Build [v1.14.21]
This commit is contained in:
@@ -1,41 +1,58 @@
|
||||
# TFM aInventory - Caddy Patched IP Configuration
|
||||
# Version 1.9.17 - The Dynamic Shield (Production Polish)
|
||||
# TFM aInventory - Standalone Caddy Configuration
|
||||
# Self-signed SSL/TLS reverse proxy for any IP/hostname
|
||||
{
|
||||
admin off
|
||||
local_certs
|
||||
local_certs
|
||||
skip_install_trust
|
||||
auto_https disable_redirects
|
||||
# Configure on-demand TLS for private network IPs
|
||||
on_demand_tls {
|
||||
|
||||
on_demand_tls {
|
||||
ask http://localhost:8916/
|
||||
# This allows Caddy to generate internal certs for any IP/domain.
|
||||
ask http://backend:8000/
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
|
||||
https:// {
|
||||
tls internal {
|
||||
https://:8919 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
|
||||
reverse_proxy frontend:3000
|
||||
|
||||
header {
|
||||
# Next.js HMR Support (WebSocket)
|
||||
handle /_next/webpack-hmr {
|
||||
reverse_proxy http://localhost:8917 {
|
||||
header_up Upgrade {>Upgrade}
|
||||
header_up Connection {>Connection}
|
||||
}
|
||||
}
|
||||
|
||||
reverse_proxy http://localhost:8917 {
|
||||
header_up X-Forwarded-For {remote_host}
|
||||
header_up X-Forwarded-Proto https
|
||||
header_up X-Forwarded-Host {host}
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
}
|
||||
}
|
||||
|
||||
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
|
||||
https://:444 {
|
||||
tls internal {
|
||||
https://:8918 {
|
||||
tls internal {
|
||||
on_demand
|
||||
}
|
||||
|
||||
}
|
||||
reverse_proxy http://localhost:8916 {
|
||||
header_up X-Forwarded-For {remote_host}
|
||||
header_up X-Forwarded-Proto https
|
||||
header_up X-Forwarded-Host {host}
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user