cli-node-docker-atlas-lab/config/gateway/templates/Caddyfile.template at develop · d4v3-rm/cli-node-docker-atlas-lab · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
{
  auto_https disable_redirects
  log {
    output stdout
    format console
    level INFO
  }
  servers {
    protocols h1 h2
  }
}

(lab_tls) {
  tls /etc/caddy/certs/lab.crt /etc/caddy/certs/lab.key
  encode zstd gzip
  header {
    Strict-Transport-Security "max-age=31536000; includeSubDomains"
    X-Content-Type-Options "nosniff"
    Referrer-Policy "strict-origin-when-cross-origin"
  }
}

(service_proxy) {
  import lab_tls
  reverse_proxy {args[0]}
}

(guarded_proxy) {
  import lab_tls
  basic_auth {
    {args[0]} {args[1]}
  }
  reverse_proxy {args[2]} {
    header_up -Authorization
  }
}

(gitlab_proxy) {
  import lab_tls
  reverse_proxy gitlab:80 {
    header_up Host ${LAB_PUBLIC_HOST}:${GITLAB_HTTPS_PORT}
    header_up X-Forwarded-Proto https
    header_up X-Forwarded-Ssl on
    header_up X-Forwarded-Port ${GITLAB_HTTPS_PORT}
    header_up X-Forwarded-Host ${LAB_PUBLIC_HOST}:${GITLAB_HTTPS_PORT}
    header_up X-Real-IP {remote_host}
  }
}

https://${LAB_PUBLIC_HOST}:${LAB_HTTPS_PORT}, https://${LAB_GATEWAY_IP}:${LAB_HTTPS_PORT} {
  import lab_tls
  root * /srv
  try_files {path} /index.html
  file_server
}

https://${LAB_PUBLIC_HOST}:${GITLAB_HTTPS_PORT}, https://${LAB_GATEWAY_IP}:${GITLAB_HTTPS_PORT} {
  import gitlab_proxy
}

https://${LAB_PUBLIC_HOST}:${PENPOT_HTTPS_PORT}, https://${LAB_GATEWAY_IP}:${PENPOT_HTTPS_PORT} {
  import service_proxy penpot-frontend:8080
}

https://${LAB_PUBLIC_HOST}:${BOOKSTACK_HTTPS_PORT}, https://${LAB_GATEWAY_IP}:${BOOKSTACK_HTTPS_PORT} {
  import service_proxy bookstack:80
}