docker/caddy/Caddyfile

{
    email {env.CLOUDFLARE_EMAIL}
    acme_dns cloudflare {env.CLOUDFLARE_API_TOKEN}
    acme_ca https://acme-v02.api.letsencrypt.org/directory
    debug
}
# Prod: Neue Domains
www.bizmatch.net {
  handle /pictures/* {
    root * /home/aknuth/git/bizmatch-project-prod/bizmatch-server  # Prod-Ordner
    file_server
  }
  handle {
    root * /home/aknuth/git/bizmatch-project-prod/bizmatch/dist/bizmatch/browser  # Neuer Prod-Dist-Ordner
    try_files {path} {path}/ /index.html
    file_server
  }
  log {
    output file /var/log/caddy/access.prod.log  # Separate Logs
  }
  encode gzip
}
bizmatch.net {
  redir https://www.bizmatch.net{uri} permanent
}
bayarea-cc.com {
    # TLS-Direktive entfernen, falls Cloudflare die Verbindung terminiert
    # tls {
    #    dns cloudflare {env.CLOUDFLARE_API_TOKEN}
    # }
    
    handle /api {
        reverse_proxy host.docker.internal:3001
    }
    handle {
        root * /app
        try_files {path} /index.html
        file_server
    }
    log {
        output stderr
        format console
    }
    encode gzip
}
www.bayarea-cc.com {
    redir https://bayarea-cc.com{uri} permanent
}
fancytextstuff.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3010
    }
    log {
        output file /var/log/caddy/fancytext.log
        format console
    }
    encode gzip
}
cielectrical.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3000
    }
    log {
        output file /var/log/caddy/cielectrical.log
        format console
    }
    encode gzip
}
hamptonbrown.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3010
    }
    log {
        output file /var/log/caddy/hamptonbrown.log
        format console
    }
    encode gzip
}
nqsltd.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3020
    }
    log {
        output file /var/log/caddy/nqsltd.log
        format console
    }
    encode gzip
}
gregknoppcpa.bayarea-cc.com {
    # wenn du API innerhalb von Next bedienst, weiterleiten an den Next Prozess
    handle {
        reverse_proxy host.docker.internal:3030
    }
    log {
        output file /var/log/caddy/gregknoppcpa.log
        format console
    }
    encode gzip
}
iitwelders.bayarea-cc.com {
  encode zstd gzip

  # Reverse-Proxy auf das geogeblockte Ziel
  reverse_proxy https://iitwelders.com {
    # Origin-Host/SNI korrekt setzen, damit kein Redirect mehr zurück kommt
    header_up Host iitwelders.com
    header_up X-Forwarded-Host {host}
    header_up X-Forwarded-Proto {scheme}
    header_up X-Forwarded-For {remote_host}
    header_up Accept-Encoding identity

    transport http {
      tls_server_name iitwelders.com
    }

    # Falls der Origin doch mal absolute Redirects schickt:
    # Location-Header auf Proxy-Domain mappen (einfacher Standardfall)
    header_down Location https://iitwelders.bayarea-cc.com{uri}
  }

  # --- Body-Rewriting: harte Links im HTML/CSS/JS umbiegen ---
  # HTML
  @html header Content-Type text/html*
  replace_response @html {
    s "https://iitwelders.com" "https://iitwelders.bayarea-cc.com"
    s "//iitwelders.com" "//iitwelders.bayarea-cc.com"
  }

  # CSS/JS/JSON (falls dort absolute URLs vorkommen)
  @assets header Content-Type text/css* text/javascript* application/javascript* application/json*
  replace_response @assets {
    s "https://iitwelders.com" "https://iitwelders.bayarea-cc.com"
    s "//iitwelders.com" "//iitwelders.bayarea-cc.com"
  }

  # Healthcheck (optional)
  @health path /_health
  respond @health "ok" 200
}
www.fancytextstuff.com {
    redir https://fancytextstuff.com{uri} permanent
}
auth.bizmatch.net {
        reverse_proxy https://bizmatch-net.firebaseapp.com {
            header_up Host bizmatch-net.firebaseapp.com
            header_up X-Forwarded-For {remote_host}
            header_up X-Forwarded-Proto {scheme}
            header_up X-Real-IP {remote_host}
        }
}
gitea.bizmatch.net {
    reverse_proxy gitea:3500
}

dev.bizmatch.net {
  handle /pictures/* {
    root * /home/aknuth/git/bizmatch-project/bizmatch-server
    file_server
  }

  handle {
    root * /home/aknuth/git/bizmatch-project/bizmatch/dist/bizmatch/browser
    try_files {path} {path}/ /index.html
    file_server
  }
  
  log {
    output file /var/log/caddy/access.log {
      roll_size 10MB
      roll_keep 5
      roll_keep_for 48h
    }
  }

  encode gzip 

}

# api-dev.bizmatch.net {
#   reverse_proxy host.docker.internal:3000 {
#     header_up X-Real-IP {http.request.header.CF-Connecting-IP}
#     header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
#     header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
#     header_up CF-IPCountry {http.request.header.CF-IPCountry}
#   }
# }

api.bizmatch.net {
  reverse_proxy host.docker.internal:3001 {  # Neu: Proxy auf Prod-Port 3001
    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
    header_up CF-IPCountry {http.request.header.CF-IPCountry}
  }
}
mailsync.bizmatch.net {
  reverse_proxy host.docker.internal:5000 {
    header_up X-Real-IP {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-For {http.request.header.CF-Connecting-IP}
    header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
    header_up CF-IPCountry {http.request.header.CF-IPCountry}
  }
}

mail.andreasknuth.de {
    reverse_proxy nginx-mailcow:8080
}
web.email-bayarea.com {
    reverse_proxy nginx-mailcow:8080
}
mail.email-srvr.com autodiscover.mail.email-srvr.com autoconfig.mail.email-srvr.com {
    reverse_proxy nginx-mailcow:8080
}
# Roundcube für docker-mailserver
app.email-bayarea.com {
    reverse_proxy roundcube-new:80
    
    log {
        output stderr
        format console
    }
    
    encode gzip
}

# IMAP/SMTP Server für E-Mail-Clients
email-srvr.com {
    # Für E-Mail-Client-Konfiguration (Autodiscover)
    handle /.well-known/autoconfig/mail/config-v1.1.xml {
        header Content-Type "application/xml"
        respond `<?xml version="1.0" encoding="UTF-8"?>
<clientConfig version="1.1">
  <emailProvider id="email-srvr.com">
    <domain>andreasknuth.de</domain>
    <displayName>Andreas Knuth Mail</displayName>
    <displayShortName>AK Mail</displayShortName>
    <incomingServer type="imap">
      <hostname>email-srvr.com</hostname>
      <port>993</port>
      <socketType>SSL</socketType>
      <authentication>password-cleartext</authentication>
      <username>%EMAILADDRESS%</username>
    </incomingServer>
    <outgoingServer type="smtp">
      <hostname>email-srvr.com</hostname>
      <port>587</port>
      <socketType>STARTTLS</socketType>
      <authentication>password-cleartext</authentication>
      <username>%EMAILADDRESS%</username>
    </outgoingServer>
  </emailProvider>
</clientConfig>`
    }
    
    # Fallback für andere Anfragen
    handle {
        respond "Mail Server Configuration" 200
    }
    
    log {
        output stderr
        format console
    }
}