-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCaddyfile
More file actions
39 lines (33 loc) · 1.03 KB
/
Caddyfile
File metadata and controls
39 lines (33 loc) · 1.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
# Replace yourdomain.com with your actual domain.
# Caddy will:
# 1. Automatically obtain a TLS certificate from Let's Encrypt
# 2. Redirect all HTTP traffic to HTTPS
# 3. Proxy all HTTPS requests to the Django container on port 8000
#
# CLOUDFLARE NOTE: In your Cloudflare SSL/TLS settings, set mode to
# "Full (strict)". This means Cloudflare↔Caddy communication is encrypted
# and Cloudflare verifies Caddy's certificate. "Flexible" would mean
# Cloudflare connects to Caddy over plain HTTP — wrong.
alessandrokuz.com, www.alessandrokuz.com {
tls /etc/caddy/certs/cloudflare-origin.pem /etc/caddy/certs/cloudflare-origin-key.pem {
client_auth {
mode require_and_verify
trusted_ca_cert_file /etc/caddy/certs/cloudflare-origin-pull-ca.pem
}
}
encode gzip
handle_path /static/* {
root * /srv/personalhub/staticfiles
file_server
}
handle_path /media/* {
root * /srv/personalhub/media
file_server
}
handle {
reverse_proxy web:8000
}
header {
Permissions-Policy "geolocation=(), microphone=(), camera=()"
}
}