vegard
c0b89949e3
SpacetimeDB ble fjernet i 22.4. Denne oppryddingen: - Arkiverer spacetimedb_integrasjon.md og adapter_moenster.md til docs/erfaringer/arkiv/ - Fjerner SpacetimeDB reverse proxy-blokk fra Caddyfile - Fjerner SpacetimeDB-loven fra Claude feedback-memories (ikke lenger relevant) - Oppdaterer docs-referanser i CLAUDE.md, erfaringer/README.md, selvdokumenterende_system.md og tasks.md - Markerer fase 22 som fullført i avhengighetsgrafen
105 lines
3 KiB
Caddyfile
105 lines
3 KiB
Caddyfile
# Synops — Caddyfile
|
|
#
|
|
# Eneste tjeneste med eksponerte porter (80/443).
|
|
# Alt annet rutes internt via Docker-nettverket sidelinja-net.
|
|
# Auto-TLS via Let's Encrypt for alle domener.
|
|
|
|
# === Felles favicon-snippet ===
|
|
(favicon) {
|
|
handle /favicon.ico {
|
|
root * /srv/static
|
|
file_server
|
|
}
|
|
handle /apple-touch-icon.png {
|
|
root * /srv/static
|
|
file_server
|
|
}
|
|
handle /icon-*.png {
|
|
root * /srv/static
|
|
file_server
|
|
}
|
|
}
|
|
|
|
# === SSO ===
|
|
auth.sidelinja.org {
|
|
reverse_proxy authentik-server:9000
|
|
}
|
|
|
|
# === Sidelinja (hovedapplikasjon) ===
|
|
sidelinja.org {
|
|
import favicon
|
|
|
|
# Podcast media (statiske filer med byte-range support)
|
|
handle_path /media/* {
|
|
root * /srv/media
|
|
file_server {
|
|
browse
|
|
}
|
|
}
|
|
|
|
# SvelteKit (frontend + SSR API)
|
|
# Aktiveres når SvelteKit-containeren er klar (fase 3)
|
|
# reverse_proxy sveltekit:3000
|
|
|
|
header Content-Type text/html
|
|
respond `<!DOCTYPE html><html><head><meta charset="utf-8"><title>sidelinja.org</title><link rel="icon" href="/favicon.ico" sizes="32x32"><link rel="icon" href="/icon-192.png" type="image/png" sizes="192x192"><link rel="apple-touch-icon" href="/apple-touch-icon.png"></head><body><p>sidelinja.org — underveis!</p></body></html>` 200
|
|
}
|
|
|
|
# === Maskinrommet API ===
|
|
api.sidelinja.org {
|
|
reverse_proxy host.docker.internal:3100
|
|
}
|
|
|
|
# === Forgejo (Git) ===
|
|
git.sidelinja.org {
|
|
reverse_proxy forgejo:3000
|
|
}
|
|
|
|
# === Synops (plattformdomene) ===
|
|
# Subdomener (api.synops.no, auth.synops.no osv.) legges til individuelt
|
|
# etter behov — HTTP-challenge fungerer per subdomain uten DNS-plugin.
|
|
synops.no {
|
|
import favicon
|
|
|
|
header Content-Type text/html
|
|
respond `<!DOCTYPE html><html><head><meta charset="utf-8"><title>synops.no</title><link rel="icon" href="/favicon.ico" sizes="32x32"><link rel="icon" href="/icon-192.png" type="image/png" sizes="192x192"><link rel="apple-touch-icon" href="/apple-touch-icon.png"></head><body><p>synops.no — underveis!</p></body></html>` 200
|
|
}
|
|
|
|
# === Vegard.info ===
|
|
vegard.info {
|
|
import favicon
|
|
|
|
header Content-Type text/html
|
|
respond `<!DOCTYPE html><html><head><meta charset="utf-8"><title>vegard.info</title><link rel="icon" href="/favicon.ico" sizes="32x32"><link rel="icon" href="/icon-192.png" type="image/png" sizes="192x192"><link rel="apple-touch-icon" href="/apple-touch-icon.png"></head><body><p>vegard.info — underveis!</p></body></html>` 200
|
|
}
|
|
|
|
# === Custom domains for publiseringssamlinger ===
|
|
# On-demand TLS: Caddy henter sertifikat kun for domener som maskinrommet
|
|
# bekrefter via /internal/verify-domain. Forespørsler rutes til
|
|
# maskinrommets /custom-domain/-ruter med Host-headeren bevart.
|
|
# Ref: docs/concepts/publisering.md § "Custom domain-mekanisme"
|
|
:443 {
|
|
tls {
|
|
on_demand {
|
|
ask http://host.docker.internal:3100/internal/verify-domain
|
|
}
|
|
}
|
|
|
|
# RSS/Atom feed
|
|
handle /feed.xml {
|
|
rewrite * /custom-domain/feed.xml
|
|
reverse_proxy host.docker.internal:3100
|
|
}
|
|
|
|
# Forside
|
|
handle / {
|
|
rewrite * /custom-domain/index
|
|
reverse_proxy host.docker.internal:3100
|
|
}
|
|
|
|
# Artikler (alt annet)
|
|
handle {
|
|
rewrite * /custom-domain{uri}
|
|
reverse_proxy host.docker.internal:3100
|
|
}
|
|
}
|