blob: 7ac5e5d86d9ea6492e0882bd796309d4581a1033 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
# === Acces internet (TLS auto via Let's Encrypt) ===
dt.arauco.online {
reverse_proxy app:3000
header {
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Referrer-Policy "strict-origin-when-cross-origin"
Permissions-Policy "camera=(), microphone=(), geolocation=()"
-Server
}
encode gzip zstd
log {
output file /var/log/caddy/access.log {
roll_size 10mb
roll_keep 5
}
}
}
# === Acces reseau local (TLS auto-signe interne) ===
dt.huitral.ruka.lan {
tls internal
reverse_proxy app:3000
header {
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Referrer-Policy "strict-origin-when-cross-origin"
Permissions-Policy "camera=(), microphone=(), geolocation=()"
-Server
}
encode gzip zstd
}
|
