2022-03-16 12:11:30 +01:00
|
|
|
{
|
2023-02-11 17:23:57 +01:00
|
|
|
# disable unwanted stuff
|
2022-03-16 12:11:30 +01:00
|
|
|
admin off
|
2023-02-11 17:23:57 +01:00
|
|
|
skip_install_trust
|
2022-03-16 12:11:30 +01:00
|
|
|
# define the ports by the environment variables
|
|
|
|
|
http_port {$HTTP_PORT}
|
|
|
|
|
https_port {$HTTPS_PORT}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-11 18:04:52 +01:00
|
|
|
{$CADDY_HOST} {
|
2022-03-16 12:11:30 +01:00
|
|
|
# the tls certificates
|
2023-02-11 17:23:57 +01:00
|
|
|
tls {$DATADIR}/tls/server.pem {$DATADIR}/tls/server-key.pem
|
2022-03-16 12:11:30 +01:00
|
|
|
route {
|
2023-02-11 17:23:57 +01:00
|
|
|
# profile pictures
|
|
|
|
|
file_server /profilepictures/* {
|
|
|
|
|
root {$DATADIR}/profilepictures/..
|
|
|
|
|
}
|
2022-03-16 12:11:30 +01:00
|
|
|
# static files
|
|
|
|
|
file_server /static/* {
|
2023-02-11 17:23:57 +01:00
|
|
|
root {$DATADIR}/static/..
|
2022-03-16 12:11:30 +01:00
|
|
|
}
|
|
|
|
|
# favicon
|
|
|
|
|
redir /favicon.ico /static/favicon.ico
|
|
|
|
|
# reverse proxy to the (django) application
|
2023-02-11 17:23:57 +01:00
|
|
|
reverse_proxy localhost:{$APPLICATION_PORT}
|
|
|
|
|
# set additional security headers
|
|
|
|
|
header Content-Security-Policy "default-src 'self'"
|
2022-03-16 12:11:30 +01:00
|
|
|
}
|
|
|
|
|
# use compression
|
|
|
|
|
encode gzip
|
|
|
|
|
# logging
|
|
|
|
|
log {
|
2023-02-11 17:23:57 +01:00
|
|
|
output file {$ACCESS_LOG}
|
2022-03-16 12:11:30 +01:00
|
|
|
format filter {
|
|
|
|
|
wrap console
|
|
|
|
|
fields {
|
|
|
|
|
common_log delete
|
|
|
|
|
request>headers delete
|
|
|
|
|
request>tls delete
|
|
|
|
|
user_id delete
|
|
|
|
|
resp_headers delete
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
level INFO
|
|
|
|
|
}
|
|
|
|
|
}
|
