mirror of
https://github.com/Gouryella/drip.git
synced 2026-02-23 21:00:44 +00:00
35 lines
865 B
Caddyfile
35 lines
865 B
Caddyfile
# Caddyfile for drip-server reverse proxy
|
|
#
|
|
# This configuration:
|
|
# - Obtains wildcard certificate via DNS challenge (Cloudflare)
|
|
# - Reverse proxies HTTPS/WSS traffic to drip-server
|
|
# - Handles all subdomains for tunnel routing
|
|
# - Supports WebSocket connections for WSS transport
|
|
|
|
# Global options
|
|
{
|
|
email {$ACME_EMAIL}
|
|
}
|
|
|
|
# Main domain and all subdomains
|
|
{$DOMAIN}, *.{$DOMAIN} {
|
|
# Use DNS challenge for wildcard certificate
|
|
# Force TLS 1.3 only
|
|
tls {
|
|
dns cloudflare {$CF_API_TOKEN}
|
|
protocols tls1.3 tls1.3
|
|
}
|
|
|
|
# Reverse proxy to drip-server (plain TCP mode)
|
|
reverse_proxy host.docker.internal:8443 {
|
|
# Pass original host header
|
|
header_up Host {host}
|
|
header_up X-Real-IP {remote_host}
|
|
header_up X-Forwarded-For {remote_host}
|
|
header_up X-Forwarded-Proto {scheme}
|
|
|
|
# Flush immediately for streaming/WebSocket
|
|
flush_interval -1
|
|
}
|
|
}
|