2025-04-24 13:37:59 +02:00
4 changed files with 142 additions and 0 deletions
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -0,0 +1,76 @@
 git.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.194:8418
 }
 guac.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:6080
 }
 rss.home.domroese.eu {
    tls soenke@domroese.eu
    reverse_proxy 192.168.1.65:8884
 }
 morphos.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:8020
 }
 uptimekuma.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:8030
 }
 kopia.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:51515
 }
 jenkins.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:8040
 }
 pihole.home.domroese.eu {
    tls soenke@domroese.eu 
    reverse_proxy 192.168.1.65:2000
 }
 paperless.home.domroese.eu:443,
 paperless.home.domroese.eu:80 {
    tls soenke@domroese.eu        
    reverse_proxy 192.168.1.65:1000
 }
 ittools.home.domroese.eu:443,
 ittools.home.domroese.eu:80 {
    tls soenke@domroese.eu        
    reverse_proxy 192.168.1.65:9080
 }
 vault.home.domroese.eu:443,
 vault.home.domroese.eu:80 {
    tls soenke@domroese.eu        
    reverse_proxy 192.168.1.65:4080
 }
 chat.home.domroese.eu:443 {
    tls soenke@domroese.eu        
    reverse_proxy 192.168.1.65:1180
 }
 nas.home.domroese.eu {
    tls soenke@domroese.eu {
 	client_auth {
 		mode request
 	}
    }
    reverse_proxy https://192.168.1.194:5001 {
 	transport http {
 	        tls_insecure_skip_verify # Disable TLS Verification, as we don't have a real certificate on the nas
 	}
    }
 }
--- a/caddy/config/config
+++ b/caddy/config/config
@@ -0,0 +1,29 @@
 {
  "admin": {
    "disabled": false,
    "listen": "*:2019",
    "enforce_origin": false,
    "origins": [
      "0.0.0.0",
      "localhost",
      "192.168.0.0/24"
    ],
    "remote": {
      "listen": "",
      "access_control": [{
        "public_keys": [
          ""
        ],
        "permissions": [{
          "paths": [
            ""
          ],
          "methods": [
            ""
          ]
        }]
      }]
    }
  } 
 }
--- a/caddy/docker-compose.yml
+++ b/caddy/docker-compose.yml
@@ -0,0 +1,32 @@
 services:
  web:
    image: caddy
    container_name: "caddy"
    ports:
      - "2019:2019"
      - "8880:80"
      - "8443:443"
      - "8443:443/udp"
      - "8448:8448"
    volumes:
      - ./Caddyfile:/etc/caddy/Caddyfile
      - caddy-data:/data
      - caddy-config:/config
    restart: unless-stopped
    networks:
      - caddy-network
  caddy-ui:
      image: qmcgaw/caddy-ui
      ports:
        - "8881:8000"
      environment:
        - CADDY_API_ENDPOINT=http://192.168.1.65:2019
      networks:
        - caddy-network
 networks:
  caddy-network:
 volumes:
  caddy-data:
  caddy-config:
--- a/caddy/reload.sh
+++ b/caddy/reload.sh
@@ -0,0 +1,5 @@
 !#/bin/bash
 caddy_container_id=$(docker ps | grep caddy | awk '{print $1;}')
 docker exec -w /etc/caddy $caddy_container_id caddy reload