ansible/privfrontends/templates/in/apps.Caddyfile

# ---Apps Caddyfile---
# Gitea
git.projectsegfau.lt {
	reverse_proxy :3444
	respond /metrics 403
	import def
	request_body {
		max_size 500MB
	}
	header {
		Content-Security-Policy "default-src 'self'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https: data:; manifest-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; frame-ancestors 'self'; frame-src 'self';"
	}
	import torloc git
}
git.psf.lt {
	reverse_proxy :3444 {
		header_up Host "git.projectsegfau.lt"
	}
	respond /metrics 403
	import def
	request_body {
		max_size 500MB
	}
	header {
		Content-Security-Policy "default-src 'self'; connect-src 'self'; font-src 'self' data:; form-action 'self'; img-src 'self' https: data:; manifest-src 'self' data:; object-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; worker-src 'self'; frame-ancestors 'self'; frame-src 'self';"
	}
	import torloc git
}
translate.projectsegfau.lt tl.psf.lt {
	import def
	reverse_proxy :5046
	import torloc translate
}
gothub.projectsegfau.lt gh.psf.lt {
	reverse_proxy :1024
	import def
	import torloc gothub
}
gothub.dev.projectsegfau.lt gh.dev.psf.lt {
	reverse_proxy :1025
	import def
	import torloc gothub.dev
}
# MailU
mail.projectsegfau.lt {
	import def
	reverse_proxy :8082
}

mtx.psf.lt {
	reverse_proxy :8466
	import def
}

# Cinny
cinny.projectsegfau.lt cy.psf.lt {
	reverse_proxy :3069
	import def
}

# Hydrogen
h2.projectsegfau.lt, hydrogen.projectsegfau.lt, h2.psf.lt {
	reverse_proxy :3071
	import def
}

# Element
chat.projectsegfau.lt el.psf.lt {
	reverse_proxy :3070
	import def
}

# HedgeDoc
doc.projectsegfau.lt {
	reverse_proxy :2069 {
		header_up X-Real-IP {remote_host}
	}
	import def
}
d.psf.lt {
	redir https://doc.projectsegfau.lt{uri}
	import acmedns
}

# MediaWiki
wiki.projectsegfau.lt w.psf.lt {
	reverse_proxy localhost:8047 {
		header_up X-Real-IP {remote_host}
	}
	@pubnix path /Category:Pubnix /Pubnix
	redir @pubnix /t/pubnix
	import def
	encode gzip
	import torloc wiki
}

# Vikunja
todo.projectsegfau.lt vi.psf.lt {
	reverse_proxy :3456
	import def
	import torloc todo
}

# Vaultwarden
pass.projectsegfau.lt vw.psf.lt {
	reverse_proxy :6980 {
		header_up X-Real-IP {remote_host}
	}
	import def
	import torloc pass
}

# XMPP
xmpp.projectsegfau.lt, conference.projectsegfau.lt, proxy.projectsegfau.lt, pubsub.projectsegfau.lt, upload.projectsegfau.lt {
	reverse_proxy :5443 {
		header_up X-Real-IP {remote_host}
		transport http {
			tls_insecure_skip_verify
		}
	}
	reverse_proxy /bosh :5443 {
		header_up X-Real-IP {remote_host}
		transport http {
			tls_insecure_skip_verify
		}
	}
	reverse_proxy /ws :5443 {
		header_up X-Real-IP {remote_host}
		transport http {
			tls_insecure_skip_verify
		}
	}
	@register {
		path /new/
		path /change_password/
		path /delete/
		path /new
		path /change_password
		path /delete
	}
	redir @register /register{uri}
	import def
	header /.well-known/host-meta Content-Type application/xrd+xml
	header /.well-known/host-meta.json Content-Type application/json
	header /.well-known/host-meta.json Access-Control-Allow-Origin *
	header /.well-known/host-meta Access-Control-Allow-Origin *
	handle_path /.well-known/* {
		root * /var/www/well-known
		file_server
	}
	handle_path / {
		redir https://wiki.projectsegfau.lt/XMPP
	}
}
xmpp-web.projectsegfau.lt, x.psf.lt {
	import def
	reverse_proxy :3072
}
healthchecks.projectsegfau.lt, hc.psf.lt {
	import def
	reverse_proxy :8450
	import torloc healthchecks
}
# Pubthentik
auth.p.projectsegfau.lt {
	reverse_proxy :7444 {
		transport http {
			tls_insecure_skip_verify
		}
		header_up X-Real-IP {remote_host}
	}
	import def
}

ntfy.projectsegfau.lt {
	import def
	reverse_proxy :8099
}
owncloud.projectsegfau.lt {
	reverse_proxy http://127.0.0.1:9200
	import def
}
wopi.projectsegfau.lt {
	import acmedns
	reverse_proxy http://127.0.0.1:9320
}
collabora.projectsegfau.lt {
	import acmedns
	reverse_proxy http://127.0.0.1:9980
}

ente.projectsegfau.lt pic.psf.lt {
	import def
	reverse_proxy http://127.0.0.1:8085
}

museum.ente.projectsegfau.lt {
	import acmedns
	reverse_proxy http://127.0.0.1:8254
}

album.ente.projectsegfau.lt {
	import def
	reverse_proxy http://127.0.0.1:8087
}

accounts.ente.projectsegfau.lt {
	import acmedns
	reverse_proxy http://127.0.0.1:8086
}

minio.projectsegfau.lt {
	import acmedns
	reverse_proxy http://127.0.0.1:9000
}

mozhi.aryak.me {
	reverse_proxy :5046
}

ak.psf.lt, social.projectsegfau.lt {
	respond "Akkoma has shut down"
	import acmedns
}
rss.projectsegfau.lt freshrss.projectsegfau.lt rss.psf.lt {
	respond "FreshRSS has been shut down. If you have any data left on the instance, please email contact@projectsegfau.lt"
	import def
	import torloc rss
}


timetagger.projectsegfau.lt tt.psf.lt {
	respond "Timetagger has been shut down. If you have any data left on the instance, please email contact@projectsegfau.lt"
	import def
}
# Jitsi
jitsi.projectsegfau.lt, j.psf.lt {
	respond "jitsi has been shut down."
	import acmedns
}
# RSS-Bridge
rssbridge.projectsegfau.lt, rb.psf.lt {
	respond "RSS Bridge has been shut down. If you have any data left on the instance, please email contact@projectsegfau.lt"
	import torloc rssbridge
	import def
}
# kbin
kbin.projectsegfau.lt, kb.psf.lt {
	respond "Kbin has been shut down"
	import def
}