diff --git a/caddy/caddy/Caddyfile b/caddy/caddy/Caddyfile index 3a791b5..66c190e 100755 --- a/caddy/caddy/Caddyfile +++ b/caddy/caddy/Caddyfile @@ -2,25 +2,25 @@ # global options # -------------------------------------------------- { - acme_ca https://acme-staging-v02.api.letsencrypt.org/directory + acme_ca https://acme-staging-v02.api.letsencrypt.org/directory - admin :2019 - log { - output file /var/log/caddy/caddy.log - level info - } + admin :2019 + log { + output file /var/log/caddy/caddy.log + level info + } - servers { - trusted_proxies static private_ranges - } + servers { + trusted_proxies static private_ranges + } - crowdsec { - api_url http://crowdsec:8080 - api_key uok9y/eKet7rhXxxGvgUNmMiKsAxxh2JJd4rsGvCDoE - ticker_interval 15s - #disable_streaming - #enable_hard_fails - } + crowdsec { + api_url http://crowdsec:8080 + api_key uok9y/eKet7rhXxxGvgUNmMiKsAxxh2JJd4rsGvCDoE + ticker_interval 15s + #disable_streaming + #enable_hard_fails + } } # -------------------------------------------------- @@ -28,10 +28,10 @@ # -------------------------------------------------- (cloudflare) { - tls { - dns cloudflare BI5kO2I9fHAqso_OClKxbUM6xTCodH2OfQ60yNp3 - resolvers 1.1.1.1 1.0.0.1 - } + tls { + dns cloudflare BI5kO2I9fHAqso_OClKxbUM6xTCodH2OfQ60yNp3 + resolvers 1.1.1.1 1.0.0.1 + } } # -------------------------------------------------- @@ -39,10 +39,10 @@ # -------------------------------------------------- (auth) { - forward_auth authelia:9091 { - uri /api/authz/forward-auth - copy_headers Remote-User Remote-Groups Remote-Email Remote-Name - } + forward_auth authelia:9091 { + uri /api/authz/forward-auth + copy_headers Remote-User Remote-Groups Remote-Email Remote-Name + } } # -------------------------------------------------- @@ -50,12 +50,12 @@ # -------------------------------------------------- akanealw.com { - import cloudflare - @akanealwcom host akanealw.com - handle @akanealwcom { - import auth - reverse_proxy 192.168.1.30:3005 - } + import cloudflare + @akanealwcom host akanealw.com + handle @akanealwcom { + import auth + reverse_proxy 192.168.1.30:3005 + } } # -------------------------------------------------- @@ -63,8 +63,8 @@ akanealw.com { # -------------------------------------------------- auth.akanealw.com { - import cloudflare - reverse_proxy authelia:9091 + import cloudflare + reverse_proxy authelia:9091 } # -------------------------------------------------- @@ -73,617 +73,617 @@ auth.akanealw.com { *.akanealw.com { -# -------------------------------------------------- -# external subdomains without authelia -# -# -# @ host .akanealw.com -# handle @ { -# reverse_proxy 192.168.1. -# } -# -# -# @ host .akanealw.com -# handle @ { +# -------------------------------------------------- +# external subdomains without authelia +# +# +# @ host .akanealw.com +# handle @ { +# reverse_proxy 192.168.1. +# } +# +# +# @ host .akanealw.com +# handle @ { # reverse_proxy https://192.168.1. { # transport http { # tls_insecure_skip_verify # } # } # } -# -# -------------------------------------------------- - - @internal client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 - @external not client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 - import cloudflare +# +# -------------------------------------------------- + + @internal client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 + @external not client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 127.0.0.1/8 + import cloudflare - @bitwarden host bitwarden.akanealw.com - handle @bitwarden { - reverse_proxy 192.168.1.30:8089 - } + @bitwarden host bitwarden.akanealw.com + handle @bitwarden { + reverse_proxy 192.168.1.30:8089 + } - @giteadocker host gitea-docker.akanealw.com - handle @giteadocker { - reverse_proxy 192.168.1.30:3100 - } + @giteadocker host gitea-docker.akanealw.com + handle @giteadocker { + reverse_proxy 192.168.1.30:3100 + } - @gitea host gitea.akanealw.com - handle @gitea { - reverse_proxy 192.168.1.50:3000 - } + @gitea host gitea.akanealw.com + handle @gitea { + reverse_proxy 192.168.1.50:3000 + } - @jellyfin host jellyfin.akanealw.com - handle @jellyfin { - reverse_proxy 192.168.1.30:8096 - } + @jellyfin host jellyfin.akanealw.com + handle @jellyfin { + reverse_proxy 192.168.1.30:8096 + } - @headscale host headscale.akanealw.com - handle @headscale { - reverse_proxy 192.168.1.95:8888 - } + @headscale host headscale.akanealw.com + handle @headscale { + reverse_proxy 192.168.1.95:8888 + } - @nextcloud host nextcloud.akanealw.com - handle @nextcloud { - reverse_proxy https://192.168.1.30:443 { + @nextcloud host nextcloud.akanealw.com + handle @nextcloud { + reverse_proxy https://192.168.1.30:443 { transport http { tls_insecure_skip_verify } } - } + } -# -------------------------------------------------- -# external subdomains with authelia -# -# -# @ host .akanealw.com -# handle @ { -# import auth -# reverse_proxy 192.168.1. -# } -# -# @ host .akanealw.com -# handle @ { -# import auth +# -------------------------------------------------- +# external subdomains with authelia +# +# +# @ host .akanealw.com +# handle @ { +# import auth +# reverse_proxy 192.168.1. +# } +# +# @ host .akanealw.com +# handle @ { +# import auth # reverse_proxy https://192.168.1. { # transport http { # tls_insecure_skip_verify # } # } -# } +# } # -# -# -------------------------------------------------- - - @docmost host docmost.akanealw.com - handle @docmost { - import auth - reverse_proxy 192.168.1.30:3300 - } - - @memos host memos.akanealw.com - handle @memos { - import auth - reverse_proxy 192.168.1.30:5230 - } - - @whoami host whoami.akanealw.com - handle @whoami { - import auth - reverse_proxy localhost:80 - } - - @wallos host wallos.akanealw.com - handle @wallos { - import auth - reverse_proxy 192.168.1.30:8389 - } - - @homepage host www.akanealw.com - handle @homepage { - import auth - reverse_proxy 192.168.1.30:3005 - } - - @filebrowser host filebrowser.akanealw.com - handle @filebrowser { - import auth - reverse_proxy 192.168.1.30:8484 - } - - @archive host archive.akanealw.com - handle @archive { - import auth - reverse_proxy 192.168.1.30:8283 - } - - @archivebox host archivebox.akanealw.com - handle @archivebox { - import auth - reverse_proxy 192.168.1.30:8283 - } - - @codeserver host codeserver.akanealw.com - handle @codeserver { - import auth - reverse_proxy 192.168.1.50:3001 - } - - @freshrss host freshrss.akanealw.com - handle @freshrss { - import auth - reverse_proxy 192.168.1.30:8088 - } - - @jackett host jackett.akanealw.com - handle @jackett { - import auth - reverse_proxy 192.168.1.30:9117 - } - - @jdownloader host jdownloader.akanealw.com - handle @jdownloader { - import auth - reverse_proxy 192.168.1.30:5800 - } - - @jellyseerr host jellyseerr.akanealw.com - handle @jellyseerr { - import auth - reverse_proxy 192.168.1.30:5056 - } - - @kavita host kavita.akanealw.com - handle @kavita { - import auth - reverse_proxy 192.168.1.30:5002 - } - - @lidarr host lidarr.akanealw.com - handle @lidarr { - import auth - reverse_proxy 192.168.1.30:8686 - } - - @metube host metube.akanealw.com - handle @metube { - import auth - reverse_proxy 192.168.1.30:8082 - } - - @mstream host mstream.akanealw.com - handle @mstream { - import auth - reverse_proxy 192.168.1.30:3001 - } - - @nzbhydra host nzbhydra.akanealw.com - handle @nzbhydra { - import auth - reverse_proxy 192.168.1.30:5076 - } - - @olivetin host olivetin.akanealw.com - handle @olivetin { - import auth - reverse_proxy 192.168.1.30:1337 - } - - @opengist host opengist.akanealw.com - handle @opengist { - import auth - reverse_proxy 192.168.1.30:6157 - } - - @paperless host paperless.akanealw.com - handle @paperless { - import auth - reverse_proxy 192.168.1.30:8112 - } - - @prowlarr host prowlarr.akanealw.com - handle @prowlarr { - import auth - reverse_proxy 192.168.1.30:9696 - } - - @qbittorrent host qbittorrent.akanealw.com - handle @qbittorrent { - import auth - reverse_proxy 192.168.1.30:8282 - } - - @radarr host radarr.akanealw.com - handle @radarr { - import auth - reverse_proxy 192.168.1.30:7878 - } - - @sabnzbd host sabnzbd.akanealw.com - handle @sabnzbd { - import auth - reverse_proxy 192.168.1.30:8181 - } - - @shlinkweb host shlink.akanealw.com - handle @shlinkweb { - import auth - reverse_proxy 192.168.1.30:8381 - } - - @sonarr host sonarr.akanealw.com - handle @sonarr { - import auth - reverse_proxy 192.168.1.30:8989 - } - - @spdf host spdf.akanealw.com - handle @spdf { - import auth - reverse_proxy 192.168.1.30:8086 - } - - @ittools host it-tools.akanealw.com - handle @ittools { - import auth - reverse_proxy 192.168.1.30:8383 - } - - @wikidocs host wiki.akanealw.com - handle @wikidocs { - import auth - reverse_proxy 192.168.1.30:8022 - } - - -# -------------------------------------------------- -# internal only subdomains -# -# -# @ host .akanealw.com -# handle @ { -# handle @internal { -# reverse_proxy 192.168.1. -# } -# respond "ip range not allowed" -# } -# -# -# @ host .akanealw.com -# handle @ { -# handle @internal { -# reverse_proxy https://192.168.1. { -# transport http { -# tls_insecure_skip_verify -# } -# } -# } -# respond "ip range not allowed" -# } -# -# -# -------------------------------------------------- - - @localshare host localshare.akanealw.com - handle @localshare { - handle @internal { - reverse_proxy 192.168.1.30:8385 - } - respond "ip range not allowed" - } - - @checkmk host checkmk.akanealw.com - handle @checkmk { - handle @internal { - reverse_proxy 192.168.1.30:8888 - } - respond "ip range not allowed" - } - - @linkwarden host linkwarden.akanealw.com - handle @linkwarden { - handle @internal { - reverse_proxy 192.168.1.30:3232 - } - respond "ip range not allowed" - } - - @adguardhome host adguardhome.akanealw.com - handle @adguardhome { - handle @internal { - reverse_proxy 192.168.1.1:3000 - } - respond "ip range not allowed" - } - - @adguard1 host adguardserver1.akanealw.com - handle @adguard1 { - handle @internal { - reverse_proxy 192.168.1.2:80 - } - respond "ip range not allowed" - } - - @adguard2 host adguardserver2.akanealw.com - handle @adguard2 { - handle @internal { - reverse_proxy 192.168.1.3:80 - } - respond "ip range not allowed" - } - - @bale host bale.akanealw.com - handle @bale { - handle @internal { - reverse_proxy 192.168.1.51:8080 - } - respond "ip range not allowed" - } - - @cronicle host cronicle.akanealw.com - handle @cronicle { - handle @internal { - reverse_proxy 192.168.1.30:3012 - } - respond "ip range not allowed" - } - - @devdockge host dev-dockge.akanealw.com - handle @devdockge { - handle @internal { - reverse_proxy 192.168.1.35:5001 - } - respond "ip range not allowed" - } - - @devdozzle host dev-dozzle.akanealw.com - handle @devdozzle { - handle @internal { - reverse_proxy 192.168.1.35:8080 - } - respond "ip range not allowed" - } - - @dockerdockge host dockerserver-dockge.akanealw.com - handle @dockerdockge { - handle @internal { - reverse_proxy 192.168.1.30:5001 - } - respond "ip range not allowed" - } - - @dockerdozzle host dockerserver-dozzle.akanealw.com - handle @dockerdozzle { - handle @internal { - reverse_proxy 192.168.1.30:8080 - } - respond "ip range not