Adds Example for Caddy2 Jitsi
This commit is contained in:
parent
8748f3d443
commit
a1ecaf54ef
@ -1,5 +1,5 @@
|
|||||||
[defaults]
|
[defaults]
|
||||||
retry_files_enabled = False
|
retry_files_enabled = False
|
||||||
|
ansible_python_interpreter=/usr/bin/python3
|
||||||
[connection]
|
[connection]
|
||||||
pipelining = True
|
pipelining = True
|
||||||
|
@ -1,4 +1,8 @@
|
|||||||
matrix.DOMAIN.tld {
|
matrix.DOMAIN.tld {
|
||||||
|
|
||||||
|
# creates letsencrypt certificate
|
||||||
|
# tls your@email.com
|
||||||
|
|
||||||
@identity {
|
@identity {
|
||||||
path /_matrix/identity/*
|
path /_matrix/identity/*
|
||||||
}
|
}
|
||||||
@ -94,7 +98,11 @@ matrix.DOMAIN.tld:8448 {
|
|||||||
}
|
}
|
||||||
|
|
||||||
dimension.DOMAIN.tld {
|
dimension.DOMAIN.tld {
|
||||||
header {
|
|
||||||
|
# creates letsencrypt certificate
|
||||||
|
# tls your@email.com
|
||||||
|
|
||||||
|
header {
|
||||||
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
||||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
||||||
@ -121,7 +129,11 @@ header {
|
|||||||
}
|
}
|
||||||
|
|
||||||
element.DOMAIN.tld {
|
element.DOMAIN.tld {
|
||||||
header {
|
|
||||||
|
# creates letsencrypt certificate
|
||||||
|
# tls your@email.com
|
||||||
|
|
||||||
|
header {
|
||||||
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
# Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
||||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
# Enable cross-site filter (XSS) and tell browser to block detected attacks
|
||||||
@ -145,3 +157,50 @@ element.DOMAIN.tld {
|
|||||||
header_up X-Forwarded-HttpsProto {proto}
|
header_up X-Forwarded-HttpsProto {proto}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#jitsi.DOMAIN.tld {
|
||||||
|
# log {
|
||||||
|
# output discard
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# creates letsencrypt certificate
|
||||||
|
# tls your@email.com
|
||||||
|
#
|
||||||
|
# header {
|
||||||
|
# # Enable HTTP Strict Transport Security (HSTS) to force clients to always connect via HTTPS
|
||||||
|
# Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||||
|
#
|
||||||
|
# # Enable cross-site filter (XSS) and tell browser to block detected attacks
|
||||||
|
# X-XSS-Protection "1; mode=block"
|
||||||
|
#
|
||||||
|
# # Prevent some browsers from MIME-sniffing a response away from the declared Content-Type
|
||||||
|
# X-Content-Type-Options "nosniff"
|
||||||
|
#
|
||||||
|
# # Disallow the site to be rendered within a frame (clickjacking protection)
|
||||||
|
# X-Frame-Options "SAMEORIGIN"
|
||||||
|
#
|
||||||
|
# # Disable some features
|
||||||
|
# Feature-Policy "accelerometer 'none';ambient-light-sensor 'none'; autoplay 'none';camera 'none';encrypted-media 'none';focus-without-user-activation 'none'; geolocation 'none';gyroscope #'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none'; speaker 'none';sync-xhr 'none';usb 'none';vr 'none'"
|
||||||
|
#
|
||||||
|
# # Referer
|
||||||
|
# Referrer-Policy "no-referrer"
|
||||||
|
#
|
||||||
|
# # X-Robots-Tag
|
||||||
|
# X-Robots-Tag "none"
|
||||||
|
#
|
||||||
|
# # Remove Server header
|
||||||
|
# -Server
|
||||||
|
# }
|
||||||
|
#
|
||||||
|
# handle {
|
||||||
|
# encode zstd gzip
|
||||||
|
#
|
||||||
|
# reverse_proxy 127.0.0.1:12080 {
|
||||||
|
# header_up X-Forwarded-Port {http.request.port}
|
||||||
|
# header_up X-Forwarded-Proto {http.request.scheme}
|
||||||
|
# header_up X-Forwarded-TlsProto {tls_protocol}
|
||||||
|
# header_up X-Forwarded-TlsCipher {tls_cipher}
|
||||||
|
# header_up X-Forwarded-HttpsProto {proto}
|
||||||
|
# }
|
||||||
|
# }
|
||||||
|
#}
|
12
examples/caddy2/README.md
Normal file
12
examples/caddy2/README.md
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
# Caddyfile
|
||||||
|
|
||||||
|
This directory contains sample files that show you how to do reverse-proxying using Caddy2.
|
||||||
|
|
||||||
|
## Config
|
||||||
|
|
||||||
|
| Variable | Function |
|
||||||
|
| ------------------ | -------- |
|
||||||
|
| tls your@email.com | Specify an email address for your [ACME account](https://caddyserver.com/docs/caddyfile/directives/tls) (but if only one email is used for all sites, we recommend the email [global option](https://caddyserver.com/docs/caddyfile/options) instead) |
|
||||||
|
| tls | To enable [tls](https://caddyserver.com/docs/caddyfile/directives/tls) support uncomment the lines for tls |
|
||||||
|
| Jitsi | To enable Jitsi support uncomment the lines for Jitsi and set your data |
|
||||||
|
| log {output discard } | No output. You can find the Options in the [Documentaton](https://caddyserver.com/docs/caddyfile/directives/log) for logging |
|
Loading…
Reference in New Issue
Block a user