59 lines
1.4 KiB
Caddyfile
59 lines
1.4 KiB
Caddyfile
# TFM aInventory - Standalone Caddy Configuration
|
|
# Self-signed SSL/TLS reverse proxy for any IP/hostname
|
|
{
|
|
admin off
|
|
local_certs
|
|
skip_install_trust
|
|
auto_https disable_redirects
|
|
|
|
on_demand_tls {
|
|
ask http://localhost:8916/
|
|
}
|
|
}
|
|
|
|
# Dynamic HTTPS Frontend (port 8919) - Matches ANY IP or hostname
|
|
https://:8919 {
|
|
tls internal {
|
|
on_demand
|
|
}
|
|
|
|
# Next.js HMR Support (WebSocket)
|
|
handle /_next/webpack-hmr {
|
|
reverse_proxy http://localhost:8917 {
|
|
header_up Upgrade {>Upgrade}
|
|
header_up Connection {>Connection}
|
|
}
|
|
}
|
|
|
|
reverse_proxy http://localhost:8917 {
|
|
header_up X-Forwarded-For {remote_host}
|
|
header_up X-Forwarded-Proto https
|
|
header_up X-Forwarded-Host {host}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
X-XSS-Protection "1; mode=block"
|
|
X-Frame-Options "SAMEORIGIN"
|
|
Referrer-Policy "strict-origin-when-cross-origin"
|
|
}
|
|
}
|
|
|
|
# Dynamic HTTPS Backend (port 8918) - Matches ANY IP or hostname
|
|
https://:8918 {
|
|
tls internal {
|
|
on_demand
|
|
}
|
|
|
|
reverse_proxy http://localhost:8916 {
|
|
header_up X-Forwarded-For {remote_host}
|
|
header_up X-Forwarded-Proto https
|
|
header_up X-Forwarded-Host {host}
|
|
}
|
|
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
}
|
|
}
|