blob: 6502830ac9f90dda658335578a2c024183c3f6e7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
# Caddyfile — Witryna with auto-managed site configs
#
# Site configs are generated by the caddy-deploy.sh hook script
# and imported from /etc/caddy/sites.d/. See examples/hooks/caddy-deploy.sh.
#
# Caddy obtains and renews TLS certificates automatically via ACME.
# See https://caddyserver.com/docs/ for full documentation.
# Import auto-managed site configs
import /etc/caddy/sites.d/*.caddy
# Webhook endpoint — reverse proxy to Witryna
#
# Rate limiting: Caddy does not include built-in rate limiting.
# Install the caddy-ratelimit module for per-IP request limiting:
# https://github.com/mholt/caddy-ratelimit
#
# Example with caddy-ratelimit (uncomment after installing the module):
# rate_limit {
# zone webhook {
# key {remote_host}
# events 10
# window 1m
# }
# }
witryna.example.com {
reverse_proxy 127.0.0.1:8080
# Restrict access to POST requests only
@not_post not method POST
respond @not_post 405
# Security headers
header {
X-Content-Type-Options "nosniff"
-Server
}
}
|
