# TFM aInventory - Standalone Caddy Configuration # Self-signed SSL/TLS reverse proxy for localhost deployment { admin off local_certs skip_install_trust on_demand_tls { ask http://localhost:8916/ } } # HTTPS Frontend (port 8919 -> 443) https://localhost:8919 { tls internal { on_demand } reverse_proxy localhost:8917 header { Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" X-XSS-Protection "1; mode=block" X-Content-Type-Options "nosniff" X-Frame-Options "SAMEORIGIN" Referrer-Policy "strict-origin-when-cross-origin" } } # HTTPS Backend (port 8918 -> 444) https://localhost:8918 { tls internal { on_demand } reverse_proxy localhost:8916 header { Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" } }