diff --git a/proxy/Caddyfile b/proxy/Caddyfile deleted file mode 100644 index 976e793..0000000 --- a/proxy/Caddyfile +++ /dev/null @@ -1,258 +0,0 @@ -{ - metrics - admin :2019 - log { - output file /var/log/caddy/caddy_main.log { - roll_size 100MiB - roll_keep 5 - roll_keep_for 100d - } - format json - level INFO - } -} - -(emby_config) { - log { - output file "/var/log/caddy/{args[0]}.log" { - roll_size 100MiB - roll_keep 5 - roll_keep_for 100d - } - format json - } - @compress { - header Content-Type text/* - header Content-Type application/json* - header Content-Type application/javascript* - header Content-Type image/svg+xml - } - encode @compress zstd gzip - reverse_proxy {args[1]} { - flush_interval -1 - header_up X-Accel-Buffering "no" - } - header { - Access-Control-Allow-Origin * - Cache-Control "no-cache, no-transform" - defer - } -} - - -tv.sascha-lutz.de { - import emby_config tv.sascha-lutz.de 10.6.1.103:8096 -} - -guck.tv { - import emby_config guck.tv 10.7.1.106:8096 -} - -netzflix.org { - import emby_config netzflix.org 10.6.1.103:9096 -} - - -vault.sascha-lutz.de { - reverse_proxy vaultwarden -} - -auth.sascha-lutz.de { - reverse_proxy 10.5.85.5:9000 -} - -home.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy homepage:3000 -} - -grafana.sascha-lutz.de { - reverse_proxy 10.1.1.111:3000 -} - -patchmon.sascha-lutz.de { - reverse_proxy 10.4.1.116:3100 -} - -tesla.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy 10.1.1.111:4000 -} - - -influx.sascha-lutz.de { - reverse_proxy 10.1.1.111:8086 -} - -status.guck.tv { - @root path / - rewrite @root /status/emby - - reverse_proxy 10.200.200.254:3001 { - header_up Host {host} - } -} - -plappern.com { - request_body { - max_size 500MB - } - - handle /.well-known/matrix/server { - header Content-Type application/json - respond `{"m.server":"plappern.com:443"}` 200 - } - - handle /.well-known/matrix/client { - header Content-Type application/json - header Access-Control-Allow-Origin * - respond `{"m.homeserver":{"base_url":"https://plappern.com"},"m.identity_server":{"base_url":"https://vector.im"}}` 200 - } - - reverse_proxy 10.4.1.110:8008 -} - -web.plappern.com { - reverse_proxy 10.4.1.110:8080 -} - -plappern.com:8448 { - reverse_proxy 10.4.1.110:8008 -} - -docker.sascha-lutz.de { - reverse_proxy 10.4.1.116:3000 -} - -chat.plappern.com { - reverse_proxy 10.4.1.110:8090 -} -n8n.sascha-lutz.de { - reverse_proxy 10.4.1.113:5678 -} - -dl.guck.tv { - reverse_proxy 10.2.1.100:5055 { - header_up Host {host} - header_up X-Real-IP {remote_host} - # Optional: Timeout-Werte anpassen, falls nötig (z.B. für große Mediendateien) - transport http { - dial_timeout 10s - read_timeout 30s - } - } -} - -immich.sascha-lutz.de { - reverse_proxy 10.4.1.107:2283 - handle { - request_body { - max_size 64GB - } - } -} - -# Proxmox VE Nodes - HTTPS Reverse Proxy (vermeidet selbst-signierte Zertifikat-Warnungen) -pve1.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.11:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve2.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.12:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve3.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.13:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve4.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.14:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve5.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.15:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve6.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.16:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - -pve7.sascha-lutz.de { - forward_auth 10.5.85.5:9000 { - uri /outpost.goauthentik.io/auth/caddy - copy_headers X-authentik-username X-authentik-groups X-authentik-email X-authentik-name X-authentik-uid - trusted_proxies private_ranges - } - reverse_proxy https://10.5.85.17:8006 { - transport http { - tls_insecure_skip_verify - } - } -} - - -wiki.sascha-lutz.de { - reverse_proxy 10.1.1.100:3000 -}