There is really nothing special. (some lines are so much same- just repetition of sites by sites) I’m just using Caddy for reverse proxy, which I had used on Nginx perfectly. I changed it to Caddy because I’ve been changed all tech stack into Golang-based, and I like automatic certificates feature of Caddy.
{
email email@email.email
http_port 80
https_port 443
admin localhost:2019
storage file_system {
root /root/.local/share/caddy
}
}
(strip-www) {
@www.{args.0} host www.{args.0}
redir @www.{args.0} https://{args.0}{uri}
}
(add-www) {
@{args.0} host {args.0}
redir @{args.0} https://www.{args.0}{uri}
}
(cors) {
@origin{args.0} header Origin {args.0}
header @origin{args.0} Access-Control-Allow-Origin "{args.0}"
}
(default) {
header -Server
}
(acl) {
@acl {
remote_ip WHITE_IP1/24
remote_ip WHITE_IP2/24
remote_ip WHITE_IP3/24
}
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN,
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
file_server {
root /var/www/DOMAIN/
index index.html
}
handle_errors {
@404 {
expression {http.error.status_code} == 404
}
rewrite @404 /index.html
file_server {
root /var/www/DOMAIN/
index index.html
}
}
route /PATH* {
uri strip_prefix /PATH
reverse_proxy http://IP:PORT
}
}
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN,
DOMAIN,
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
import @acl
import cors DOMAIN
reverse_proxy https://IP:PORT {
transport http {
tls_insecure_skip_verify
}
}
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
basicauth {
USERNAME JDJhJDE0JGQxSTUwZzA2RlZVY0NOY3F3Zk1ucy4waG9jWmMwbUZZdFZOMGJ6UnpJdFpmTmxEbVRRdmcy
}
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
redir https://DOMAIN{uri}
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
tls /etc/caddy/certs/DOMAIN/_wildcard_.DOMAIN.com_202012176495.crt.pem /etc/caddy/certs/DOMAIN/_wildcard_.DOMAIN.com_202012176495.key.pem
redir https://www.DOMAIN.com{uri}
}
DOMAIN {
import default
tls /etc/caddy/certs/DOMAIN/_wildcard_.DOMAIN.com_202012176495.crt.pem /etc/caddy/certs/DOMAIN/_wildcard_.DOMAIN.com_202012176495.key.pem
reverse_proxy http://IP:PORT {
header_up X-Real-IP {remote_host}
header_up X-Forwarded-For {remote_host}
}
}
DOMAIN {
import default
tls /etc/caddy/certs/mathcollabo/_wildcard_.DOMAIN.com_202012176495.crt.pem /etc/caddy/certs/DOMAIN/_wildcard_.DOMAIN.com_202012176495.key.pem
reverse_proxy http://IP:PORT
}
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}
## WEB
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN,
DOMAIN {
import default
import acl
reverse_proxy @acl http://IP:PORT
}