forked from waldur/waldur-docker-compose
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCaddyfile
38 lines (33 loc) · 1.65 KB
/
Caddyfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
{
default_sni {$VIRTUAL_HOST}
}
{$VIRTUAL_HOST} {
tls {$TLS}
reverse_proxy /* http://waldur-homeport {
header_down X-Frame-Options DENY
header_down Content-Security-Policy "base-uri 'self'; object-src 'none'; media-src 'none'; script-src 'self' www.google-analytics.com sentry.opnd.org; style-src 'self' 'unsafe-inline'; img-src 'self' www.google-analytics.com *.gravatar.com *.tile.openstreetmap.org {$VIRTUAL_HOST} blob: data: ; connect-src 'self' {$VIRTUAL_HOST} nominatim.openstreetmap.org:443 sentry.opnd.org:443 sentry.opnd.org:80; font-src 'self' data: ; frame-src 'none'; frame-ancestors 'none'"
header_down Strict-Transport-Security max-age=31536000 always
header_down -Server
}
reverse_proxy /api/* http://waldur-mastermind-api:80 {
# for 4xx codes caddy doesn't return CORS headers which breaks authentication redirects
header_down Access-Control-Allow-Origin "{header.origin}"
}
reverse_proxy /api-auth/* http://waldur-mastermind-api:80
reverse_proxy /docs/* http://waldur-mastermind-api:80
reverse_proxy /admin/* http://waldur-mastermind-api:80
reverse_proxy /static/* http://waldur-mastermind-api:80
reverse_proxy /media/* http://waldur-mastermind-api:80
reverse_proxy /apidocs/* http://waldur-mastermind-api:80
reverse_proxy /health-check/* http://waldur-mastermind-api:80
reverse_proxy /auth/* http://keycloak:8080
route /rmqws {
rewrite /rmqws /ws
reverse_proxy http://waldur-queue:15675 {
header_up Host {host}
header_up X-Forwarded-For {remote}
header_up X-Real-IP {remote}
}
}
import /etc/caddy-includes/*.conf
}