updated reverse proxies for tls
This commit is contained in:
root
92
Caddyfile
92
Caddyfile
@@ -55,8 +55,6 @@
|
||||
}
|
||||
}
|
||||
|
||||
# --- SERVICES ---
|
||||
|
||||
auth.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.107:9091 {
|
||||
@@ -64,95 +62,41 @@ auth.poppyglen.cc {
|
||||
}
|
||||
}
|
||||
|
||||
# ... (Your Internal .lan services remain unchanged) ...
|
||||
gitea.home.lan {
|
||||
tls internal
|
||||
reverse_proxy 192.168.0.109:3000
|
||||
}
|
||||
|
||||
dns.home.lan {
|
||||
tls internal
|
||||
reverse_proxy 192.168.0.101:5380
|
||||
}
|
||||
|
||||
wireguard.home.lan {
|
||||
tls internal
|
||||
wireguard.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.102:10086
|
||||
}
|
||||
|
||||
nb.home.lan {
|
||||
tls internal
|
||||
nb.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.111:8888
|
||||
}
|
||||
|
||||
chat.home.lan {
|
||||
tls internal
|
||||
chat.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.110:8080
|
||||
}
|
||||
|
||||
vault.home.lan {
|
||||
tls internal
|
||||
reverse_proxy 192.168.0.104:8000
|
||||
}
|
||||
|
||||
authelia.home.lan {
|
||||
tls internal
|
||||
reverse_proxy 192.168.0.107:9091
|
||||
}
|
||||
|
||||
search.home.lan {
|
||||
tls internal
|
||||
search.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.112:8888
|
||||
}
|
||||
|
||||
ldap.home.lan {
|
||||
tls internal
|
||||
reverse_proxy 192.168.0.126:17170
|
||||
}
|
||||
|
||||
cloud.home.lan {
|
||||
tls internal
|
||||
|
||||
# ENABLE WAF HERE (If you want it on internal Nextcloud)
|
||||
# import nextcloud_waf
|
||||
|
||||
request_body {
|
||||
max_size 10G
|
||||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains;"
|
||||
Referrer-Policy no-referrer
|
||||
X-Content-Type-Options nosniff
|
||||
X-Download-Options noopen
|
||||
X-Frame-Options SAMEORIGIN
|
||||
X-Permitted-Cross-Domain-Policies none
|
||||
X-Robots-Tag "noindex,nofollow"
|
||||
X-XSS-Protection "1; mode=block"
|
||||
Permissions-Policy "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()"
|
||||
}
|
||||
|
||||
route {
|
||||
handle_path /index.php/apps/memories/static/go-vod/* {
|
||||
reverse_proxy 192.168.0.115:8080
|
||||
}
|
||||
|
||||
handle_path /whiteboard/* {
|
||||
reverse_proxy 192.168.0.113:3002
|
||||
}
|
||||
|
||||
reverse_proxy 192.168.0.122:80 {
|
||||
header_up Host {host}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# This is the domain providing the certs for your LDAP container!
|
||||
ldap.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.126:17170
|
||||
}
|
||||
|
||||
gitea.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.109:3000
|
||||
}
|
||||
|
||||
dns.poppyglen.cc {
|
||||
import internal_tls
|
||||
reverse_proxy 192.168.0.101:5380
|
||||
}
|
||||
|
||||
immich.poppyglen.cc {
|
||||
route {
|
||||
# 1. Authelia Check
|
||||
|
||||
Reference in New Issue
Block a user