port>587</port>
|
|
<socketType>STARTTLS</socketType>
|
|
<authentication>password-cleartext</authentication>
|
|
<username>%EMAILADDRESS%</username>
|
|
</outgoingServer>
|
|
</emailProvider>
|
|
</clientConfig>`
|
|
}
|
|
|
|
# Fallback für andere Anfragen
|
|
handle {
|
|
respond "Mail Server Configuration" 200
|
|
}
|
|
|
|
log {
|
|
output stderr
|
|
format console
|
|
}
|
|
} |