feat(6): add Caddy reverse proxy with SSL to standalone deployment
Complete feature parity with Docker deployment: - Caddy reverse proxy manages SSL/TLS - Ports: 8916/8917 (HTTP), 8918/8919 (HTTPS) - Self-signed certificates (development-friendly) - Automatic certificate generation via on-demand TLS - Security headers (HSTS, XSS Protection, etc.) Changes: - Created Caddyfile.standalone for localhost config - Enhanced start_servers.py with Caddy startup/monitoring - Auto-install Caddy via apt if not present - Updated status output to show both HTTP and HTTPS URLs - All three services (backend, frontend, caddy) in one launcher Both Docker and Standalone modes now have IDENTICAL capabilities: - Full production-ready SSL/TLS support - Reverse proxy with auto-certificate management - HTTPS-only capable Resolves dual-deployment equivalence requirement
This commit is contained in:
40
Caddyfile.standalone
Normal file
40
Caddyfile.standalone
Normal file
@@ -0,0 +1,40 @@
|
||||
# TFM aInventory - Standalone Caddy Configuration
|
||||
# Self-signed SSL/TLS reverse proxy for localhost deployment
|
||||
{
|
||||
admin off
|
||||
local_certs
|
||||
skip_install_trust
|
||||
|
||||
on_demand_tls {
|
||||
ask http://localhost:8916/
|
||||
}
|
||||
}
|
||||
|
||||
# HTTPS Frontend (port 8919 -> 443)
|
||||
https://localhost:8919 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
reverse_proxy localhost:8917
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
X-Content-Type-Options "nosniff"
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
}
|
||||
}
|
||||
|
||||
# HTTPS Backend (port 8918 -> 444)
|
||||
https://localhost:8918 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
reverse_proxy localhost:8916
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user