split Caddyfile

2024-12-04 22:17:05 +01:00
parent 10bb430d43
commit dde85a43e1
7 changed files with 107 additions and 105 deletions
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -1,35 +1,10 @@
 import conf/*.caddy
 {
-	dynamic_dns {
+	import dynamic_dns
 		provider route53
 		domains {
 			veenboer.xyz. rik
 		}
 		versions ipv4
 	}
 	#	layer4 {
 	#		:443 {
 	#			@openvpn openvpn
 	#			route @openvpn {
 	#				proxy host:444 # Proxy OpenVPN traffic to its backend
 	#			}
 	#		}
 	#	}
 	order geoip2_vars first
 	geoip2 {
 		#	accountId {$GEO_ACCOUNT_ID}
 		#	licenseKey {$GEO_API_KEY}
 		databaseDirectory /data/caddy/geoip/
 		lockFile /data/caddy/geoip/geoip2.lock
 		editionID GeoLite2-City
 		updateUrl https://updates.maxmind.com
 		updateFrequency 86400 # in seconds
 	}
 	import auth
 	import geoip2
 	# import layer4
 }
 (unprotected) {
@@ -41,6 +16,13 @@ import conf/*.caddy
 	}
 }
 (protected) {
 	{args[0]}.rik.veenboer.xyz {
 		import authentik
 		reverse_proxy {args[1]}
 	}
 }
 import unprotected authentik host:19000
 import unprotected vouch host:9090
 import unprotected jellyfin host:8097
@@ -50,41 +32,6 @@ import unprotected pgadmin host:5050
 import unprotected homarr host:17575
 import unprotected jellyseerr host:15055
 (authentik) {
 	reverse_proxy /outpost.goauthentik.io/* http://host:19000
 	forward_auth http://host:19000 {
 		uri /outpost.goauthentik.io/auth/caddy?rd={http.request.uri}
 		copy_headers {
 			X-Authentik-Username
 			X-Authentik-Groups
 			X-Authentik-Email
 			X-Authentik-Name
 			X-Authentik-Uid
 			X-Authentik-Jwt
 			X-Authentik-Meta-Jwks
 			X-Authentik-Meta-Outpost
 			X-Authentik-Meta-Provider
 			X-Authentik-Meta-App
 			X-Authentik-Meta-Version
 			X-Authentik-Other
 			X-Authentik-Password
 			X-Authentik-This
 			X-Authentik-What
 			Authorization>X-Custom-Authorization
 			X-Custom-User
 			X-Custom-Password
 			X-User-Header
 		}
 	}
 }
 (protected) {
 	{args[0]}.rik.veenboer.xyz {
 		import authentik
 		reverse_proxy {args[1]}
 	}
 }
 import protected sonarr host:18989
 import protected radarr host:17878
 import protected bazarr host:16767
--- a/caddy/conf/auth.caddy
+++ b/caddy/conf/auth.caddy
@@ -38,5 +38,4 @@
 			inject headers with claims
 		}
 	}
 }
--- a/caddy/conf/authentik.caddy
+++ b/caddy/conf/authentik.caddy
@@ -0,0 +1,27 @@
 (authentik) {
 	reverse_proxy /outpost.goauthentik.io/* http://host:19000
 	forward_auth http://host:19000 {
 		uri /outpost.goauthentik.io/auth/caddy?rd={http.request.uri}
 		copy_headers {
 			X-Authentik-Username
 			X-Authentik-Groups
 			X-Authentik-Email
 			X-Authentik-Name
 			X-Authentik-Uid
 			X-Authentik-Jwt
 			X-Authentik-Meta-Jwks
 			X-Authentik-Meta-Outpost
 			X-Authentik-Meta-Provider
 			X-Authentik-Meta-App
 			X-Authentik-Meta-Version
 			X-Authentik-Other
 			X-Authentik-Password
 			X-Authentik-This
 			X-Authentik-What
 			Authorization>X-Custom-Authorization
 			X-Custom-User
 			X-Custom-Password
 			X-User-Header
 		}
 	}
 }
--- a/caddy/conf/dynamic_dns.caddy
+++ b/caddy/conf/dynamic_dns.caddy
@@ -0,0 +1,9 @@
 (dynamic_dns) {
 	dynamic_dns {
 		provider route53
 		domains {
 			veenboer.xyz. rik
 		}
 		versions ipv4
 	}
 }
--- a/caddy/conf/geoip2.caddy
+++ b/caddy/conf/geoip2.caddy
@@ -0,0 +1,12 @@
 (geoip2) {
 	order geoip2_vars first
 	geoip2 {
 		#	accountId {$GEO_ACCOUNT_ID}
 		#	licenseKey {$GEO_API_KEY}
 		databaseDirectory /data/caddy/geoip/
 		lockFile /data/caddy/geoip/geoip2.lock
 		editionID GeoLite2-City
 		updateUrl https://updates.maxmind.com
 		updateFrequency 86400 # in seconds
 	}
 }
--- a/caddy/conf/layer4.caddy
+++ b/caddy/conf/layer4.caddy
@@ -0,0 +1,9 @@
 (layer4) {layer4 {
 	:443 {
 		@openvpn openvpn
 		route @openvpn {
 			proxy host:444 # Proxy OpenVPN traffic to its backend
 		}
 	}
 }
 }
--- a/caddy/sites/test.caddy
+++ b/caddy/sites/test.caddy
@@ -5,7 +5,6 @@ log {
 	authorize with mypolicy
 	reverse_proxy host:12345
 }
 auth.rik.veenboer.xyz {