0a10077c63
- caddy v1 requires a path in the header directive - msisd has been replaced in favour of ma1sd
32 lines
872 B
Plaintext
32 lines
872 B
Plaintext
https://matrix.DOMAIN {
|
|
# If you use your own certificates, your path may differ
|
|
# If you wish to use Caddy's built-in Let's Encrypt support, you can also supply an email address here
|
|
tls /matrix/ssl/config/live/matrix.DOMAIN/fullchain.pem /matrix/ssl/config/live/matrix.DOMAIN/privkey.pem
|
|
|
|
root /matrix/static-files
|
|
|
|
header / {
|
|
Access-Control-Allow-Origin *
|
|
Strict-Transport-Security "mag=age=31536000;"
|
|
X-Frame-Options "DENY"
|
|
X-XSS-Protection "1; mode=block"
|
|
}
|
|
|
|
# Identity server traffic
|
|
proxy /_matrix/identity matrix-ma1sd:8090 {
|
|
transparent
|
|
}
|
|
proxy /_matrix/client/r0/user_directory/search matrix-ma1sd:8090 {
|
|
transparent
|
|
}
|
|
|
|
# Synapse Client<>Server API
|
|
proxy /_matrix matrix-synapse:8008 {
|
|
transparent
|
|
except /_matrix/identity/ /_matrix/client/r0/user_directory/search
|
|
}
|
|
proxy /_synapse/client matrix-synapse:8008 {
|
|
transparent
|
|
}
|
|
}
|