From 2c5fbf845a4e7bb1f155fefe234d9466ea1b6c37 Mon Sep 17 00:00:00 2001 From: Stanislav Hubacek Date: Sat, 4 Apr 2026 23:59:18 +0200 Subject: [PATCH] cajk --- Caddyfile.wrapper | 25 +++++++++++++++++++++++++ services/albrecht-podlahy.yml | 6 ++++++ services/bistrousky.yml | 5 +++++ services/grafana.yml | 6 ++++++ services/sapmini.yml | 9 +++++++++ templates/proxy.caddy.j2 | 23 +++++++++++++++++++++++ templates/static.caddy.j2 | 7 +++++++ 7 files changed, 81 insertions(+) diff --git a/Caddyfile.wrapper b/Caddyfile.wrapper index e69de29..9110a50 100644 --- a/Caddyfile.wrapper +++ b/Caddyfile.wrapper @@ -0,0 +1,25 @@ +{ + email hubacek.s@gmail.com + acme_ca https://acme-v02.api.letsencrypt.org/directory +} + +(common_headers) { + header { + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" + X-Content-Type-Options "nosniff" + X-Frame-Options "DENY" + X-XSS-Protection "1; mode=block" + } +} + +(common_auth) { + basicauth { + Standa {$BASIC_AUTH_HASH} + } +} + +www.hubacek.cloud { + redir https://hubacek.cloud{uri} permanent +} + +import /opt/homelab/generated/caddy/* \ No newline at end of file diff --git a/services/albrecht-podlahy.yml b/services/albrecht-podlahy.yml index e69de29..6b48a77 100644 --- a/services/albrecht-podlahy.yml +++ b/services/albrecht-podlahy.yml @@ -0,0 +1,6 @@ +name: albrecht-podlahy +type: proxy +domain: albrecht-podlahy.hubacek.cloud +headers: true +auth: false +backend: 192.168.50.117:80 \ No newline at end of file diff --git a/services/bistrousky.yml b/services/bistrousky.yml index e69de29..ddab492 100644 --- a/services/bistrousky.yml +++ b/services/bistrousky.yml @@ -0,0 +1,5 @@ +name: bistrousky +type: static +domain: bistrousky.hubacek.cloud +headers: true +root: /var/www/html \ No newline at end of file diff --git a/services/grafana.yml b/services/grafana.yml index e69de29..2419cfd 100644 --- a/services/grafana.yml +++ b/services/grafana.yml @@ -0,0 +1,6 @@ +name: grafana +type: proxy +domain: grafana.hubacek.cloud +headers: true +auth: true +backend: 192.168.50.91:3000 \ No newline at end of file diff --git a/services/sapmini.yml b/services/sapmini.yml index e69de29..eb8e7f6 100644 --- a/services/sapmini.yml +++ b/services/sapmini.yml @@ -0,0 +1,9 @@ +name: sapmini +type: proxy +domain: sapmini.hubacek.cloud +headers: true +auth: true +backend: 192.168.50.102:3001 +real_ip: true +health_uri: /api/health +health_interval: 30s \ No newline at end of file diff --git a/templates/proxy.caddy.j2 b/templates/proxy.caddy.j2 index e69de29..b315c99 100644 --- a/templates/proxy.caddy.j2 +++ b/templates/proxy.caddy.j2 @@ -0,0 +1,23 @@ +{{ domain }} { +{% if headers %} + import common_headers +{% endif %} +{% if auth %} + import common_auth +{% endif %} +{% if reverse_proxy_block %} + reverse_proxy {{ backend }} { +{% if real_ip %} + header_up X-Real-IP {remote_host} +{% endif %} +{% if health_uri %} + health_uri {{ health_uri }} +{% endif %} +{% if health_interval %} + health_interval {{ health_interval }} +{% endif %} + } +{% else %} + reverse_proxy {{ backend }} +{% endif %} +} \ No newline at end of file diff --git a/templates/static.caddy.j2 b/templates/static.caddy.j2 index e69de29..173af4d 100644 --- a/templates/static.caddy.j2 +++ b/templates/static.caddy.j2 @@ -0,0 +1,7 @@ +{{ domain }} { +{% if headers %} + import common_headers +{% endif %} + root * {{ root }} + file_server +} \ No newline at end of file