54 lines
1.1 KiB
Caddyfile
54 lines
1.1 KiB
Caddyfile
{
|
|
# disable unwanted stuff
|
|
admin off
|
|
skip_install_trust
|
|
# define the ports by the environment variables
|
|
http_port {$HTTP_PORT}
|
|
https_port {$HTTPS_PORT}
|
|
}
|
|
|
|
{$CADDY_HOSTS} {
|
|
# the tls certificates
|
|
# tls {$DATADIR}/tls/server.pem {$DATADIR}/tls/server-key.pem
|
|
tls internal
|
|
route {
|
|
# profile pictures
|
|
file_server /profilepictures/* {
|
|
root {$DATADIR}/profilepictures/..
|
|
}
|
|
# static files
|
|
file_server /static/* {
|
|
root {$ROOTDIR}
|
|
}
|
|
# django static files
|
|
file_server /django_static/* {
|
|
root {$DATADIR}/django_static/..
|
|
}
|
|
# favicon
|
|
redir /favicon.ico /static/favicon.ico
|
|
# reverse proxy to the (django) application
|
|
reverse_proxy localhost:{$APPLICATION_PORT}
|
|
# set additional security headers
|
|
header Content-Security-Policy "default-src 'self'"
|
|
}
|
|
# use compression
|
|
encode gzip
|
|
# logging
|
|
log {
|
|
output file {$ACCESS_LOG}
|
|
format filter {
|
|
wrap json {
|
|
time_format rfc3339
|
|
}
|
|
fields {
|
|
request>headers delete
|
|
request>tls delete
|
|
request>remote_ip hash
|
|
request>remote_port delete
|
|
user_id delete
|
|
resp_headers delete
|
|
}
|
|
}
|
|
level INFO
|
|
}
|
|
}
|