From 702a5a0c6096958c6a25dc7c786f33ea982d79ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=A0=D1=83=D1=81=D0=BB=D0=B0=D0=BD?= Date: Sat, 30 Sep 2023 16:54:49 +0600 Subject: [PATCH] Update Caddyfile --- configs/Caddyfile | 100 +++++++++++++++++++--------------------------- 1 file changed, 41 insertions(+), 59 deletions(-) diff --git a/configs/Caddyfile b/configs/Caddyfile index 48fa740..b0c92d4 100644 --- a/configs/Caddyfile +++ b/configs/Caddyfile @@ -1,94 +1,76 @@ -# The Caddyfile is an easy way to configure your Caddy web server. -# -# Unless the file starts with a global options block, the first -# uncommented line is always the address of your site. -# -# To use your own domain name (with automatic HTTPS), first make -# sure your domain's A/AAAA DNS records are properly pointed to -# this machine's public IP, then replace ":80" below with your -# domain name. - { - email im@fruw.org - acme_dns google_domains $API_KEY + email im@fruw.org + acme_dns google_domains {$API_KEY} } vault.fruw.org { - reverse_proxy localhost:50000 + handle_path / { + reverse_proxy localhost:50000 + } + handle_path /* { + @allow { + remote_ip forwarded {$WHITE_LIST} + } + handle @allow { + reverse_proxy localhost:50000 + } + respond 403 + } } mail.fruw.org { - reverse_proxy localhost:50001 + @allow { + remote_ip forwarded {$WHITE_LIST} + } + handle @allow { + reverse_proxy localhost:50001 + } + respond 403 } matrix.fruw.org, matrix.fruw.org:8448 { - rewrite / /_matrix/static/ - reverse_proxy /_matrix/* localhost:50003 + rewrite / /_matrix/static/ + reverse_proxy /_matrix/* localhost:50003 } git.fruw.org { - rewrite / /fruworg - reverse_proxy localhost:50005 + rewrite / /fruworg + reverse_proxy localhost:50005 } turn.fruw.org { - #route / { - #exec /usr/local/bin/caddy.sh 3478 - #} - - #@available { - # status 0 - #} - - #respond "whoa! eturnal server is runnig" 200 { - # @available - #} - - #respond "oops! eturnal server is not running" 503 - respond "whoa! eturnal server is runnig" 200 + respond "whoa! eturnal server is runnig" 200 } rclone.fruw.org { - reverse_proxy 127.0.0.1:53682 - respond "nothing to auth" 404 + @allow { + remote_ip forwarded {$WHITE_LIST} + } + handle @allow { + reverse_proxy 127.0.0.1:53682 + respond "nothing to auth" 404 + } + respond 403 } cs.fruw.org { - respond "whoa! cstrike server is runnig" 200 + respond "whoa! cstrike server is runnig" 200 } doom.fruw.org { - #route / { - #exec /usr/local/bin/caddy.sh 10666 - #} - - #exec /usr/local/bin/caddy.sh 10666 - - #@available { - # status 0 - #} - - #respond "whoa! doom2 server is runnig" 200 { - # @available - #} - - respond "oops! doom2 server is not running" 503 + respond "oops! doom2 server is not running" 503 } fs.fruw.org, http://fs.fruw.org { - root * /var/caddy - file_server browse + root * /var/caddy + file_server browse } ip.fruw.org, http://ip.fruw.org { - templates - respond "{{.RemoteIP}}" + templates + respond "{{.RemoteIP}}" } fruw.org, *.fruw.org { - respond "hello there" + respond "hello there" } - -# Refer to the Caddy docs for more information: -# https://caddyserver.com/docs/caddyfile -