allowed" - } - - @dockertestdockge host dockerservertest-dockge.akanealw.com - handle @dockertestdockge { - handle @internal { - reverse_proxy 192.168.1.33:5001 - } - respond "ip range not allowed" - } - - @dockertestdozzle host dockerservertest-dozzle.akanealw.com - handle @dockertestdozzle { - handle @internal { - reverse_proxy 192.168.1.33:8080 - } - respond "ip range not allowed" - } - - @proxyserverdockge host proxyserver-dockge.akanealw.com - handle @proxyserverdockge { - handle @internal { - reverse_proxy 192.168.1.4:5001 - } - respond "ip range not allowed" - } - - @proxyserverdozzle host proxyserver-dozzle.akanealw.com - handle @proxyserverdozzle { - handle @internal { - reverse_proxy 192.168.1.4:8080 - } - respond "ip range not allowed" - } - - @files host files.akanealw.com - handle @files { - handle @internal { - redir / /files{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @icons host icons.akanealw.com - handle @icons { - handle @internal { - rewrite * /files/icons{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @peanut host peanut.akanealw.com - handle @peanut { - handle @internal { - reverse_proxy 192.168.1.30:8980 - } - respond "ip range not allowed" - } - - @photoprism host photoprism.akanealw.com - handle @photoprism { - handle @internal { - reverse_proxy 192.168.1.30:2342 - } - respond "ip range not allowed" - } - - @photoprismdadandmom host photos.akanealw.com - handle @photoprismdadandmom { - handle @internal { - reverse_proxy 192.168.1.25:2342 - } - respond "ip range not allowed" - } - - @proxmox1 host proxmox1.akanealw.com - handle @proxmox1 { - handle @internal { - reverse_proxy https://192.168.1.51:8006 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @proxmox2 host proxmox2.akanealw.com - handle @proxmox2 { - handle @internal { - reverse_proxy https://192.168.1.52:8006 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @proxmoxbackup host proxmoxbackup.akanealw.com - handle @proxmoxbackup { - handle @internal { - reverse_proxy https://192.168.1.51:8007 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @router host router.akanealw.com - handle @router { - handle @internal { - reverse_proxy http://192.168.1.1:80 - } - respond "ip range not allowed" - } - - @rssbridge host rss-bridge.akanealw.com - handle @rssbridge { - handle @internal { - reverse_proxy 192.168.1.30:3006 - } - respond "ip range not allowed" - } - - @invidious host invidious.akanealw.com - handle @invidious { - handle @internal { - reverse_proxy 192.168.1.30:3000 - } - respond "ip range not allowed" - } - - @scripts host scripts.akanealw.com - handle @scripts { - handle @internal { - redir / /scripts{uri} - reverse_proxy 192.168.1.50:80 - } - respond "ip range not allowed" - } - - @speedtest host speedtest.akanealw.com - handle @speedtest { - handle @internal { - reverse_proxy 192.168.1.30:8765 - } - respond "ip range not allowed" - } - - @dockersyncthing host dockerserver-syncthing.akanealw.com - handle @dockersyncthing { - handle @internal { - reverse_proxy https://192.168.1.30:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @gamingpcsyncthing host gamingpc-syncthing.akanealw.com - handle @gamingpcsyncthing { - handle @internal { - reverse_proxy https://192.168.1.11:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @laptoppcsyncthing host laptoppc-syncthing.akanealw.com - handle @laptoppcsyncthing { - handle @internal { - reverse_proxy https://192.168.1.12:8384 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @webmin host webmin.akanealw.com - handle @webmin { - handle @internal { - reverse_proxy https://192.168.1.51:10000 { - transport http { - tls_insecure_skip_verify - } - } - } - respond "ip range not allowed" - } - - @wireguardui host