mirror of
https://github.com/mat-1/matdoesdev.git
synced 2025-08-02 14:46:04 +00:00
406 lines
No EOL
8.7 KiB
Caddyfile
406 lines
No EOL
8.7 KiB
Caddyfile
# xcaddy build \
|
|
# --with github.com/mat-1/matdoesdev-caddy
|
|
{
|
|
log default {
|
|
output file /var/log/caddy/caddy.log
|
|
format json
|
|
include http.log.access
|
|
}
|
|
}
|
|
|
|
(https_redirect) {
|
|
@do_https_redirect {
|
|
not header_regexp veryoldbrowser User-Agent Navigator|MSIE|Mosaic|Kindle|^curl|NintendoBrowser/
|
|
not host *.onion *.*.onion
|
|
protocol http
|
|
}
|
|
redir @do_https_redirect https://{host}{uri}
|
|
}
|
|
|
|
(gif_redirect) {
|
|
@do_not_gif_redirect {
|
|
not header_regexp oldweb_today Origin http://localhost:10001
|
|
not header_regexp oldweb_today Origin oldweb.today
|
|
not header_regexp veryveryoldbrowser User-Agent Navigator|MSIE|NCSA_Mosaic
|
|
}
|
|
vars not_gif_redirect false
|
|
vars @do_not_gif_redirect not_gif_redirect true
|
|
@do_gif_redirect {
|
|
expression `{vars.not_gif_redirect} == false`
|
|
path_regexp ^/retro/.*\.png$
|
|
}
|
|
|
|
uri @do_gif_redirect path_regexp \.png$ .gif
|
|
}
|
|
|
|
# this is necessary for http:// to work on old browsers
|
|
http://matdoes.dev https://matdoes.dev http://matctazmu565vivubva3p3bulaneangiff47xmnezzjx2nuinwjoxjyd.onion {
|
|
import https_redirect
|
|
import gif_redirect
|
|
|
|
@not_retro not path /retro
|
|
header @not_retro Server "caddy i think"
|
|
header /retro Server "CERN httpd"
|
|
|
|
# block chrome but not chromium-based browsers
|
|
@chrome {
|
|
header_regexp chrome User-Agent Chrome\/[0-9./]+\s(Mobile\s)?Safari\/[0-9./]+$
|
|
not header_regexp not_chrome User-Agent Googlebot/|eightyeightthirtyone
|
|
not path /dot_git/*
|
|
}
|
|
# respond @chrome "This site is best viewed with Firefox (or any browser that isn't Chrome).
|
|
|
|
#If you're unable to use Firefox, you can also access this website via SSH, Gemini, Gopher, Finger, Telnet, and some others." 403
|
|
|
|
# easter egg that makes old browsers show the retro page
|
|
@retro_redirect {
|
|
path /
|
|
header_regexp oldbrowser User-Agent PaleMoon|Trident|MSIE|Netscape|Navigator|Mosaic
|
|
}
|
|
redir @retro_redirect http://matdoes.dev/retro 302
|
|
|
|
root * /www
|
|
file_server {
|
|
precompressed br gzip
|
|
}
|
|
|
|
# redirect to .json if the user requested application/json
|
|
@json {
|
|
header Accept application/json
|
|
not path *.json
|
|
}
|
|
@json_index {
|
|
header Accept application/json
|
|
path /
|
|
}
|
|
rewrite @json_index /.json
|
|
rewrite @json {path}.json
|
|
|
|
# redirect to .txt if the user requested text/plain
|
|
@txt {
|
|
header Accept text/plain
|
|
not path *.txt
|
|
}
|
|
@txt_index {
|
|
header Accept text/plain
|
|
path /
|
|
}
|
|
rewrite @txt_index /.txt
|
|
rewrite @txt {path}.txt
|
|
# rewrite /.txt to /index.txt
|
|
rewrite /.txt /index.txt
|
|
|
|
# make /index.html show different page
|
|
rewrite /index.html /index.htm
|
|
header /index.html Server nginx
|
|
|
|
# don't require .html
|
|
try_files {path} {path}.html
|
|
|
|
# allow requests from anywhere
|
|
header Access-Control-Allow-Origin "*"
|
|
|
|
# advertise onion site in headers
|
|
@website host matdoes.dev
|
|
header @website Onion-Location http://matctazmu565vivubva3p3bulaneangiff47xmnezzjx2nuinwjoxjyd.onion{path}
|
|
|
|
log {
|
|
output file /var/log/caddy/matdoes.dev.log
|
|
}
|
|
|
|
# fediverse webfinger support
|
|
handle /.well-known/host-meta {
