From 5263d9a206b2801cd1c657f44fd2be1dda8ce1a6 Mon Sep 17 00:00:00 2001 From: nilsjohan Date: Fri, 1 May 2026 12:59:17 +0200 Subject: [PATCH] =?UTF-8?q?Uppdaterade=20Caddyfile=20utifr=C3=A5n=20flutte?= =?UTF-8?q?r?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- conf/Caddyfile | 13 +++- conf/Caddyfile-2026-04-20 | 125 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 135 insertions(+), 3 deletions(-) create mode 100644 conf/Caddyfile-2026-04-20 diff --git a/conf/Caddyfile b/conf/Caddyfile index 6e2cf8a..683d941 100644 --- a/conf/Caddyfile +++ b/conf/Caddyfile @@ -7,13 +7,21 @@ (common) { encode gzip zstd header { - X-Frame-Options "SAMEORIGIN" + Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" X-Content-Type-Options "nosniff" + X-Frame-Options "DENY" + X-XSS-Protection "1; mode=block" + Referrer-Policy "strict-origin-when-cross-origin" + Permissions-Policy "geolocation=(), microphone=(), camera=(), payment=()" + Cross-Origin-Opener-Policy "same-origin" + Cross-Origin-Resource-Policy "same-origin" + Cross-Origin-Embedder-Policy "require-corp" } } test.gynther.se { - respond "det fungerar" + import common + reverse_proxy recipe-flutter:5000 } bazarr.gynther.se { @@ -73,7 +81,6 @@ import.gynther.se { # RECIPE APP + IMPORT SERVICE # ============================================ recept.gynther.se { - import auth import common # === IMPORT SERVICE (Document Converter) === diff --git a/conf/Caddyfile-2026-04-20 b/conf/Caddyfile-2026-04-20 new file mode 100644 index 0000000..0ba8284 --- /dev/null +++ b/conf/Caddyfile-2026-04-20 @@ -0,0 +1,125 @@ +(auth) { + basicauth { + admin $2a$14$DahHUWD2cKyXJ96sH5VQwuQv1bqmIn0gsdoSaw4mofzfdNY2Y0VsO + } +} + +(common) { + encode gzip zstd + header { + X-Frame-Options "SAMEORIGIN" + X-Content-Type-Options "nosniff" + } +} + +test.gynther.se { + respond "det fungerar" +} + +bazarr.gynther.se { + import common + reverse_proxy http://bazarr:6767 +} + +prowlarr.gynther.se { + import common + reverse_proxy http://prowlarr:9696 +} + +radarr.gynther.se { + import common + reverse_proxy http://radarr:7878 +} + +sonarr.gynther.se { + import common + reverse_proxy http://sonarr:8989 +} + +jellyfin.gynther.se { + reverse_proxy http://jellyfin:8096 +} + +qbittorrent.gynther.se { + import common + reverse_proxy 192.168.50.4:8080 +} + +wetty.gynther.se { + import auth + import common + redir / /wetty + reverse_proxy wetty:3001 +} + +portainer.gynther.se { + reverse_proxy portainer:9000 +} + +gitea.gynther.se { + import common + reverse_proxy 192.168.50.2:3002 +} + +# ============================================ +# Import Service (Document Converter) - Standalone UI +# ============================================ +import.gynther.se { + import common + reverse_proxy recipe-import-service:3000 +} + +# ============================================ +# RECIPE APP + IMPORT SERVICE +# ============================================ +recept.gynther.se { + import common + + # === IMPORT SERVICE (Document Converter) === + # Dessa endpoints måste komma FÖRST innan backend reglerna! + handle /api/recipes/import* { + reverse_proxy recipe-import-service:3000 + } + + # === RECIPE FRONTEND PROXY ENDPOINTS === + # Next.js API routes + handle /api/inventory-history-proxy { + reverse_proxy recipe-frontend:3000 + } + + handle /api/admin/merge-preview-proxy { + reverse_proxy recipe-frontend:3000 + } + + handle /api/recipe-preview-proxy { + reverse_proxy recipe-frontend:3000 + } + + # === RECIPE BACKEND API ENDPOINTS === + # Backend körs på port 8080 (från docker-compose) + handle /api/products* { + reverse_proxy recipe-api:8080 + } + + handle /api/inventory* { + reverse_proxy recipe-api:8080 + } + + handle /api/recipes* { + reverse_proxy recipe-api:8080 + } + + # === HEALTH CHECKS === + handle /health { + reverse_proxy recipe-api:8080 + } + + # === CATCH ALL === + # Övriga /api/* går till frontend + handle /api/* { + reverse_proxy recipe-frontend:3000 + } + + # Frontend - catch all remaining routes (port 3000) + reverse_proxy /* recipe-frontend:3000 +}