foodotfiles/docker/caddy/Caddyfile

204 lines
3.8 KiB
Caddyfile

korhonen.cc, *.korhonen.cc {
tls {$CLOUDFLARE_EMAIL} {
dns cloudflare {$CLOUDFLARE_API_TOKEN}
resolvers 1.1.1.1
}
encode zstd gzip
@static {
file
path *.ico *.css *.js *.gif *.webp *.avif *.jpg *.jpeg *.png *.svg *.woff *.woff2 *.pdf *.webmanifest
}
header {
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
}
@homepage-www-redir host www.korhonen.cc
handle @homepage-www-redir {
redir https://korhonen.cc
}
@homepage host korhonen.cc
handle @homepage {
# Redirect finnish WIP
# @redirFinnish {
# header Accept-Language *fi-FI*
# not path *.js *.css *.png *.jpg *.jpeg *.svg
# not path /en* /fi*
# }
# redir @redirFinnish /fi{uri}
#
# uri strip_prefix /en
header @static Cache-Control max-age=5184000
root * /var/www/korhonen.cc
file_server
}
@wkd host openpgpkey.korhonen.cc
handle @wkd {
root * /var/www/wkd
file_server browse
header Access-Control-Allow-Origin "*"
}
@index host index.korhonen.cc
handle @index {
root * /var/www/index.korhonen.cc
file_server browse
}
@home-assistant host home.korhonen.cc
handle @home-assistant {
reverse_proxy home-assistant:8123
}
@authentik host sso.korhonen.cc
handle @authentik {
reverse_proxy authentik:9000
}
@forgejo host git.korhonen.cc
handle @forgejo {
rewrite /user/login /user/oauth2/authentik
reverse_proxy forgejo:3000
}
@woodpecker host ci.korhonen.cc
handle @woodpecker {
reverse_proxy woodpecker:8000
}
@searx host search.korhonen.cc
handle @searx {
reverse_proxy searx:8080
}
@freshrss host rss.korhonen.cc
handle @freshrss {
reverse_proxy freshrss
}
@jellyfin host jellyfin.korhonen.cc
handle @jellyfin {
reverse_proxy jellyfin:8096
}
@pihole host pihole.korhonen.cc
handle @pihole {
reverse_proxy pihole
}
@umami host umami.korhonen.cc
handle @umami {
reverse_proxy umami:3000
rewrite /ua9quuaW.js /script.js
}
@nextcloud host cloud.korhonen.cc
handle @nextcloud {
# Redirect login page to Authentik
redir /login /apps/sociallogin/custom_oidc/korhonen-sso 301
# .htaccess / data / config / ... shouldn't be accessible from outside
@forbidden {
path /.htaccess
path /data/*
path /config/*
path /db_structure
path /.xml
path /README
path /3rdparty/*
path /lib/*
path /templates/*
path /occ
path /console.php
}
handle @forbidden {
respond 404
}
redir /.well-known/carddav /remote.php/dav 301
redir /.well-known/caldav /remote.php/dav 301
root * /var/www/nextcloud
php_fastcgi nextcloud:9000 {
root /var/www/html
# Tells nextcloud to remove /index.php from URLs in links
env front_controller_active true
}
file_server
}
@tvheadend host tvheadend.korhonen.cc
handle @tvheadend {
reverse_proxy tvheadend:9981
}
@collabora host collabora.korhonen.cc
handle @collabora {
reverse_proxy collabora:9980
}
@grafana host grafana.korhonen.cc
handle @grafana {
reverse_proxy grafana:3000
}
@drop host drop.korhonen.cc
handle @drop {
reverse_proxy drop:3000
}
handle {
respond "404 Not Found" 404
}
handle_errors {
@homepage_404 {
expression {http.error.status_code} == 404
host korhonen.cc
}
handle @homepage_404 {
root * /var/www/korhonen.cc
rewrite * /404.html
file_server
}
respond "{err.status_code} {err.status_text}"
}
}
korhonen.social, *.korhonen.social {
tls {$CLOUDFLARE_EMAIL} {
dns cloudflare {$CLOUDFLARE_API_TOKEN}
resolvers 1.1.1.1
}
encode zstd gzip
header {
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
}
@firefish-www-redir host www.korhonen.social
handle @firefish-www-redir {
redir https://korhonen.social
}
@firefish host korhonen.social
handle @firefish {
reverse_proxy firefish:3000
}
handle {
respond "404 Not Found" 404
}
handle_errors {
respond "{err.status_code} {err.status_text}"
}
}