akanealw/dockerserver-scott
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
2379c6d64b4425d8da602a92d0ff7583dab8301d
dockerserver-scott/reverseproxy2/caddy/Caddyfile
T

233 lines
6.6 KiB
Caddyfile
Raw Blame History

# --------------------------------------------------
# global options
# --------------------------------------------------
{
acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
# admin :2019
# log {
# output file caddy.log
# level info
# }
servers {
trusted_proxies static private_ranges
}
}
# --------------------------------------------------
# cloudflare tls snippet for sites
# --------------------------------------------------
(cloudflare) {
tls {
dns cloudflare {env.DNS_PROVIDER_TOKEN}
resolvers 1.1.1.1 1.0.0.1
}
}
# --------------------------------------------------
# auth snippet for authelia
# --------------------------------------------------
(auth) {
forward_auth authelia:9091 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
}
# --------------------------------------------------
# wettsten.com root domain
# --------------------------------------------------
wettsten.com {
import cloudflare
@akanealwcom host wettsten.com
handle @akanealwcom {
import auth
reverse_proxy 192.168.1.4:3005
}
}
# --------------------------------------------------
# authelia subdomain
# --------------------------------------------------
auth.wettsten.com {
import cloudflare
reverse_proxy authelia:9091
}
# --------------------------------------------------
# *.wettsten.com subdomains
# --------------------------------------------------
*.wettsten.com {
# --------------------------------------------------
# internal only subdomains
#
#
# @ host .wettsten.com
# handle @ {
# handle @internal {
# reverse_proxy 192.168.1.
# }
# respond "ip range not allowed"
# }
#
#
# @ host .wettsten.com
# handle @ {
# handle @internal {
# reverse_proxy https://192.168.1. {
# transport http {
# tls_insecure_skip_verify
# }
# }
# }
# respond "ip range not allowed"
# }
#
#
# --------------------------------------------------
@internal client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8
@external not client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8
import cloudflare
@adguard1 host adguardserver1.wettsten.com
handle @adguard1 {
handle @internal {
reverse_proxy 192.168.1.2:80
}
respond "ip range not allowed"
}
@bale host bale.wettsten.com
handle @bale {
handle @internal {
reverse_proxy 192.168.1.51:8080
}
respond "ip range not allowed"
}
@dockerdockge host dockerserver-dockge.wettsten.com
handle @dockerdockge {
handle @internal {
reverse_proxy 192.168.1.30:5001
}
respond "ip range not allowed"
}
@dockerdozzle host dockerserver-dozzle.wettsten.com
handle @dockerdozzle {
handle @internal {
reverse_proxy 192.168.1.30:8080
}
respond "ip range not allowed"
}
@gluetun host gluetun.wettsten.com
handle @gluetun {
handle @internal {
reverse_proxy 192.168.1.30:8777
}
respond "ip range not allowed"
}
@proxmox1 host proxmox1.wettsten.com
handle @proxmox1 {
handle @internal {
reverse_proxy https://192.168.1.51:8006 {
transport http {
tls_insecure_skip_verify
}
}
}
respond "ip range not allowed"
}
@proxmoxbackup host proxmoxbackup.wettsten.com
handle @proxmoxbackup {
handle @internal {
reverse_proxy https://192.168.1.51:8007 {
transport http {
tls_insecure_skip_verify
}
}
}
respond "ip range not allowed"
}
@router host router.wettsten.com
handle @router {
handle @internal {
reverse_proxy https://192.168.1.1:443 {
transport http {
tls_insecure_skip_verify
}
}
}
respond "ip range not allowed"
}
@webmin host webmin.wettsten.com
handle @webmin {
handle @internal {
reverse_proxy https://192.168.1.51:10000 {
transport http {
tls_insecure_skip_verify
}
}
}
respond "ip range not allowed"
}
# --------------------------------------------------
# external subdomains without authelia
#
#
# @ host .wettsten.com
# handle @ {
# reverse_proxy 192.168.1.
# }
#
#
# --------------------------------------------------
@bitwarden host bitwarden.wettsten.com
handle @bitwarden {
reverse_proxy 192.168.1.4:8089
}
@jellyfin host jellyfin.wettsten.com
handle @jellyfin {
reverse_proxy 192.168.1.42:8096
}
# --------------------------------------------------
# external subdomains with authelia
#
#
# @ host .wettsten.com
# handle @ {
# import auth
# reverse_proxy 192.168.1.
# }
#
#
# --------------------------------------------------
@whoami host whoami.wettsten.com
handle @whoami {
import auth
reverse_proxy whoami:80
}
}
Reference in New Issue View Git Blame Copy Permalink