52 lines
1.4 KiB
Caddyfile
52 lines
1.4 KiB
Caddyfile
{
|
|
debug
|
|
}
|
|
|
|
# Hauptdomain und IP-Adresse für die Anwendung
|
|
53.37.211.254, m040tbaraspi001.de040.corpintra.net, m040tbaraspi001, de040.corpintra.net, localhost {
|
|
# API Anfragen zum Backend weiterleiten
|
|
@api {
|
|
path /api/* /health
|
|
}
|
|
handle @api {
|
|
uri strip_prefix /api
|
|
reverse_proxy 192.168.0.5:5000
|
|
}
|
|
|
|
# Alle anderen Anfragen zum Frontend weiterleiten
|
|
handle {
|
|
reverse_proxy myp-rp:3000
|
|
}
|
|
|
|
tls internal {
|
|
on_demand
|
|
}
|
|
|
|
# Erlaube HTTP -> HTTPS Redirects für OAuth
|
|
@oauth path /auth/login/callback*
|
|
handle @oauth {
|
|
header Cache-Control "no-cache"
|
|
reverse_proxy myp-rp:3000
|
|
}
|
|
|
|
# Allgemeine Header für Sicherheit und Caching
|
|
header {
|
|
# Sicherheitsheader
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "SAMEORIGIN"
|
|
Referrer-Policy "strict-origin-when-cross-origin"
|
|
|
|
# Cache-Control für statische Assets
|
|
@static {
|
|
path *.js *.css *.png *.jpg *.svg *.ico *.woff *.woff2
|
|
}
|
|
header @static Cache-Control "public, max-age=86400"
|
|
|
|
# Keine Caches für dynamische Inhalte
|
|
@dynamic {
|
|
not path *.js *.css *.png *.jpg *.svg *.ico *.woff *.woff2
|
|
}
|
|
header @dynamic Cache-Control "no-store, no-cache, must-revalidate"
|
|
}
|
|
} |