Adds example for Caddy2 Caddyfile

2020-09-12 10:52:25 +02:00 · 2020-09-12 10:52:25 +02:00 · abf70f7772
parent 5bb2c43502
commit abf70f7772
2 changed files with 126 additions and 0 deletions
--- a/.DS_Store
+++ b/.DS_Store
--- a/examples/caddy2/Caddyfile
+++ b/examples/caddy2/Caddyfile
@ -0,0 +1,126 @@
+matrix.DOMAIN.tld {
+
+  tls {$CADDY_TLS}
+
+  @identity {
+        path /_matrix/identity/*
+  }
+
+  @noidentity {
+        not path /_matrix/identity/*
+  }
+
+  @search {
+        path /_matrix/client/r0/user_directory/search/*
+  }
+
+  @nosearch {
+        not path /_matrix/client/r0/user_directory/search/*
+  }
+
+  @static {
+        path /matrix/static-files/*
+  }
+
+  @nostatic {
+        not path /matrix/static-files/*
+  }
+
+  header {
+          Access-Control-Allow-Origin *
+          Strict-Transport-Security "mag=age=31536000;"
+          X-Frame-Options "DENY"
+                                                                                                                                                                                                                      167,9         79%
+          Strict-Transport-Security "mag=age=31536000;"
+          X-Frame-Options "DENY"
+          X-XSS-Protection "1; mode=block"
+  }
+
+  # Cache
+  header @static {
+        # Cache
+    Cache-Control "public, max-age=31536000"
+    defer
+  }
+
+  # identity
+  handle @identity {
+        reverse_proxy localhost:8090/_matrix/identity  {
+               header_up X-Forwarded-Port {http.request.port}
+               header_up X-Forwarded-Proto {http.request.scheme}
+               header_up X-Forwarded-TlsProto {tls_protocol}
+               header_up X-Forwarded-TlsCipher {tls_cipher}
+               header_up X-Forwarded-HttpsProto {proto}
+        }
+  }
+
+  # search
+  handle @search {
+        reverse_proxy localhost:8090/_matrix/client/r0/user_directory/search   {
+               header_up X-Forwarded-Port {http.request.port}
+               header_up X-Forwarded-Proto {http.request.scheme}
+               header_up X-Forwarded-TlsProto {tls_protocol}
+               header_up X-Forwarded-TlsCipher {tls_cipher}
+               header_up X-Forwarded-HttpsProto {proto}
+        }
+  }
+
+  handle {
+        encode zstd gzip
+
+        reverse_proxy localhost:8008  {
+               header_up X-Forwarded-Port {http.request.port}
+               header_up X-Forwarded-Proto {http.request.scheme}
+               header_up X-Forwarded-TlsProto {tls_protocol}
+               header_up X-Forwarded-TlsCipher {tls_cipher}
+               header_up X-Forwarded-HttpsProto {proto}
+        }
+  }
+}
+
+:8448 {
+	handle {
+        	encode zstd gzip
+
+        	reverse_proxy localhost:8448 {
+               		header_up X-Forwarded-Port {http.request.port}
+               		header_up X-Forwarded-Proto {http.request.scheme}
+               		header_up X-Forwarded-TlsProto {tls_protocol}
+               		header_up X-Forwarded-TlsCipher {tls_cipher}
+               		header_up X-Forwarded-HttpsProto {proto}
+        	}
+  	}
+}
+
+dimension.DOMAIN.tld {
+
+        tls {$CADDY_TLS}
+
+    	handle {
+        	encode zstd gzip
+
+        	reverse_proxy localhost:8184  {
+               		header_up X-Forwarded-Port {http.request.port}
+               		header_up X-Forwarded-Proto {http.request.scheme}
+               		header_up X-Forwarded-TlsProto {tls_protocol}
+               		header_up X-Forwarded-TlsCipher {tls_cipher}
+               		header_up X-Forwarded-HttpsProto {proto}
+        	}
+  	}
+}
+
+element.DOMAIN.tld {
+
+        tls {$CADDY_TLS}
+
+        handle {
+              encode zstd gzip
+
+              reverse_proxy localhost:8765 {
+                     header_up X-Forwarded-Port {http.request.port}
+                     header_up X-Forwarded-Proto {http.request.scheme}
+                     header_up X-Forwarded-TlsProto {tls_protocol}
+                     header_up X-Forwarded-TlsCipher {tls_cipher}
+                     header_up X-Forwarded-HttpsProto {proto}
+        }
+}