Maurice/alpine-server-setup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix caddy

Browse Source
This commit is contained in:
Maurice
2025-10-03 16:23:09 +02:00
parent bd02770b02
commit 45bbaa1041
5 changed files with 45 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
services/caddy/Caddyfile
View File

@@ -7,8 +7,7 @@
exclude http.log.access exclude http.log.access
} }
# Write access logs to the logs volume in json # Write access logs to the logs volume in JSON format. Only keep logs for the last 30 days.
# format. Only keep logs for the last 30 days.
log access { log access {
format json format json
output file /data/logs/access.log { output file /data/logs/access.log {
@@ -17,24 +16,17 @@
} }
} }
# Block with default http config that accepts requests on # Block with default HTTP config that redirects to HTTPS
# fd/3 and redirects to https.
(https-redir) { (https-redir) {
bind fd/3 { bind *:80 # Listen on port 80 (HTTP)
protocols h1 protocols h1 h2 # Enable HTTP/1 and HTTP/2
}
redir https://{host}{uri} 308 redir https://{host}{uri} 308
} }
# Block with default https config that accepts requests on # Block with default HTTPS config that accepts requests on port 443 (HTTP/1, HTTP/2, and HTTP/3)
# fd/4 and fdgram/5.
(https) { (https) {
bind fd/4 { bind *:443 # Listen on port 443 (HTTPS)
protocols h1 h2 protocols h1 h2 h3 # Enable HTTP/1, HTTP/2, and HTTP/3 (QUIC)
}
bind fdgram/5 {
protocols h3
}
} }
# Block with compression configuration. # Block with compression configuration.
@@ -42,8 +34,7 @@
encode zstd gzip encode zstd gzip
} }
# Block with headers that should be used by most # Block with headers that should be used by most sites. Add HSTS and other security headers.
# sites. Add HSTS and some other security headers.
# Remove the server header because without it caddy # Remove the server header because without it caddy
# leaks the backend server version. # leaks the backend server version.
# https://scotthelme.co.uk/a-new-security-header-referrer-policy/ # https://scotthelme.co.uk/a-new-security-header-referrer-policy/

4
services/caddy/install.sh Normal file
View File

@@ -0,0 +1,4 @@
#!/bin/sh
chmod +x /etc/init.d/caddy.service
rc-update add caddy.service default
rc-service caddy.service start

3
services/caddy/update.sh
View File

@@ -2,9 +2,6 @@
mkdir -p /var/containers/caddy mkdir -p /var/containers/caddy
cp -f ./Caddyfile /var/containers/caddy/Caddyfile cp -f ./Caddyfile /var/containers/caddy/Caddyfile
chown -R podman:podman /var/containers/caddy chown -R podman:podman /var/containers/caddy
chmod +x /etc/init.d/caddy.service
rc-update add caddy.service default
rc-service caddy.service start
if [ "$1" = "reload" ]; then if [ "$1" = "reload" ]; then
podman exec caddy caddy reload -c /etc/caddy/Caddyfile podman exec caddy caddy reload -c /etc/caddy/Caddyfile

10
services/jellyfin/install.sh Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
chown -R podman:podman /mnt/ssd/jellyfin
chmod -R 775 /mnt/ssd/jellyfin
chmod +x /etc/init.d/jellyfin.service
rc-update add jellyfin.service default
rc-service jellyfin.service start
# If you encounter the following error: Error: statfs /mnt/ssd/jellyfin: no such file or directory
# Please run "podman system migrate"...

2
update.sh
View File

@@ -24,7 +24,7 @@ for service in "./services"/*/; do
for caddyfile in *.caddy; do for caddyfile in *.caddy; do
[ -e "$caddyfile" ] || continue [ -e "$caddyfile" ] || continue
CADDY_NAME="${caddyfile%.caddy}" CADDY_NAME="${caddyfile%.caddy}"
cp -f "./$caddyfile" "/var/containers/caddy/$CADDY_NAME" cp -f "./$caddyfile" "/var/containers/caddy/$CADDY_NAME.caddy"
done done
cd "$base_dir" cd "$base_dir"