# The Caddyfile is an easy way to configure your Caddy web server. # # Unless the file starts with a global options block, the first # uncommented line is always the address of your site. # # To use your own domain name (with automatic HTTPS), first make # sure your domain's A/AAAA DNS records are properly pointed to # this machine's public IP, then replace ":80" below with your # domain name. { metrics { per_host } crowdsec { api_url http://localhost:8080 api_key qa2/ilnhpYrrisOIvUSYpViTgDNyT7IkHHgDgweAeBY ticker_interval 15s } log { output file /var/log/caddy/access.log format json } } dockerreg.mycloudhaus.xyz { # Important: These headers are required for Docker Registry header { -Server Docker-Distribution-Api-Version registry/2.0 } # Reverse proxy with proper Docker Registry support reverse_proxy 10.0.0.1:4555 { # Forward all headers without modification header_up Host {host} header_up X-Real-IP {remote} header_up X-Forwarded-For {remote} header_up X-Forwarded-Proto {scheme} # Critical: Ensure chunked transfer encoding works transport http { read_buffer 4096 write_buffer 4096 max_response_header 8192 } } # Handle blob uploads correctly handle_errors { # If registry returns error, pass it through respond "{http.error.status_code} {http.error.status_text}" } } speed.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:8765 { header_up Host {upstream_hostport} } } } tools.mycloudhaus.xyz { route { crowdsec basic_auth { jawline4392 $2a$14$fFXP3bSAH3w9Kj0t84y1aeYvYwUbYPgV29RpesEFoDTCMpcumm5Bm } reverse_proxy 10.0.0.1:8898 } } office.mycloudhaus.xyz { route { crowdsec #basic_auth { # theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS # } reverse_proxy 10.0.0.1:3033 } } docker.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:9100 } } sync.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:8384 { header_up Host localhost:8384 } } } msg.mycloudhaus.xyz { route { crowdsec basic_auth { scuba8495 $2a$14$dSjT2ZkFg4h9TLDGvnN7XO1hJ/1VbFxgx0EX8UJy2tknKK/MqR1b2 } reverse_proxy 10.0.0.2:8000 } } notes.mycloudhaus.xyz { route { crowdsec basic_auth { giggly8541 $2a$14$j4eEXQZQdCWquG5lTJCaV.Uefb6D0cWQlC843tCH0cGMxdjf8AS.O } reverse_proxy 127.0.0.1:3050 { header_up Host {host} header_up X-Real-IP {remote_host} } } } keybr.mycloudhaus.xyz { route { crowdsec basic_auth { sneak2931 $2a$14$dQJs/1Rk8TjgK5YZSIAYU.i4avRMgRZ8uZIR47/mgI3ltYLqgf8XK } reverse_proxy 10.0.0.2:3000 } } torrents.mycloudhaus.xyz { route { crowdsec basic_auth { unrevised0817 $2a$14$fGYDsHzx8X/EdXKW59it/ujz8ieD0Ae8q3u.mJt2vaKg4.VYPrs2C } reverse_proxy 10.0.0.2:9091 } } searxng.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:7001 } } boards.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:8765 } } ankisync.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:27701 } } dns.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.1:8053 } } inv.mycloudhaus.xyz { route { crowdsec basic_auth { compile6639 $2a$14$AmsLzCKhcncRJEpXCF5XZ.sq/.9RCfKtY8bg89FKkE1fpU9Y.lSUK miha $2y$05$N1Gr6khpOaZc5YDQp8quGuQk6phsE69GoLSB3d.w7RnRc8zyQn./6 } reverse_proxy 10.0.0.2:4000 } log { output discard } } wiki.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:8008 } } radicale.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:5232 } } rss.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:8011 } } vw.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:9000 { header_up X-Real-IP {remote_host} } } } bookmarks.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:5000 } } home.mycloudhaus.xyz { route { crowdsec basic_auth { mobster5234 $2a$14$mu69PLSK/8iMqV2e/TM2dOsW7ZuLPpjW/Aqltlug6xgQRckXJRqQ2 } reverse_proxy 127.0.0.1:8099 } } logs.mycloudhaus.xyz { route { crowdsec basic_auth { overvalue8130 $2a$14$RjDA21av6gZynO9BInzUGuErCs9qHSIx0gDBwhyOS9iDd8f6wvQMO } reverse_proxy 127.0.0.1:3030 } } health.mycloudhaus.xyz { route { crowdsec reverse_proxy 127.0.0.1:3001 } } git.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:3002 } } playlists.mycloudhaus.xyz { route { crowdsec basic_auth { theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS paul $2y$05$N1Gr6khpOaZc5YDQp8quGuQk6phsE69GoLSB3d.w7RnRc8zyQn./6 # "mot de passe super technique" } reverse_proxy 10.0.0.2:4444 } } play.mycloudhaus.xyz { route { crowdsec } reverse_proxy 10.0.0.2:4445 } email.mycloudhaus.xyz { route { crowdsec } reverse_proxy 10.0.0.2:8025 } translate.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:5555 } } media.mycloudhaus.xyz { route { crowdsec reverse_proxy 10.0.0.2:8096 header { X-Forwarded-Proto {scheme} X-Forwarded-For {remote_host} X-Real-IP {remote_host} } } } radio.mycloudhaus.xyz { route { crowdsec # @allowed path / /profile* /admin* /docs* /logout* /login* /dashboard* /station* /public* # reverse_proxy @allowed 10.0.0.2:6000 reverse_proxy 10.0.0.2:6000 # respond "Not found" 404 } } convert.mycloudhaus.xyz { basic_auth { thirstily1920 $2a$14$XAK/BYwOLKIxsPNdTKRng.fS9fIMYqOUWHj5XQriP8Eptpbm.q6Ee } reverse_proxy 127.0.0.1:6000 } learn.mycloudhaus.xyz { basic_auth { planky273 $2y$05$te50nAtF7oT1vHht3Qy3qOUC5DBAWodCD4xjwPkrFfHjoWrE1Wa1a } reverse_proxy 10.0.0.2:8889 } #prom.mycloudhaus.xyz { # basic_auth { # # Username "Bob", password "hiccup" # theo $2a$14$mJszfW/9Pay63RdHY7Om1e0VdYaCWwP5QnpzdM7oCbrCnYQzB8.bS # } # reverse_proxy prometheus:9090 #} # #sec.mycloudhaus.xyz { ## basic_auth { ## Sneak9662 $2a$14$EDiuxXPPj6sXuVsr68MwjOvwcSwnVHa2Q3A.BVyuxBN1odc5FK7pG ## } # reverse_proxy https://10.0.0.2:443 { # transport http { # tls_insecure_skip_verify # } # } #} mycloudhaus.xyz { basic_auth { overwrite7291 $2a$14$ZU0t/ykaEg4CO2hr1PPSK.3K13XEj6SKlnX9/S8/HaO98lh2nN13S } metrics /metrics root * /var/www/html encode gzip log { output file /var/log/caddy/my-static-site.log } header { ?Cache-Control "max-age=1800" } # Enable the static file server. file_server # Another common task is to set up a reverse proxy: # reverse_proxy localhost:8080 # Or serve a PHP site through php-fpm: # php_fastcgi localhost:9000 } # Refer to the Caddy docs for more information: # https://caddyserver.com/docs/caddyfile