2019-11-06 21:18:36 +01:00
|
|
|
https://{$BASE_DOMAIN} {
|
2019-10-27 16:35:12 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-10-21 21:57:02 +02:00
|
|
|
gzip
|
|
|
|
root /srv/homepage
|
|
|
|
git {
|
|
|
|
repo ssh://git@gitlab.csprung.de:vserver/homepage.git
|
|
|
|
path /build/homepage
|
|
|
|
key /root/deploy_keys/caddy
|
|
|
|
hook /__gitlab_hook__
|
|
|
|
clone_args --recurse-submodules
|
|
|
|
pull_args --recurse-submodules
|
|
|
|
then hugo --cleanDestinationDir --destination /srv/homepage
|
|
|
|
}
|
|
|
|
}
|
2019-10-27 16:35:12 +01:00
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
http://*.{$BASE_DOMAIN} {
|
2019-11-02 19:28:50 +01:00
|
|
|
redir https://{host}{uri}
|
|
|
|
}
|
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
https://echo.{$BASE_DOMAIN} {
|
2019-10-27 16:35:12 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-10-27 16:35:12 +01:00
|
|
|
gzip
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy / echo:8000 {
|
|
|
|
transparent
|
|
|
|
}
|
2019-10-27 16:35:12 +01:00
|
|
|
}
|
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
https://cloud.{$BASE_DOMAIN} {
|
2019-10-27 16:35:12 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-10-27 16:35:12 +01:00
|
|
|
gzip
|
|
|
|
proxy / nextcloud:80 {
|
|
|
|
transparent
|
2019-11-02 19:28:50 +01:00
|
|
|
header_upstream X-Forwarded-Host {host}
|
2019-10-27 16:35:12 +01:00
|
|
|
}
|
2019-10-27 20:03:24 +01:00
|
|
|
redir {
|
|
|
|
/.well-known/carddav /remote.php/dav
|
|
|
|
/.well-known/caldav /remote.php/dav
|
|
|
|
/.well-known/webfinger /public.php?service=webfinger
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
|
|
|
|
https://bitwarden.{$BASE_DOMAIN} {
|
2019-10-27 20:03:24 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-10-27 20:03:24 +01:00
|
|
|
gzip
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy /notifications/hub/negotiate bitwarden:80 {
|
2019-11-05 22:32:12 +01:00
|
|
|
transparent
|
|
|
|
}
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy /notifications/hub bitwarden:3012 {
|
2019-11-05 22:32:12 +01:00
|
|
|
websocket
|
2019-10-27 20:03:24 +01:00
|
|
|
}
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy / bitwarden:80 {
|
2019-11-05 22:32:12 +01:00
|
|
|
transparent
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
# https://bitwarden.{$BASE_DOMAIN} {
|
|
|
|
# log / stdout "{host} - {common}"
|
|
|
|
# errors stdout
|
|
|
|
# tls {$TLS_EMAIL}
|
|
|
|
# gzip
|
|
|
|
# proxy / bitwarden-web:5000 {
|
|
|
|
# transparent
|
|
|
|
# header_downstream Content-Security-Policy "default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://haveibeenpwned.com https://www.gravatar.com; child-src 'self' https://*.duosecurity.com; frame-src 'self' https://*.duosecurity.com; connect-src 'self' wss://{host} https://api.pwnedpasswords.com https://twofactorauth.org; object-src 'self' blob:;"
|
|
|
|
# header_downstream X-Frame-Options SAMEORIGIN
|
|
|
|
# header_downstream X-Robots-Tag "noindex, nofollow"
|
|
|
|
# }
|
|
|
|
# proxy /app-id.json bitwarden-web:5000/app-id.json {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /duo-connector.html bitwarden-web:5000/duo-connector.html {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /attachments/ bitwarden-attachments:5000 {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /api/ bitwarden-api:5000 {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /identity/ bitwarden-identity:5000 {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /icons/ bitwarden-icons:5000 {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /notifications/hub bitwarden-notifications:5000/hub {
|
|
|
|
# transparent
|
|
|
|
# websocket
|
|
|
|
# }
|
|
|
|
# proxy /events/ bitwarden-events:5000 {
|
|
|
|
# transparent
|
|
|
|
# }
|
|
|
|
# proxy /admin bitwarden-admin:5000 {
|
|
|
|
# transparent
|
|
|
|
# header_downstream X-Frame-Options SAMEORIGIN
|
|
|
|
# }
|
|
|
|
# }
|
|
|
|
|
|
|
|
https://git.{$BASE_DOMAIN} {
|
2019-11-05 22:32:12 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-11-05 22:32:12 +01:00
|
|
|
gzip
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy / gitea:3000 {
|
|
|
|
transparent
|
|
|
|
}
|
2019-10-27 20:03:24 +01:00
|
|
|
}
|
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
https://ci.{$BASE_DOMAIN} {
|
2019-10-27 20:03:24 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-10-27 20:03:24 +01:00
|
|
|
gzip
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy / drone:80 {
|
|
|
|
transparent
|
|
|
|
}
|
2019-10-27 16:35:12 +01:00
|
|
|
}
|
2019-11-02 23:56:28 +01:00
|
|
|
|
2019-11-06 21:18:36 +01:00
|
|
|
https://notes.{$BASE_DOMAIN} {
|
2019-11-02 23:56:28 +01:00
|
|
|
log / stdout "{host} - {common}"
|
|
|
|
errors stdout
|
2019-11-06 21:18:36 +01:00
|
|
|
tls {$TLS_EMAIL}
|
2019-11-02 23:56:28 +01:00
|
|
|
gzip
|
2019-11-06 21:18:36 +01:00
|
|
|
proxy / codimd:3000 {
|
|
|
|
transparent
|
|
|
|
}
|
2019-11-02 23:56:28 +01:00
|
|
|
}
|