wireguardui.akanealw.com - handle @wireguardui { - handle @internal { - reverse_proxy 192.168.1.4:5000 - } - respond "ip range not allowed" - } - - @zabbix host zabbix.akanealw.com - handle @zabbix { - handle @internal { - reverse_proxy 192.168.1.44:8080 - } - respond "ip range not allowed" - } - - @piholewg host pihole-wg.akanealw.com - handle @piholewg { - handle @internal { - redir / /admin{uri} - reverse_proxy 192.168.1.4:3000 - } - respond "ip range not allowed" - } +# +# -------------------------------------------------- + + @docmost host docmost.akanealw.com + handle @docmost { + import auth + reverse_proxy 192.168.1.30:3300 + } + + @memos host memos.akanealw.com + handle @memos { + import auth + reverse_proxy 192.168.1.30:5230 + } + + @whoami host whoami.akanealw.com + handle @whoami { + import auth + reverse_proxy localhost:80 + } + + @wallos host wallos.akanealw.com + handle @wallos { + import auth + reverse_proxy 192.168.1.30:8389 + } + + @homepage host www.akanealw.com + handle @homepage { + import auth + reverse_proxy 192.168.1.30:3005 + } + + @filebrowser host filebrowser.akanealw.com + handle @filebrowser { + import auth + reverse_proxy 192.168.1.30:8484 + } + + @archive host archive.akanealw.com + handle @archive { + import auth + reverse_proxy 192.168.1.30:8283 + } + + @archivebox host archivebox.akanealw.com + handle @archivebox { + import auth + reverse_proxy 192.168.1.30:8283 + } + + @codeserver host codeserver.akanealw.com + handle @codeserver { + import auth + reverse_proxy 192.168.1.50:3001 + } + + @freshrss host freshrss.akanealw.com + handle @freshrss { + import auth + reverse_proxy 192.168.1.30:8088 + } + + @jackett host jackett.akanealw.com + handle @jackett { + import auth + reverse_proxy 192.168.1.30:9117 + } + + @jdownloader host jdownloader.akanealw.com + handle @jdownloader { + import auth + reverse_proxy 192.168.1.30:5800 + } + + @jellyseerr host jellyseerr.akanealw.com + handle @jellyseerr { + import auth + reverse_proxy 192.168.1.30:5056 + } + + @kavita host kavita.akanealw.com + handle @kavita { + import auth + reverse_proxy 192.168.1.30:5002 + } + + @lidarr host lidarr.akanealw.com + handle @lidarr { + import auth + reverse_proxy 192.168.1.30:8686 + } + + @metube host metube.akanealw.com + handle @metube { + import auth + reverse_proxy 192.168.1.30:8082 + } + + @mstream host mstream.akanealw.com + handle @mstream { + import auth + reverse_proxy 192.168.1.30:3001 + } + + @nzbhydra host nzbhydra.akanealw.com + handle @nzbhydra { + import auth + reverse_proxy 192.168.1.30:5076 + } + + @olivetin host olivetin.akanealw.com + handle @olivetin { + import auth + reverse_proxy 192.168.1.30:1337 + } + + @opengist host opengist.akanealw.com + handle @opengist { + import auth + reverse_proxy 192.168.1.30:6157 + } + + @paperless host paperless.akanealw.com + handle @paperless { + import auth + reverse_proxy 192.168.1.30:8112 + } + + @prowlarr host prowlarr.akanealw.com + handle @prowlarr { + import auth + reverse_proxy 192.168.1.30:9696 + } + + @qbittorrent host qbittorrent.akanealw.com + handle @qbittorrent { + import auth + reverse_proxy 192.168.1.30:8282 + } + + @radarr host radarr.akanealw.com + handle @radarr { + import auth + reverse_proxy 192.168.1.30:7878 + } + + @sabnzbd host sabnzbd.akanealw.com + handle @sabnzbd { + import auth + reverse_proxy 192.168.1.30:8181 + } + + @shlinkweb host shlink.akanealw.com + handle @shlinkweb { + import auth + reverse_proxy 192.168.1.30:8381 + } + + @sonarr host sonarr.akanealw.com + handle @sonarr { + import auth + reverse_proxy 192.168.1.30:8989 + } + + @spdf host spdf.akanealw.com + handle @spdf { + import auth + reverse_proxy 192.168.1.30:8086 + } + + @ittools host it-tools.akanealw.com + handle @ittools { + import auth + reverse_proxy 192.168.1.30:8383 + } + + @wikidocs host wiki.akanealw.com + handle @wikidocs { + import auth + reverse_proxy 192.168.1.30:8022 + } + + +# -------------------------------------------------- +# internal only subdomains +# +# +# @ host .akanealw.com +# handle @ { +# handle @internal { +# reverse_proxy 192.168.1. +# } +# respond "ip range not allowed" +# } +# +# +# @ host .akanealw.com +# handle @ { +# handle @internal { +# reverse_proxy https://192.168.1. { +# transport http { +# tls_insecure_skip_verify +# } +# } +# } +# respond "ip range not allowed" +# } +# +# +# -------------------------------------------------- + + @localshare host localshare.akanealw.com + handle @localshare { + handle @internal { + reverse_proxy 192.168.1.30:8385 + } + respond "ip range not allowed" + } + + @checkmk host checkmk.akanealw.com + handle @checkmk { + handle @internal { + reverse_proxy 192.168.1.30:8888 + } + respond "ip range not allowed" + } + + @linkwarden host linkwarden.akanealw.com + handle @linkwarden { + handle @internal { + reverse_proxy 192.168.1.30:3232 + } + respond "ip range not allowed" + } + + @adguardhome host adguardhome.akanealw.com + handle @adguardhome { + handle @internal { + reverse_proxy 192.168.1.1:3000 + } + respond "ip range not allowed" + } + + @adguard1 host adguardserver1.akanealw.com + handle @adguard1 { + handle @internal { + reverse_proxy 192.168.1.2:80 + } + respond "ip range not allowed" + } + + @adguard2 host adguardserver2.akanealw.com + handle @adguard2 { + handle @internal { + reverse_proxy 192.168.1.3:80 + } + respond "ip range not allowed" + } + + @bale host bale.akanealw.com + handle @bale { + handle @internal { + reverse_proxy 192.168.1.51:8080 + } + respond "ip range not allowed" + } + + @cronicle host cronicle.akanealw.com + handle @cronicle { + handle @internal { + reverse_proxy 192.168.1.30:3012 + } + respond "ip range not allowed" + } + + @devdockge host dev-dockge.akanealw.com + handle @devdockge { + handle @internal { + reverse_proxy 192.168.1.35:5001 + } + respond "ip range not allowed" + } + + @devdozzle host dev-dozzle.akanealw.com + handle @devdozzle { + handle @internal { + reverse_proxy 192.168.1.35:8080 + } + respond "ip range not allowed" + } + + @dockerdockge host dockerserver-dockge.akanealw.com + handle @dockerdockge { + handle @internal { + reverse_proxy 192.168.1.30:5001 + } + respond "ip range not allowed" + } + + @dockerdozzle host dockerserver-dozzle.akanealw.com + handle @dockerdozzle { + handle @internal { + reverse_proxy 192.168.1.30:8080 + } + respond "ip range not allowed" + } + + @dockertestdockge host dockerservertest-dockge.akanealw.com + handle @dockertestdockge { + handle @internal { + reverse_proxy 192.168.1.33:5001 + } + respond "ip range not allowed" + } + + @dockertestdozzle host dockerservertest-dozzle.akanealw.com + handle @dockertestdozzle { + handle @internal { + reverse_proxy 192.168.1.33:8080 + } + respond "ip range not allowed" + } + + @proxyserverdockge host proxyserver-dockge.akanealw.com + handle @proxyserverdockge { + handle @internal { + reverse_proxy 192.168.1.4:5001 + } + respond "ip range not allowed" + } + + @proxyserverdozzle host proxyserver-dozzle.akanealw.com + handle @proxyserverdozzle { + handle @internal { + reverse_proxy 192.168.1.4:8080 + } + respond "ip range not allowed" + } + + @files host files.akanealw.com + handle @files { + handle @internal { + redir / /files{uri} + reverse_proxy 192.168.1.50:80 + } + respond "ip range not allowed" + } + + @icons host icons.akanealw.com + handle @icons { + handle @internal { + rewrite * /files/icons{uri} + reverse_proxy 192.168.1.50:80 + } + respond "ip range not allowed" + } + + @peanut host