fix(6): make Caddy listen on any IP/hostname for HTTPS

Changed from localhost-specific to wildcard listening:
  - https://:8918 (any IP on port 8918) → backend
  - https://:8919 (any IP on port 8919) → frontend

On-demand TLS generates certificates for any accessing IP/hostname
Self-signed certs now work via:
  - localhost
  - 127.0.0.1
  - 192.168.x.x (or any IP on network)
  - Any hostname

Tested and verified working via 192.168.84.131:8919
This commit is contained in:
2026-04-22 19:23:12 +03:00
parent e664215ab8
commit 0deef7f601

View File

@@ -1,5 +1,5 @@
# TFM aInventory - Standalone Caddy Configuration
# Self-signed SSL/TLS reverse proxy for localhost deployment
# Self-signed SSL/TLS reverse proxy for any IP/hostname
{
admin off
local_certs
@@ -11,8 +11,8 @@
}
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
https://localhost:8919 {
tls internal {
https://:8919 {
tls internal {
on_demand
}
reverse_proxy localhost:8917
@@ -27,8 +27,8 @@ https://localhost:8919 {
}
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
https://localhost:8918 {
tls internal {
https://:8918 {
tls internal {
on_demand
}
reverse_proxy localhost:8916