|
|
redir https://f.matdoes.dev{uri}
|
|
}
|
|
handle /.well-known/webfinger {
|
|
redir https://f.matdoes.dev{uri}
|
|
}
|
|
# matrix support
|
|
handle /.well-known/matrix/* {
|
|
redir https://matrix.matdoes.dev{uri}
|
|
}
|
|
|
|
# .git easter egg
|
|
uri /.git/* replace .git dot_git 1
|
|
|
|
route /buttons/88x31.* {
|
|
uri strip_prefix /buttons
|
|
file_server {
|
|
root /opt/x227f
|
|
}
|
|
}
|
|
route /buttons/stats.json {
|
|
uri strip_prefix /buttons
|
|
file_server {
|
|
root /opt/x227f
|
|
}
|
|
}
|
|
handle_path /buttons/i/* {
|
|
try_files {path} {path}.png {path}.gif {path}.jpg {path}.webp {path}.avif {path}.bmp
|
|
root * /opt/x227f/buttons
|
|
file_server
|
|
}
|
|
handle_path /minecraft-uuids/api/* {
|
|
rewrite * {path}.gz
|
|
file_server {
|
|
root /opt/minecraft-uuids-api
|
|
}
|
|
header Content-Type text/plain
|
|
header Content-Encoding gzip
|
|
}
|
|
route /sandcats/* {
|
|
uri strip_prefix /sandcats
|
|
file_server {
|
|
root /opt/sandcats
|
|
}
|
|
}
|
|
route /retro/music/* {
|
|
uri strip_prefix /retro/music
|
|
file_server {
|
|
root /opt/music
|
|
}
|
|
}
|
|
|
|
handle_path /shwecky {
|
|
reverse_proxy https://shrecked.dev {
|
|
header_up Host shrecked.dev
|
|
}
|
|
}
|
|
|
|
route /status.json {
|
|
reverse_proxy 127.0.0.1:9247 {
|
|
rewrite /
|
|
}
|
|
}
|
|
|
|
handle_errors 400 {
|
|
respond "🐟"
|
|
}
|
|
handle_errors {
|
|
@should_be_404 {
|
|
expression {http.error.status_code} == 404
|
|
not random_paths 0.05
|
|
}
|
|
@should_be_451 {
|
|
expression {http.error.status_code} == 404
|
|
random_paths 0.05
|
|
}
|
|
|
|
vars is_451 false
|
|
vars @should_be_451 is_451 true
|
|
@is_451 `{vars.is_451} == true`
|
|
@is_not_451 `{vars.is_451} == false`
|
|
|
|
rewrite @is_451 /451.html
|
|
file_server @is_451 {
|
|
status 451
|
|
}
|
|
|
|
rewrite @should_be_404 /404.html
|
|
file_server @is_not_451
|
|
}
|
|
}
|
|
|
|
staging.matdoes.dev {
|
|
log
|
|
root * /www-staging
|
|
file_server {
|
|
precompressed br gzip
|
|
}
|
|
|
|
# redirect to .json if the user requested application/json
|
|
@json {
|
|
header Accept application/json
|
|
not path *.json
|
|
}
|
|
@json_index {
|
|
header Accept application/json
|
|
path /
|
|
}
|
|
rewrite @json_index /.json
|
|
rewrite @json {path}.json
|
|
|
|
# don't require .html
|
|
try_files {path} {path}.html
|
|
|
|
handle /robots.txt {
|
|
respond "User-agent: *
|
|
Disallow: /"
|
|
}
|
|
}
|
|
|
|
(matrix_media_proxy) {
|
|
handle /_matrix/media/*/download/matdoes.dev/discord_* {
|
|
header Access-Control-Allow-Origin *
|
|
# Remove path prefix
|
|
uri path_regexp ^/_matrix/media/.+/download/matdoes\.dev/discord_ /
|
|
# The mxc patterns use | instead of /, so replace it first turning it into attachments/1234/5678/filename.png
|
|
uri replace "%7C" /
|
|
reverse_proxy {
|
|
# reverse_proxy automatically includes the uri, so no {uri} at the end
|
|
to https://cdn.discordapp.com
|
|
# Caddy doesn't set the Host header automatically when reverse proxying
|
|
# (because usually reverse proxies are local and don't care about Host headers)
|
|
header_up Host cdn.discordapp.com
|
|
}
|
|
}
|
|
# Do the same for thumbnails, but redirect to media.discordapp.net (which is Discord's thumbnailing server, and happens to use similar width/height params as Matrix)
|
|
# Alternatively, you can point this at cdn.discordapp.com too. Clients shouldn't mind even if they get a bigger image than they asked for.
