From 00a5904999725b6a2940582676e1698fdc26750f Mon Sep 17 00:00:00 2001
From: sascha <sascha@automation1.local>
Date: Thu, 9 Apr 2026 22:01:00 +0200
Subject: [PATCH] Initial: Caddy + FRP Server (WSS) + Chisel Server

---
 .gitignore   |  4 ++++
 .sops.yaml   |  3 +++
 Caddyfile    | 14 ++++++++++++++
 compose.yaml | 43 +++++++++++++++++++++++++++++++++++++++++++
 frps.toml    | 14 ++++++++++++++
 5 files changed, 78 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 .sops.yaml
 create mode 100644 Caddyfile
 create mode 100644 compose.yaml
 create mode 100644 frps.toml

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..00c10a1
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,4 @@
+.env
+.env.*
+!.env.enc
+!.env.*.enc
diff --git a/.sops.yaml b/.sops.yaml
new file mode 100644
index 0000000..672e10e
--- /dev/null
+++ b/.sops.yaml
@@ -0,0 +1,3 @@
+creation_rules:
+  - path_regex: \.env.*$
+    age: "age1z8gak2l4h0vpcnhtcdxmem2u9h2n54vuksk8ys82609qtzampuvqh50wdr"
diff --git a/Caddyfile b/Caddyfile
new file mode 100644
index 0000000..c23bcc2
--- /dev/null
+++ b/Caddyfile
@@ -0,0 +1,14 @@
+test.sascha-lutz.de {
+    reverse_proxy localhost:18097 {
+        flush_interval -1
+        transport http {
+            read_buffer 64kb
+        }
+    }
+    log {
+        output file /var/log/caddy/test.sascha-lutz.de.log {
+            roll_size 50MiB
+            roll_keep 3
+        }
+    }
+}
diff --git a/compose.yaml b/compose.yaml
new file mode 100644
index 0000000..0cce582
--- /dev/null
+++ b/compose.yaml
@@ -0,0 +1,43 @@
+networks:
+  proxy_network:
+    name: test_proxy_network
+
+services:
+  caddy:
+    image: caddy:latest
+    container_name: caddy
+    restart: unless-stopped
+    ports:
+      - "80:80"
+      - "443:443"
+      - "443:443/udp"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - /app-config/caddy/data:/data
+      - /app-config/caddy/logs:/var/log/caddy
+    networks:
+      - proxy_network
+
+  frps:
+    image: snowdreamtech/frps:0.68.0
+    container_name: frps
+    restart: unless-stopped
+    ports:
+      - "7000:7000"
+      - "18097:18097"
+      - "127.0.0.1:7500:7500"
+    volumes:
+      - ./frps.toml:/etc/frp/frps.toml:ro
+    entrypoint: ["/usr/bin/frps", "-c", "/etc/frp/frps.toml"]
+    networks:
+      - proxy_network
+
+  chisel:
+    image: jpillora/chisel:latest
+    container_name: chisel
+    restart: unless-stopped
+    ports:
+      - "8443:8443"
+    command: ["server", "--port", "8443", "--auth", "pfannkuchen:test2026", "--reverse"]
+    networks:
+      - proxy_network
diff --git a/frps.toml b/frps.toml
new file mode 100644
index 0000000..ff29a29
--- /dev/null
+++ b/frps.toml
@@ -0,0 +1,14 @@
+bindPort = 7000
+
+auth.method = "token"
+auth.token = "pfannkuchen-test-2026"
+
+webServer.addr = "0.0.0.0"
+webServer.port = 7500
+webServer.user = "admin"
+webServer.password = "test2026"
+
+transport.tcpMux = true
+
+log.to = "console"
+log.level = "info"