peanut.akanealw.com + handle @peanut { + handle @internal { + reverse_proxy 192.168.1.30:8980 + } + respond "ip range not allowed" + } + + @photoprism host photoprism.akanealw.com + handle @photoprism { + handle @internal { + reverse_proxy 192.168.1.30:2342 + } + respond "ip range not allowed" + } + + @photoprismdadandmom host photos.akanealw.com + handle @photoprismdadandmom { + handle @internal { + reverse_proxy 192.168.1.25:2342 + } + respond "ip range not allowed" + } + + @proxmox1 host proxmox1.akanealw.com + handle @proxmox1 { + handle @internal { + reverse_proxy https://192.168.1.51:8006 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @proxmox2 host proxmox2.akanealw.com + handle @proxmox2 { + handle @internal { + reverse_proxy https://192.168.1.52:8006 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @proxmoxbackup host proxmoxbackup.akanealw.com + handle @proxmoxbackup { + handle @internal { + reverse_proxy https://192.168.1.51:8007 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @router host router.akanealw.com + handle @router { + handle @internal { + reverse_proxy http://192.168.1.1:80 + } + respond "ip range not allowed" + } + + @rssbridge host rss-bridge.akanealw.com + handle @rssbridge { + handle @internal { + reverse_proxy 192.168.1.30:3006 + } + respond "ip range not allowed" + } + + @invidious host invidious.akanealw.com + handle @invidious { + handle @internal { + reverse_proxy 192.168.1.30:3000 + } + respond "ip range not allowed" + } + + @scripts host scripts.akanealw.com + handle @scripts { + handle @internal { + redir / /scripts{uri} + reverse_proxy 192.168.1.50:80 + } + respond "ip range not allowed" + } + + @speedtest host speedtest.akanealw.com + handle @speedtest { + handle @internal { + reverse_proxy 192.168.1.30:8765 + } + respond "ip range not allowed" + } + + @dockersyncthing host dockerserver-syncthing.akanealw.com + handle @dockersyncthing { + handle @internal { + reverse_proxy https://192.168.1.30:8384 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @gamingpcsyncthing host gamingpc-syncthing.akanealw.com + handle @gamingpcsyncthing { + handle @internal { + reverse_proxy https://192.168.1.11:8384 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @laptoppcsyncthing host laptoppc-syncthing.akanealw.com + handle @laptoppcsyncthing { + handle @internal { + reverse_proxy https://192.168.1.12:8384 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @webmin host webmin.akanealw.com + handle @webmin { + handle @internal { + reverse_proxy https://192.168.1.51:10000 { + transport http { + tls_insecure_skip_verify + } + } + } + respond "ip range not allowed" + } + + @wireguardui host wireguardui.akanealw.com + handle @wireguardui { + handle @internal { + reverse_proxy 192.168.1.4:5000 + } + respond "ip range not allowed" + } + + @zabbix host zabbix.akanealw.com + handle @zabbix { + handle @internal { + reverse_proxy 192.168.1.44:8080 + } + respond "ip range not allowed" + } + + @piholewg host pihole-wg.akanealw.com + handle @piholewg { + handle @internal { + redir / /admin{uri} + reverse_proxy 192.168.1.4:3000 + } + respond "ip range not allowed" + } } @@ -693,11 +693,11 @@ auth.akanealw.com { # -------------------------------------------------- aknlw.com { - import cloudflare - @shlink host aknlw.com - handle @shlink { - reverse_proxy 192.168.1.30:8380 - } + import cloudflare + @shlink host aknlw.com + handle @shlink { + reverse_proxy 192.168.1.30:8380 + } } # -------------------------------------------------- @@ -705,6 +705,6 @@ aknlw.com { # -------------------------------------------------- repo.aknlw.com { - import cloudflare - reverse_proxy 192.168.1.50:3000 + import cloudflare + reverse_proxy 192.168.1.50:3000 }