lab-ansible/roles/proxy/templates/caddy/Caddyfile.j2

153 lines
3.3 KiB
Caddyfile
Raw Normal View History

2023-12-29 18:07:08 +00:00
{# code: language=ansible-jinja #}
# THIS FILE IS MANAGED BY ANSIBLE
2023-12-31 17:37:20 +00:00
{% for env in proxy_environments %}
2023-12-31 17:20:28 +00:00
# BEGIN Environment: {{ env }}
2023-12-22 20:57:19 +00:00
2024-02-04 17:03:15 +00:00
cloud.{{ proxy_vars[env].app01.base_domain }} {
2023-12-22 20:57:19 +00:00
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
2023-12-22 20:57:19 +00:00
-Server
}
2023-12-31 17:37:20 +00:00
{% if env == 'production' %}
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
{% else %}
2023-12-22 20:57:19 +00:00
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
2023-12-31 17:37:20 +00:00
{% endif %}
2023-12-22 20:57:19 +00:00
}
2024-02-04 17:03:15 +00:00
ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
*.ipfs.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }},
*.ipns.ipfs-gateway.{{ proxy_vars[env].app01.base_domain }} {
2023-12-22 20:57:19 +00:00
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
2023-12-22 20:57:19 +00:00
-Server
}
{% if env == 'production' %}
2023-12-22 20:57:19 +00:00
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
{% else %}
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
{% endif %}
2023-12-22 20:57:19 +00:00
}
2024-02-04 17:03:15 +00:00
ipfs.local.{{ proxy_vars[env].app01.base_domain }} {
2023-12-22 20:57:19 +00:00
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
2023-12-22 20:57:19 +00:00
-Server
}
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
}
2024-03-02 21:36:05 +00:00
joplin.{{ proxy_vars[env].app01.base_domain }} {
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
-Server
}
{% if env == 'production' %}
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
{% else %}
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
{% endif %}
}
2024-02-10 21:36:48 +00:00
meet.{{ proxy_vars[env].app01.base_domain }} {
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
-Server
}
{% if env == 'production' %}
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
{% else %}
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
{% endif %}
}
2024-02-04 17:03:15 +00:00
xmr.local.{{ proxy_vars[env].app01.base_domain }} {
2023-12-27 18:26:29 +00:00
tls {{ tls_email }} {
dns njalla {{ njalla_api_token }}
}
2023-12-22 20:57:19 +00:00
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains"
2023-12-22 20:57:19 +00:00
-Server
}
@local {
remote_ip {{ proxy_trusted_subnets | join(' ') }}
}
handle @local {
reverse_proxy {{ proxy_vars[env].app01.internal_ipv4 }}:8080
}
respond 403
2023-12-22 20:57:19 +00:00
}
2023-12-31 17:20:28 +00:00
# END Environment: {{ env }}
2023-12-22 20:57:19 +00:00
{% endfor %}