Added example Caddyfiles for the containers

This commit is contained in:
jreichmann 2019-04-16 19:36:03 +02:00
parent 9c401efb2d
commit 265dc2949d
No known key found for this signature in database
GPG key ID: 03624C433676E465
5 changed files with 93 additions and 0 deletions

46
examples/caddy/Caddyfile Executable file
View file

@ -0,0 +1,46 @@
https://matrix.finallycoffee.eu {
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
root /matrix_static
header / {
Access-Control-Allow-Origin *
Strict-Transport-Security "max-age=31536000;"
X-Frame-Options "DENY"
X-XSS-Protection "1; mode=block"
}
proxy /_matrix/identity matrix-mxisd:8090 {
transparent
}
proxy /_matrix matrix-synapse:8008 {
transparent
}
}
https://dimension.matrix.finallycoffee.eu {
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
header / {
Access-Control-Allow-Origin *
}
proxy / http://matrix-dimension:8184 {
transparent
header_upstream X-Forwarded-For {remote}
header_upstream Host {host}
websocket
}
}
https://chat.finallycoffee.eu {
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
proxy / matrix-riot-web:8080 {
transparent
}
}
# Federation listens on all IPs because older Synapse versions do not support SNI
https://:8448 {
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
proxy /_matrix matrix-synapse:8048 {
transparent
}
}

View file

@ -0,0 +1,7 @@
https://dimension.DOMAIN {
tls /matrix/ssl/config/live/dimension.DOMAIN/fullchain.pem /matrix/ssl/config/live/dimension.DOMAIN/privkey.pem
proxy / http://127.0.0.1:8134/ {
transparent
}
}

View file

@ -0,0 +1,7 @@
https://riot.DOMAIN {
tls /matrix/ssl/config/live/riot.DOMAIN/fullchain.pem /matrix/ssl/config/live/riot.DOMAIN/privkey.pem
proxy / http://127.0.0.1:8765 {
transparent
}
}

View file

@ -0,0 +1,26 @@
https://matrix.DOMAIN {
tls /matrix/ssl/config/live/matrix.DOMAIN/fullchain.pem /matrix/ssl/config/live/matrix.DOMAIN/privkey.pem
root /matrix/static-files
header {
Access-Control-Allow-Origin *
Strict-Transport-Security "mag=age=31536000;"
X-Frame-Options "DENY"
X-XSS-Protection "1; mode=block"
}
proxy /_matrix/identity matrix-msisd:8090 {
transparent
}
proxy /_matrix/client/r0/user_directory/search matrix-msisd:8090 {
transparent
}
proxy / matrix-synapse:8008 {
transparent
without /.well-known/ /_matrix/identity/ /_matrix/client/r0/user_directory/search
}
}

View file

@ -0,0 +1,7 @@
:80 {
# Redirect ACME-Challenge traffic to port 2402
proxy /.well-known/acme-challenge http://127.0.0.1:2402
# Redirect all other traffic to HTTPS
redir / https://{host}{uri} 301
}