fzirker/selfhost
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: fzirker:02e5e0b682ee3e12ca57037d8cbd74f3e5ec9f51
Branches Tags
fzirker:main
fzirker:forgejo-actions
fzirker:traefik
..
compare: fzirker:e59dbe314f608da3fca21fdad2643e5626e0f94e
Branches Tags
fzirker:main
fzirker:forgejo-actions
fzirker:traefik

3 commits
02e5e0b682 ... e59dbe314f

Author SHA1 Message Date
Florian Zirker
e59dbe314f handle errors 2024-12-10 16:29:08 +01:00
Florian Zirker
1490487e7b Serve www directly from caddy 2024-12-10 13:48:23 +01:00
Florian Zirker
8325b9a759 Format Caddyfile 2024-12-10 13:45:54 +01:00
6 changed files with 109 additions and 162 deletions
Download patch file Download diff file Expand all files Collapse all files

9
.editorconfig
View file

@ -16,3 +16,12 @@ tab_width = 2
[*.md] [*.md]
trim_trailing_whitespace = false trim_trailing_whitespace = false
[Caddyfile]
indent_style = tab
indent_size = 4
tab_width = 4
end_of_line = lf
charset = utf-8
trim_trailing_whitespace = true
insert_final_newline = true

164
proxy/caddy/Caddyfile
View file

@ -1,91 +1,113 @@
{ {
# acme_ca https://acme-v02.api.letsencrypt.org/directory email {env.EMAIL}
email {env.EMAIL} log default {
log { output stdout
format console format console
} }
}
(error) {
root * /usr/share/caddy
rewrite * /error.html
templates
file_server {
status {err.status_code}
}
} }
*.{$DOMAIN} { *.{$DOMAIN} {
tls { tls {
dns netcup { dns netcup {
customer_number {env.NETCUP_CUSTOMER_NUMBER} customer_number {env.NETCUP_CUSTOMER_NUMBER}
api_key {env.NETCUP_API_KEY} api_key {env.NETCUP_API_KEY}
api_password {env.NETCUP_API_PASSWORD} api_password {env.NETCUP_API_PASSWORD}
} }
propagation_timeout 900s propagation_timeout 900s
propagation_delay 600s propagation_delay 600s
resolvers 46.38.225.230 46.38.252.230 resolvers 46.38.225.230 46.38.252.230
} }
header Strict-Transport-Security "max-age=63072000" header Strict-Transport-Security "max-age=63072000"
@git host git.{$DOMAIN} @git host git.{$DOMAIN}
handle @git { handle @git {
reverse_proxy forgejo:3000 reverse_proxy forgejo:3000
} }
@news host news.{$DOMAIN} @news host news.{$DOMAIN}
handle @news { handle @news {
reverse_proxy miniflux:8080 reverse_proxy miniflux:8080
} }
@nc-push expression `(host('cloud.{$DOMAIN}') && path('/push/*'))` @nc-push expression `(host('cloud.{$DOMAIN}') && path('/push/*'))`
handle @nc-push { handle @nc-push {
reverse_proxy push:7867 reverse_proxy push:7867
} }
@nextcloud host cloud.{$DOMAIN} @nextcloud host cloud.{$DOMAIN}
handle @nextcloud { handle @nextcloud {
reverse_proxy webserver-nextcloud:80 reverse_proxy webserver-nextcloud:80
} }
@office host office.{$DOMAIN} @office host office.{$DOMAIN}
handle @office { handle @office {
reverse_proxy collabora:9980 reverse_proxy collabora:9980
} }
@drawio host drawio.{$DOMAIN} @drawio host drawio.{$DOMAIN}
handle @drawio { handle @drawio {
reverse_proxy drawio:8080 reverse_proxy drawio:8080
} }
@whoami host whoami.{$DOMAIN} @whoami host whoami.{$DOMAIN}
handle @whoami { handle @whoami {
reverse_proxy whoami:80 reverse_proxy whoami:80
} }
@push host push.{$DOMAIN} @push host push.{$DOMAIN}
handle @push { handle @push {
reverse_proxy ntfy:80 reverse_proxy ntfy:80
} }
@wallabag host wallabag.{$DOMAIN} @wallabag host wallabag.{$DOMAIN}
handle @wallabag { handle @wallabag {
reverse_proxy wallabag:80 reverse_proxy wallabag:80
} }
@www host www.{$DOMAIN} @www host www.{$DOMAIN}
handle @www { handle @www {
reverse_proxy webserver-www:80 file_server {
} root /usr/share/caddy
hide .git Readme.md
}
}
@mail host mail.{$DOMAIN} @mail host mail.{$DOMAIN}
handle @mail { handle @mail {
reverse_proxy nginx-mailcow:8090 reverse_proxy nginx-mailcow:8090
} }
# Fallback for otherwise unhandled domains # Fallback for otherwise unhandled domains
handle { handle {
respond 404 respond "404 Not Found" 404
} }
# handle wrong url pathes
handle_errors 404 {
#respond "{err.status_code} {err.status_text}" {err.status_code}
import error
}
# handle errors of proxy backends are down
# handle_errors 502 {
# respond "503 Service Unavailable" 503
# }
# every other error
handle_errors {
import error
}
} }
{$DOMAIN} { {$DOMAIN} {
redir https://www.{$DOMAIN}{uri} redir https://www.{$DOMAIN}{uri}
} }

8
proxy/docker-compose.yaml
View file

@ -11,9 +11,11 @@ services:
- "443:443" - "443:443"
- "443:443/udp" - "443:443/udp"
volumes: volumes:
- $PWD/caddy/Caddyfile:/etc/caddy/Caddyfile - $PWD/caddy/Caddyfile:/etc/caddy/Caddyfile
- ${STORAGE_PATH}/caddy/data:/data - ${STORAGE_PATH}/caddy/data:/data
- ${STORAGE_PATH}/caddy/config:/config - ${STORAGE_PATH}/caddy/config:/config
- ${WWW_PATH}:/usr/share/caddy:ro
environment: environment:
- NETCUP_CUSTOMER_NUMBER=${NETCUP_CUSTOMER_NUMBER} - NETCUP_CUSTOMER_NUMBER=${NETCUP_CUSTOMER_NUMBER}
- NETCUP_API_KEY=${NETCUP_API_KEY} - NETCUP_API_KEY=${NETCUP_API_KEY}

2
proxy/reload.sh Executable file
View file

@ -0,0 +1,2 @@
#!/bin/bash
docker compose exec -w /etc/caddy caddy caddy reload

21
www/docker-compose.yaml
View file

@ -1,21 +0,0 @@
services:
webserver-www:
image: nginx:stable
volumes:
- ${HTML}:/usr/share/nginx/html:ro
- $PWD/nginx.conf:/etc/nginx/nginx.conf:ro
networks:
- web
restart: unless-stopped
healthcheck:
test: ["CMD", "curl" ,"--fail", "localhost"]
interval: 5s
timeout: 3s
labels:
- "docker.group=www"
networks:
web:
external: true

67
www/nginx.conf
View file

@ -1,67 +0,0 @@
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
# include /etc/nginx/conf.d/*.conf;
############################################
server {
listen 80;
listen [::]:80;
server_name localhost;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# hide .git folder
location ~ /\.git {
deny all;
return 404;
}
location ~ /Readme.md {
deny all;
return 404;
}
}
# include /etc/nginx/conf.d/*.conf;
}