chriswin/vps-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

headscale config and caddy service

Browse Source
This commit is contained in:
debian
2025-10-22 18:15:04 +02:00
parent e19f86a87d
commit 79f7ccdf3f
3 changed files with 206 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

174
services/caddy/Caddyfile Normal file
View File

@@ -0,0 +1,174 @@
(forward_headers) {
header {
Permissions-Policy interest-cohort=()
Strict-Transport-Security "max-age=31536000; includeSubdomains"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Robots-Tag noindex, nofollow
Referrer-Policy "same-origin"
Content-Security-Policy "frame-ancestors {$public_domain }} *.{$public_domain}"
-Server
Permissions-Policy "geolocation=(self {$public_domain }} *.{$public_domain}), microphone=()"
}
}
auth.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
audiobookshelf.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
gitea.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
headscale.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
immich.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
ldap.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
linkwarden.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
mealie.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
paperless.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
radicale.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
shlink.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
stirling-pdf.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
superset.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
vaultwarden.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
vikunja.{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}
{$public_domain} {
reverse_proxy ${node_local_ip} {
transport http {
tls_insecure_skip_verify
}
}
tls {$email}
import forward_headers
}