sijapi/Extras/Caddyfile.example

96 lines
2.2 KiB
Text

{
log {
output file /var/log/caddy/logfile.log
level INFO
}
admin localhost:2019
servers {
metrics
}
email !{!{ YOUR EMAIL ADDRESS }!}!
}
# This is an extremely permissive CORS config. Dial it back as your use case allows.
(cors) {
@cors_preflight method OPTIONS
header {
Access-Control-Allow-Origin "*"
Access-Control-Expose-Headers "Authorization"
Access-Control-Allow-Credentials "true"
Access-Control-Allow-Headers "Authorization, Content-Type"
}
handle @cors_preflight {
header {
Access-Control-Allow-Methods "GET, POST, PUT, PATCH, DELETE"
Access-Control-Max-Age "3600"
}
respond "" 204
}
}
# Specify which endpoints are public, one or more methods of API key authentication, and your load balancing priority (if any)
!{!{ YOUR SIJAPI SUBDOMAIN }!}! {
import cors
@public {
path /img/* /oauth /oauth/* /o365 /o365/* /ip /health /health* /health/* /id /identity
}
@apiKeyAuthHeader {
header Authorization "Bearer !{!{ YOUR GLOBAL_API_KEY }!}!"
}
@apiKeyAuthQuery {
query api_key=!{!{ YOUR GLOBAL_API_KEY }!}!
}
handle @public {
reverse_proxy {
to !{!{ YOUR IP(s) WHERE SIJAPI IS RUNNING, WITH PORTS, e.g. 100.64.64.20:4444 10.13.37.30:4444 localhost:4444 }!}!
lb_policy first
health_uri /health
health_interval 10s
health_timeout 5s
health_status 2xx
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Proto {scheme}
}
}
handle @apiKeyAuthHeader {
reverse_proxy {
to !{!{ YOUR IP(s) WHERE SIJAPI IS RUNNING, WITH PORTS, e.g. 100.64.64.20:4444 10.13.37.30:4444 localhost:4444 }!}!
lb_policy first
health_uri /health
health_interval 10s
health_timeout 5s
health_status 2xx
}
}
handle @apiKeyAuthQuery {
reverse_proxy {
to !{!{ YOUR IP(s) WHERE SIJAPI IS RUNNING, WITH PORTS, e.g. 100.64.64.20:4444 10.13.37.30:4444 localhost:4444 }!}!
lb_policy first
health_uri /health
health_interval 10s
health_timeout 5s
health_status 2xx
}
}
handle {
respond "Unauthorized: Valid API key required" 401
}
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
log {
output file /var/log/caddy/sijapi.log {
roll_size 100mb
roll_keep 5
roll_keep_for 720h
}
format json {
time_format "iso8601"
message_key "message"
}
}
}