|
|
handle /_matrix/media/*/thumbnail/matdoes.dev/discord_* {
|
|
header Access-Control-Allow-Origin *
|
|
uri path_regexp ^/_matrix/media/.+/thumbnail/matdoes\.dev/discord_ /
|
|
uri replace "%7C" /
|
|
reverse_proxy {
|
|
to https://media.discordapp.net
|
|
header_up Host media.discordapp.net
|
|
}
|
|
}
|
|
}
|
|
matrix.matdoes.dev matrix.matdoes.dev:8448 {
|
|
log {
|
|
output file /var/log/caddy/matrix.matdoes.dev.log
|
|
}
|
|
handle /.well-known/matrix/server {
|
|
header content-type application/json
|
|
respond "{\"m.server\":\"matrix.matdoes.dev\"}"
|
|
}
|
|
handle /.well-known/matrix/client {
|
|
reverse_proxy 127.0.0.1:81
|
|
}
|
|
handle {
|
|
reverse_proxy 127.0.0.1:6167
|
|
}
|
|
}
|
|
|
|
stats.matrix.matdoes.dev {
|
|
log
|
|
reverse_proxy 127.0.0.1:81
|
|
}
|
|
|
|
fedi.matdoes.dev {
|
|
log
|
|
handle * {
|
|
redir https://f.matdoes.dev{uri}
|
|
}
|
|
}
|
|
|
|
f.matdoes.dev media.f.matdoes.dev cache.f.matdoes.dev {
|
|
log {
|
|
output file /var/log/caddy/f.matdoes.dev.log
|
|
}
|
|
@chrome {
|
|
header_regexp chrome User-Agent Chrome\/[0-9./]+\s(Mobile\s)?Safari\/[0-9./]+$
|
|
not header User-Agent *Googlebot/*
|
|
}
|
|
|
|
respond @chrome "This site is best viewed with Firefox (or literally any browser that isn't Chrome)." 403
|
|
reverse_proxy 127.0.0.1:4000
|
|
}
|
|
git.matdoes.dev {
|
|
log
|
|
reverse_proxy 127.0.0.1:3000
|
|
}
|
|
http://s.matdoes.dev https://s.matdoes.dev {
|
|
import https_redirect
|
|
log
|
|
|
|
reverse_proxy 127.0.0.1:28019
|
|
}
|
|
|
|
staging.s.matdoes.dev {
|
|
log
|
|
reverse_proxy 127.0.0.1:28020
|
|
}
|
|
|
|
mail.matdoes.dev {
|
|
log
|
|
respond "mat's mail server :)"
|
|
}
|
|
|
|
matdoes.dev. {
|
|
log
|
|
# tls /home/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/matdoes.dev/matdoes.dev.crt /home/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/matdoes.dev/matdoes.dev.key
|
|
|
|
respond "meow"
|
|
}
|
|
|
|
jmap.matdoes.dev {
|
|
log {
|
|
output file /var/log/caddy/jmap.matdoes.dev.log
|
|
}
|
|
|
|
header Access-Control-Allow-Origin "*"
|
|
header Access-Control-Allow-Methods "*"
|
|
header Access-Control-Allow-Headers "*"
|
|
|
|
# reverse_proxy https://localhost:8080 {
|
|
# transport http {
|
|
# tls
|
|
# tls_insecure_skip_verify
|
|
# }
|
|
# }
|
|
reverse_proxy http://localhost:8080
|
|
}
|
|
|
|
matdoes.dev:3 {
|
|
log
|
|
header {
|
|
colon3 :3
|
|
Content-Type :3
|
|
Date :3
|
|
Server :3
|
|
}
|
|
respond ":3
|
|
"
|
|
}
|
|
|
|
meowww.matdoes.dev {
|
|
log
|
|
reverse_proxy 127.0.0.1:11351
|
|
}
|
|
|
|
hetzner.matdoes.dev {
|
|
log
|
|
redir https://matdoes.dev{uri}
|
|
}
|
|
|
|
5.161.205.195 {
|
|
log
|
|
header {
|
|
Content-Type text/html
|
|
Server "i forgor"
|
|
}
|
|
respond "uwu" 402
|
|
}
|
|
|
|
mcassets.matdoes.dev {
|
|
log
|
|
reverse_proxy 127.0.0.1:10573
|
|
}
|
|
|
|
www.www.matdoes.dev {
|
|
log
|
|
header {
|
|
Content-Type text/html
|
|
Server "meow"
|
|
}
|
|
respond "<meta http-equiv=\"refresh\" content=\"15;url=https://matdoes.dev\">nyaaaaaaaaaaaaaaaaaaa" 200
|
|
}
|
|
|
|
www.matdoes.dev {
|
|
log
|
|
redir https://matdoes.dev{uri}
|
|
}
|
|
|
|
seized.matdoes.dev {
|
|
log
|
|
handle /b/* {
|
|
reverse_proxy 127.0.0.1:11270
|
|
}
|
|
handle /banners.json {
|
|
reverse_proxy 127.0.0.1:11270
|
|
}
|
|
reverse_proxy 127.0.0.1:3962
|
|
} |