114 lines
3.6 KiB
Caddyfile
114 lines
3.6 KiB
Caddyfile
projectsegfau.lt www.projectsegfau.lt web.dev.projectsegfau.lt {
|
|
reverse_proxy :1339
|
|
import def
|
|
reverse_proxy /bosh xmpp.projectsegfau.lt:5443 {
|
|
header_up X-Real-IP {remote_host}
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
}
|
|
reverse_proxy /ws xmpp.projectsegfau.lt:5443 {
|
|
header_up X-Real-IP {remote_host}
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
}
|
|
header /.well-known/matrix/* Content-Type application/json
|
|
header /.well-known/matrix/* Access-Control-Allow-Origin *
|
|
handle_path /.well-known/* {
|
|
root * /var/www/well-known
|
|
file_server
|
|
}
|
|
header /.well-known/host-meta Content-Type application/xrd+xml
|
|
header /.well-known/host-meta Access-Control-Allow-Origin *
|
|
header /.well-known/host-meta.json Content-Type application/json
|
|
header /.well-known/host-meta.json Access-Control-Allow-Origin *
|
|
header /.well-known/xmpp-provider-v2.json Content-Type application/json
|
|
header /.well-known/xmpp-provider-v2.json Access-Control-Allow-Origin *
|
|
|
|
import torloc www
|
|
}
|
|
psf.lt www.psf.lt {
|
|
reverse_proxy :1339
|
|
import def
|
|
import torloc www
|
|
header /.well-known/matrix/* Content-Type application/json
|
|
header /.well-known/matrix/* Access-Control-Allow-Origin *
|
|
handle_path /.well-known/* {
|
|
root * /var/www/psf-well-known
|
|
file_server
|
|
}
|
|
}
|
|
sl.projectsegfau.lt sl.psf.lt {
|
|
reverse_proxy :7777
|
|
import def
|
|
}
|
|
nitter.projectsegfau.lt n.psf.lt {
|
|
reverse_proxy :8387
|
|
import def
|
|
route {
|
|
reverse_proxy /outpost.goauthentik.io/* https://in.v.psf.lt:7444 {
|
|
header_up Host {http.reverse_proxy.upstream.hostport}
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
}
|
|
# Forward authentication requests to Authentik's outpost
|
|
forward_auth https://in.v.psf.lt:7444 {
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
uri /outpost.goauthentik.io/auth/caddy
|
|
|
|
# Ensure these headers are passed, using correct capitalization
|
|
copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name
|
|
trusted_proxies private_ranges
|
|
}
|
|
}
|
|
}
|
|
libreddit.projectsegfau.lt lr.psf.lt {
|
|
reverse_proxy :6464
|
|
import def
|
|
route {
|
|
reverse_proxy /preview/* :6465
|
|
reverse_proxy /outpost.goauthentik.io/* https://in.v.psf.lt:7444 {
|
|
header_up Host {http.reverse_proxy.upstream.hostport}
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
}
|
|
# Forward authentication requests to Authentik's outpost
|
|
forward_auth https://in.v.psf.lt:7444 {
|
|
transport http {
|
|
tls_insecure_skip_verify
|
|
}
|
|
uri /outpost.goauthentik.io/auth/caddy
|
|
|
|
# Ensure these headers are passed, using correct capitalization
|
|
copy_headers X-Authentik-Username X-Authentik-Groups X-Authentik-Email X-Authentik-Name
|
|
trusted_proxies private_ranges
|
|
}
|
|
}
|
|
}
|
|
|
|
# REDIRECTS/SHUTDOWNS
|
|
inv.bp.projectsegfau.lt, i.bp.psf.lt, invidious.projectsegfau.lt, inv.projectsegfau.lt, i.psf.lt {
|
|
respond "Invidious has shutdown"
|
|
import def
|
|
import torloc invbp
|
|
}
|
|
piped.projectsegfau.lt proxy.piped.projectsegfau.lt api.piped.projectsegfau.lt pi.psf.lt {
|
|
respond "Piped has shutdown"
|
|
import def
|
|
}
|
|
|
|
bb.us.projectsegfau.lt bb.in.projectsegfau.lt bb.eu.projectsegfau.lt bb.projectsegfau.lt {
|
|
import def
|
|
import torloc beatbump
|
|
respond "Beatbump has shutdown"
|
|
}
|
|
ferrit.projectsegfau.lt snooddit.projectsegfau.lt {
|
|
respond "Ferrit/Snoodit/Libreddit/Redlib has been shutdown"
|
|
import acmedns
|
|
}
|