path: root/etc/Caddyfile

:80 {
        root * /usr/share/caddy
        file_server
}
gitrepo.ru {
        reverse_proxy git:3000
}
ci.gitrepo.ru {
        reverse_proxy woodpecker-server:8000
}
# goproxy.ru {
#       reverse_proxy localhost:8081
# }

go.neonxp.dev {
        reverse_proxy goproxy:8080
}

idec.neonxp.dev {
        reverse_proxy iigo:8080
}

neonxp.dev {
        tls i@neonxp.dev
        encode gzip
        root * /var/www/neonxp.dev/public
        file_server
        header / {
                Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
                Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
                X-Xss-Protection = "1; mode=block"
                X-Frame-Options = "DENY"
                X-Content-Type-Options = "nosniff"
                Referrer-Policy = "strict-origin-when-cross-origin"
                Permissions-Policy = "fullscreen=(self)"
                cache-control = "max-age=0,no-cache,no-store,must-revalidate"
        }
        log {
                output file /var/log/caddy/neonxp.dev/neonxp.dev.log
        }
}

timer.neonxp.dev {
        tls i@neonxp.dev
        encode gzip
        root * /var/www/timer.neonxp.dev
        file_server
        header / {
                Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
                Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
                X-Xss-Protection = "1; mode=block"
                X-Frame-Options = "DENY"
                X-Content-Type-Options = "nosniff"
                Referrer-Policy = "strict-origin-when-cross-origin"
                Permissions-Policy = "fullscreen=(self)"
                cache-control = "max-age=0,no-cache,no-store,must-revalidate"
        }
        log {
                output file /var/log/caddy/neonxp.dev/timer.neonxp.dev.log
        }
}

files.neonxp.dev {
        tls i@neonxp.dev
        encode gzip
        root * /files
        file_server {
                browse
        }
        header / {
                Content-Security-Policy = "upgrade-insecure-requests; default-src 'self'; style-src 'self'; script-src 'self'; img-src 'self'; object-src 'self'; worker-src 'self'; manifest-src 'self';"
                Strict-Transport-Security = "max-age=63072000; includeSubDomains; preload"
                X-Xss-Protection = "1; mode=block"
                X-Frame-Options = "DENY"
                X-Content-Type-Options = "nosniff"
                Referrer-Policy = "strict-origin-when-cross-origin"
                Permissions-Policy = "fullscreen=(self)"
                cache-control = "max-age=0,no-cache,no-store,must-revalidate"
        }
        log {
                output file /var/log/caddy/neonxp.dev/files.neonxp.dev.log
        }
}

1flash.ru {
        tls i@neonxp.dev
        reverse_proxy localhost:8082
}

oper2.ru {
        tls i@neonxp.dev
        redir * https://remember-botsyk.livejournal.com/ 302
}

gist.neonxp.dev {
    reverse_proxy opengist:6157
}

comments.neonxp.dev {
    reverse_proxy remark:8080
}


# https://caddyserver.com/docs/caddyfile