fix: apply local patches for self-hosted dev environment
Some checks failed
deploy api / channel-vars (push) Successful in 14s
deploy app / channel-vars (push) Successful in 4s
test cassandra-backup / Test latest Cassandra backup (push) Has been cancelled
deploy api / Deploy api (push) Has been cancelled
deploy app / Deploy app (push) Has been cancelled
Some checks failed
deploy api / channel-vars (push) Successful in 14s
deploy app / channel-vars (push) Successful in 4s
test cassandra-backup / Test latest Cassandra backup (push) Has been cancelled
deploy api / Deploy api (push) Has been cancelled
deploy app / Deploy app (push) Has been cancelled
- Caddyfile: add security headers, X-Forwarded-For, serve app from static files - compose: add FLUXER_API_PUBLIC_ENDPOINT for admin service - rate limits: relax auth register/login for dev (50/60s) - rspack: read CDN_ENDPOINT from env instead of hardcoded fluxerstatic.com - gitignore: add dev/secret.txt - add dev/livekit.yaml for local LiveKit config
This commit is contained in:
root
@@ -1,59 +1,91 @@
|
||||
:8088 {
|
||||
encode zstd gzip
|
||||
|
||||
# Security headers
|
||||
header {
|
||||
# HSTS
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
# Prevent clickjacking
|
||||
X-Frame-Options "SAMEORIGIN"
|
||||
# XSS protection
|
||||
X-Content-Type-Options "nosniff"
|
||||
# Referrer policy
|
||||
Referrer-Policy "strict-origin-when-cross-origin"
|
||||
# Remove server info
|
||||
-Server
|
||||
}
|
||||
|
||||
@api path /api/*
|
||||
handle @api {
|
||||
handle_path /api/* {
|
||||
reverse_proxy api:8080
|
||||
reverse_proxy api:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@media path /media/*
|
||||
handle @media {
|
||||
handle_path /media/* {
|
||||
reverse_proxy media:8080
|
||||
reverse_proxy media:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@s3 path /s3/*
|
||||
handle @s3 {
|
||||
handle_path /s3/* {
|
||||
reverse_proxy minio:9000
|
||||
reverse_proxy minio:9000 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@admin path /admin /admin/*
|
||||
handle @admin {
|
||||
uri strip_prefix /admin
|
||||
reverse_proxy admin:8080
|
||||
reverse_proxy admin:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
|
||||
@marketing path /marketing /marketing/*
|
||||
handle @marketing {
|
||||
uri strip_prefix /marketing
|
||||
reverse_proxy marketing:8080
|
||||
reverse_proxy marketing:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
|
||||
@gateway path /gateway /gateway/*
|
||||
handle @gateway {
|
||||
uri strip_prefix /gateway
|
||||
reverse_proxy gateway:8080
|
||||
reverse_proxy gateway:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
|
||||
@livekit path /livekit /livekit/*
|
||||
handle @livekit {
|
||||
handle_path /livekit/* {
|
||||
reverse_proxy livekit:7880
|
||||
reverse_proxy livekit:7880 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@metrics path /metrics /metrics/*
|
||||
handle @metrics {
|
||||
uri strip_prefix /metrics
|
||||
reverse_proxy metrics:8080
|
||||
reverse_proxy metrics:8080 {
|
||||
header_up X-Forwarded-For {remote}
|
||||
}
|
||||
}
|
||||
|
||||
handle {
|
||||
reverse_proxy host.docker.internal:3000
|
||||
root * /app/dist
|
||||
try_files {path} /index.html
|
||||
file_server
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user