updated documentation
This commit is contained in:
fuomag9
@@ -101,6 +101,10 @@ OAUTH_ALLOW_AUTO_LINKING=false # Auto-link OAuth to accounts without pas
|
||||
# Certificate storage directory (usually no need to change)
|
||||
# CERTS_DIRECTORY=./data/certs
|
||||
|
||||
# Caddy certificate directory for ACME metadata scanning in the Certificates page
|
||||
# (Only needed for custom/non-standard deployments)
|
||||
# CADDY_CERTS_DIR=/caddy-data/caddy/certificates
|
||||
|
||||
# Login rate limiting (optional, for custom rate limit settings)
|
||||
# LOGIN_MAX_ATTEMPTS=5
|
||||
# LOGIN_WINDOW_MS=300000
|
||||
|
||||
20
README.md
20
README.md
@@ -15,10 +15,11 @@ Web interface for managing [Caddy Server](https://caddyserver.com/) reverse prox
|
||||
This project provides a web UI for Caddy Server, eliminating the need to manually edit JSON configurations or Caddyfiles. It handles reverse proxies, access lists, and certificate management through a Material UI interface.
|
||||
|
||||
**Key features:**
|
||||
- Reverse proxy configuration with upstream pools and custom headers
|
||||
- HTTP basic auth access lists
|
||||
- Reverse proxy configuration with multiple upstreams and custom headers
|
||||
- HTTP basic auth access lists with multi-account support
|
||||
- OAuth2/OIDC authentication support
|
||||
- Automatic HTTPS via Caddy's ACME (Let's Encrypt) with Cloudflare DNS-01 support
|
||||
- ACME certificate visibility (issuer + expiry) in the Certificates page
|
||||
- Optional upstream DNS pinning (resolve upstream hostnames on config apply)
|
||||
- Geo blocking per proxy host — block/allow by country, continent, ASN, CIDR, or IP
|
||||
- Custom certificate import (internal CA, wildcards, etc.)
|
||||
@@ -45,10 +46,10 @@ Data persists in Docker volumes (caddy-manager-data, caddy-data, caddy-config, c
|
||||
|
||||
## Features
|
||||
|
||||
- **Proxy Hosts** - Reverse proxies with custom headers and upstream pools
|
||||
- **Proxy Hosts** - Reverse proxies with custom headers and multiple upstreams
|
||||
- **Geo Blocking** - Block or allow traffic by country, continent, ASN, CIDR range, or exact IP per proxy host
|
||||
- **Access Lists** - HTTP basic auth
|
||||
- **Certificates** - Custom SSL/TLS import (automatic Let's Encrypt via Caddy)
|
||||
- **Access Lists** - Multi-account HTTP basic auth
|
||||
- **Certificates** - Automatic Let's Encrypt certificates via Caddy + manual SSL/TLS import
|
||||
- **Settings** - ACME email, Cloudflare DNS-01, and upstream DNS pinning defaults
|
||||
- **Audit Log** - Configuration change tracking
|
||||
|
||||
@@ -67,6 +68,7 @@ Data persists in Docker volumes (caddy-manager-data, caddy-data, caddy-config, c
|
||||
| `CADDY_API_URL` | Caddy Admin API endpoint | `http://caddy:2019` (prod)<br/>`http://localhost:2019` (dev) | No |
|
||||
| `DATABASE_URL` | SQLite database URL | `file:/app/data/caddy-proxy-manager.db` | No |
|
||||
| `CERTS_DIRECTORY` | Certificate storage directory | `./data/certs` | No |
|
||||
| `CADDY_CERTS_DIR` | Caddy cert storage path used for ACME metadata scanning (non-default deployments) | `/caddy-data/caddy/certificates` | No |
|
||||
| `LOGIN_MAX_ATTEMPTS` | Max login attempts before rate limit | `5` | No |
|
||||
| `LOGIN_WINDOW_MS` | Rate limit window in milliseconds | `300000` (5 min) | No |
|
||||
| `LOGIN_BLOCK_MS` | Rate limit block duration in milliseconds | `900000` (15 min) | No |
|
||||
@@ -75,6 +77,10 @@ Data persists in Docker volumes (caddy-manager-data, caddy-data, caddy-config, c
|
||||
| `OAUTH_CLIENT_ID` | OAuth2 client ID | None | No |
|
||||
| `OAUTH_CLIENT_SECRET` | OAuth2 client secret | None | No |
|
||||
| `OAUTH_ISSUER` | OAuth2 OIDC issuer URL | None | No |
|
||||
| `OAUTH_AUTHORIZATION_URL` | Optional OAuth authorization endpoint override | Auto-discovered from `OAUTH_ISSUER` | No |
|
||||
| `OAUTH_TOKEN_URL` | Optional OAuth token endpoint override | Auto-discovered from `OAUTH_ISSUER` | No |
|
||||
| `OAUTH_USERINFO_URL` | Optional OAuth userinfo endpoint override | Auto-discovered from `OAUTH_ISSUER` | No |
|
||||
| `OAUTH_ALLOW_AUTO_LINKING` | Allow auto-linking OAuth identities to existing users | `false` | No |
|
||||
|
||||
**Production Requirements:**
|
||||
- `SESSION_SECRET`: 32+ characters (`openssl rand -base64 32`)
|
||||
@@ -230,8 +236,8 @@ Contributions welcome:
|
||||
|
||||
## Support
|
||||
|
||||
- **Issues:** [GitHub Issues](https://github.com/yourusername/caddy-proxy-manager/issues) for bugs and feature requests
|
||||
- **Discussions:** [GitHub Discussions](https://github.com/yourusername/caddy-proxy-manager/discussions) for questions and ideas
|
||||
- **Issues:** [GitHub Issues](https://github.com/fuomag9/caddy-proxy-manager/issues) for bugs and feature requests
|
||||
- **Discussions:** [GitHub Discussions](https://github.com/fuomag9/caddy-proxy-manager/discussions) for questions and ideas
|
||||
|
||||
---
|
||||
|
||||
|
||||
Reference in New Issue
Block a user