-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathCaddyfile
45 lines (39 loc) · 1.39 KB
/
Caddyfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
# This Caddyfile is configured to revere proxy https requests to an IPNS-Link-gateway.
# GW_ADDRS contains gateway address (IP:port)
# DOMAIN contains chosen domain name, the gateway is exposed with
# DNS_PROV contains name of the DNS provider
# API_TKN contains API token from the DNS provider with permission to edit DNS records
# DNSLinks contains comma separated list of DNSLinks CNAMEd to the gateway domain.
#{
# acme_dns {$DNS_PROV:cloudflare} {$API_TKN}
#}
# Uncomment the above if DNS challenge is preferred globally. Note DNS challenge is more time consuming that the others
(reverse_proxy) {
reverse_proxy {$GW_ADDRS:localhost:8080} {
transport http {
keepalive off
versions 1.1
compression off
}
}
}
# Supports default HTTP or TLS-ALPN challenge for automatic https
{$DOMAIN:localhost}, www.{$DOMAIN:localhost} {
import reverse_proxy
}
# Can only do DNS challenge for automatic https, as Let'sEncrypt doesn't allow any other way for wildcard certs
*.ipfs.{$DOMAIN:localhost}, *.ipns.{$DOMAIN:localhost} {
import reverse_proxy
tls {
dns {$DNS_PROV:cloudflare} {$API_TKN:dummy}
}
}
# Enable HTTPS for DNSLinked hostnames that are CNAMEd to our Gateway.
# `DNSLinks` is a comma-separated list of such hostnames
{$DNSLinks} {
import reverse_proxy
}
# Catch-all http to serve DNSLinked hostnames that are CNAMEd to our Gateway. Test with localtest.me
http:// {
import reverse_proxy
}