peterwood/docker
1
0
Fork 0
mirror of https://github.com/acedanger/docker.git synced 2025-12-06 07:50:11 -08:00
Code Issues 1 Packages Projects Releases Wiki Activity
Files
3fe462b1e6cbbab0a2f9b460bc4ef34bbc2483f6
docker/caddy/Caddyfile
Peter Wood 85979c3701 Add Cloudflare DNS support to Caddy configuration 
- Updated .env.example to include CF_ZONE_READ and CF_DNS_EDIT variables.
- Enhanced Caddyfile to utilize Cloudflare DNS for TLS.
- Created Dockerfile for building Caddy with Cloudflare DNS support.
- Modified docker-compose.yml to use the new caddy-cloudflare image and set environment variables.
2025-04-29 14:34:25 -04:00

156 lines
3.3 KiB
Caddyfile
Raw Blame History

{
# debug
email peter@peterwood.dev
}
ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# this is the the wiki
reverse_proxy ts-racknerd.whale-woodpecker.ts.net:8300
}
wiki.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Route ACME challenges explicitly to be handled internally by Caddy
route /.well-known/acme-challenge/* {
# No directive needed here; Caddy's internal handler takes precedence.
# This prevents the challenge requests from being proxied.
}
# Proxy all other requests to the wiki
route {
reverse_proxy ts-racknerd.whale-woodpecker.ts.net:8300
}
}
jellyfin.peterwood.rocks {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
reverse_proxy host.docker.internal:8096
}
# Serve a simple text message for home.ptrwd.com
home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Debugging: Log all requests
log {
output stdout
format console
}
# Allow connections only from private ranges and home IP using Cf-Connecting-Ip header
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
respond "Welcome home!" 200 {
close # Close the connection after responding
}
}
handle {
respond "Access denied" 403
}
}
# Reverse proxy for sonarr.home.ptrwd.com
sonarr.home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Allow connections only from private ranges and home IP
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
reverse_proxy ts-io.whale-woodpecker.ts.net:8989
}
handle {
respond 403
}
}
radarr.home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Allow connections only from private ranges and home IP
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
reverse_proxy ts-io.whale-woodpecker.ts.net:7878
}
handle {
respond 403
}
}
io.docker.home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Allow connections only from private ranges and home IP
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
reverse_proxy ts-io.whale-woodpecker.ts.net:5001
}
handle {
respond 403
}
}
europa.docker.home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Allow connections only from private ranges and home IP
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
reverse_proxy ts-europa.whale-woodpecker.ts.net:5001
}
handle {
respond 403
}
}
racknerd.docker.home.ptrwd.com {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_READ}
api_token {env.CF_DNS_EDIT}
}
}
# Allow connections only from private ranges and home IP
@allowAccess client_ip 192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 162.203.102.154/32
handle @allowAccess {
reverse_proxy ts-racknerd.whale-woodpecker.ts.net:5001
}
handle {
respond 403
}
}
Reference in New Issue View Git Blame Copy Permalink