Added example Caddyfiles for the containers
This commit is contained in:
parent
9c401efb2d
commit
265dc2949d
46
examples/caddy/Caddyfile
Executable file
46
examples/caddy/Caddyfile
Executable file
|
@ -0,0 +1,46 @@
|
|||
https://matrix.finallycoffee.eu {
|
||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||
root /matrix_static
|
||||
header / {
|
||||
Access-Control-Allow-Origin *
|
||||
Strict-Transport-Security "max-age=31536000;"
|
||||
X-Frame-Options "DENY"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
}
|
||||
proxy /_matrix/identity matrix-mxisd:8090 {
|
||||
transparent
|
||||
}
|
||||
proxy /_matrix matrix-synapse:8008 {
|
||||
transparent
|
||||
}
|
||||
}
|
||||
|
||||
https://dimension.matrix.finallycoffee.eu {
|
||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||
header / {
|
||||
Access-Control-Allow-Origin *
|
||||
}
|
||||
proxy / http://matrix-dimension:8184 {
|
||||
transparent
|
||||
header_upstream X-Forwarded-For {remote}
|
||||
header_upstream Host {host}
|
||||
websocket
|
||||
}
|
||||
}
|
||||
|
||||
https://chat.finallycoffee.eu {
|
||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||
proxy / matrix-riot-web:8080 {
|
||||
transparent
|
||||
}
|
||||
}
|
||||
|
||||
# Federation listens on all IPs because older Synapse versions do not support SNI
|
||||
https://:8448 {
|
||||
tls /tls_certs/finallycoffee.eu/fullchain.pem /tls_certs/finallycoffee.eu/privkey.pem
|
||||
proxy /_matrix matrix-synapse:8048 {
|
||||
transparent
|
||||
}
|
||||
}
|
||||
|
||||
|
7
examples/caddy/matrix-dimension
Normal file
7
examples/caddy/matrix-dimension
Normal file
|
@ -0,0 +1,7 @@
|
|||
https://dimension.DOMAIN {
|
||||
tls /matrix/ssl/config/live/dimension.DOMAIN/fullchain.pem /matrix/ssl/config/live/dimension.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8134/ {
|
||||
transparent
|
||||
}
|
||||
}
|
7
examples/caddy/matrix-riot-web
Normal file
7
examples/caddy/matrix-riot-web
Normal file
|
@ -0,0 +1,7 @@
|
|||
https://riot.DOMAIN {
|
||||
tls /matrix/ssl/config/live/riot.DOMAIN/fullchain.pem /matrix/ssl/config/live/riot.DOMAIN/privkey.pem
|
||||
|
||||
proxy / http://127.0.0.1:8765 {
|
||||
transparent
|
||||
}
|
||||
}
|
26
examples/caddy/matrix-synapse
Normal file
26
examples/caddy/matrix-synapse
Normal file
|
@ -0,0 +1,26 @@
|
|||
https://matrix.DOMAIN {
|
||||
tls /matrix/ssl/config/live/matrix.DOMAIN/fullchain.pem /matrix/ssl/config/live/matrix.DOMAIN/privkey.pem
|
||||
|
||||
root /matrix/static-files
|
||||
|
||||
header {
|
||||
Access-Control-Allow-Origin *
|
||||
Strict-Transport-Security "mag=age=31536000;"
|
||||
X-Frame-Options "DENY"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
}
|
||||
|
||||
proxy /_matrix/identity matrix-msisd:8090 {
|
||||
transparent
|
||||
}
|
||||
|
||||
proxy /_matrix/client/r0/user_directory/search matrix-msisd:8090 {
|
||||
transparent
|
||||
}
|
||||
|
||||
proxy / matrix-synapse:8008 {
|
||||
transparent
|
||||
without /.well-known/ /_matrix/identity/ /_matrix/client/r0/user_directory/search
|
||||
}
|
||||
|
||||
}
|
7
examples/caddy/matrix-util
Normal file
7
examples/caddy/matrix-util
Normal file
|
@ -0,0 +1,7 @@
|
|||
:80 {
|
||||
# Redirect ACME-Challenge traffic to port 2402
|
||||
proxy /.well-known/acme-challenge http://127.0.0.1:2402
|
||||
|
||||
# Redirect all other traffic to HTTPS
|
||||
redir / https://{host}{uri} 301
|
||||
}
|
Loading…
Reference in a new issue