ΠΡΠΎΡΡΠΎ http ΡΠ΅ΡΠ²Π΅Ρ Π΄Π»Ρ ΠΏΡΠ±Π»ΠΈΠΊΠ°ΡΠΈΠΈ ΡΠ°ΠΉΡΠΎΠ² ΠΈ ΠΎΡΠ³Π°Π½ΠΈΠ·Π°ΡΠΈΠΈ ΡΠ΅Π²Π΅ΡΡ ΠΏΡΠΎΠΊΡΠΈ. ΠΠ»Ρ Π½Π°ΡΡΡΠΎΠΉΠΊΠΈ ΠΈΡΠΏΠΎΠ»ΡΠ·ΡΠ΅ΡΡΡ ΡΠ°ΠΉΠ» ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ Caddyfile Ρ json ΠΎΠΏΠΈΡΠ°Π½ΠΈΠ΅ΠΌ ΡΠ°ΠΉΡΠΎΠ². ΠΠΌΠ΅Π΅Ρ Π±ΠΎΠ»ΡΡΠΎΠ΅ ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²ΠΎ ΠΌΠΎΠ΄ΡΠ»Π΅ΠΉ ΠΈ ΡΠ°ΡΡΠΈΡΠ΅Π½ΠΈΠΉ, ΠΌΠΎΠΆΠ΅Ρ Π³ΠΈΠ±ΠΊΠΎ Π½Π°ΡΡΡΠ°ΠΈΠ²Π°ΡΡΡΡ.
ΠΠ΅ ΠΈΠΌΠ΅Π΅Ρ Π³ΡΠ°ΡΠΈΡΠ΅ΡΠΊΠΎΠ³ΠΎ ΠΈΠ½ΡΠ΅ΡΡΠ΅ΠΉΡΠ°, Π²ΡΡ Π½Π°ΡΡΡΠΎΠΉΠΊΠ° ΡΠ΅ΡΠ΅Π· ΡΠ°ΠΉΠ» ΠΊΠΎΠ½ΡΠΈΠ³ΡΡΠ°ΡΠΈΠΈ. ΠΠΎΠ΄Π΄Π΅ΡΠΆΠΈΠ²Π°Π΅Ρ dns chelenge.
ΠΡΠΈΡΠΈΠ°Π»ΡΠ½ΡΠΉ ΡΠ°ΠΉΡ: Caddy - The Ultimate Server with Automatic HTTPS
ΠΡΠΎΠ΅ΠΊΡ Π½Π° GitHub GitHub - caddyserver/caddy: Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
ΠΡΠΈΠΌΠ΅Ρ docker compose ΡΠ°ΠΉΠ»Π°:
ΠΠΎΠΊΠ΅Ρ ΡΠ°ΠΉΠ» Π΄Π»Ρ Π·Π°ΠΏΡΡΠΊΠ°
ΠΠ°Π·Π°Π΄:: ΡΠΏΠΈΡΠΎΠΊ ΡΠ°Π±Π»ΠΎΠ½ΠΎΠ²
ΠΠΎΠ΄ΠΎΠ±Π½ΠΎ ΡΠ°Π·ΠΎΠ±ΡΠ°Π½ΠΎ Π² ΡΡΠ°ΡΡΠ΅
ΠΠ°ΡΡΡΠΎΠΉΠΊΠΈ ΠΏΡΠΎΠΊΡΠΈΡΠΎΠ²Π°Π½ΠΈΡ ΡΠΊΠ°Π·ΡΠ²Π°ΡΡΡΡ Π² ΡΠ°ΠΉΠ»Π΅
services:
caddy:
image: ghcr.io/deniom3/caddy-cloudflare-transform:latest
container_name: caddy
restart: unless-stopped
cap_add:
- NET_ADMIN
ports:
- 80:80
- 443:443
environment:
ACME_AGREE: true
CLOUDFLARE_API_TOKEN: <CLOUDFLARE_API_TOKEN>
CLOUDFLARE_EMAIL: <CLOUDFLARE_EMAIL>
DOMAIN: deniom.ru
volumes:
- ./data:/data
- ./config:/config
- ./logs:/logs
- ./Caddyfile:/etc/caddy/Caddyfile
ΠΡΠΈΠΌΠ΅Ρ ΠΊΠΎΠ½ΡΠΈΠ³ ΡΠ°ΠΉΠ»Π°
ΠΡΠΈΠΌΠ΅Ρ Π½Π°ΡΡΡΠΎΠ΅ΠΊ Caddy Π΄Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ ΠΊΠ°ΠΊ ΡΠ΅Π²Π΅ΡΡ ΠΏΡΠΎΠΊΡΠΈ Π² Π΄ΠΎΠΌΠ°ΡΠ½Π΅ΠΉ ΡΠ΅ΡΠΈ. ΠΠΎΠ΄ΡΠΎΠ±Π½Π°Ρ Π½Π°ΡΡΡΠΎΠΉΠΊΠ° ΡΠ°ΡΡΠΌΠΎΡΡΠ΅Π½Π° Π² ΠΠ°ΡΡΡΠΎΠΉΠΊΠ° ΡΠ΅Π²Π΅ΡΡ ΠΏΡΠΎΠΊΡΠΈ Caddy ΠΈ Fail2Ban Π² docker.
(common) {
header /* {
-Server
}
}
(cloudflare) {
import common
tls {
dns cloudflare {env.CLOUDFLARE_API_TOKEN}
}
}
(local) {
@allowed remote_ip 192.168.0.0/24
handle {
respond 401
}
}
{
log access-log {
include http.log.access
output file /logs/access.log {
roll_keep_for 48h
}
format transform `{ts} {request>headers>X-Forwarded-For>[0]:request>remote_ip} {request>host} {request>method} {request>uri} {status}` {
time_format "02/Jan/2006:15:04:05"
}
}
}
home-assistant.{env.DOMAIN} {
import cloudflare
log
reverse_proxy 192.168.0.125:8123
}
vaultwarden.{env.DOMAIN} {
import cloudflare
log
reverse_proxy 192.168.0.132:10380 {
header_up X-Real-IP {remote_host}
}
}
nextcloud.{env.DOMAIN} {
import cloudflare
log
reverse_proxy 192.168.0.133:11000
}
immich.{env.DOMAIN} {
import cloudflare
log
reverse_proxy 192.168.0.136:2283
}
jackett.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.134:9117
}
}
plex.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.134:32400
}
}
portainer.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.132:9000
}
}
adguard.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.1:8080
}
}
perenio.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.115:80
}
}
homed.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.115:8080
}
}
sonarr.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.134:8989
}
}
radarr.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.134:7878
}
}
qbittorrent.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.134:8080
}
}
casaos.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.132:8080
}
}
calibre.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.132:8083
}
}
readeck.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.132:8082
}
}
gitea.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.132:3002
}
}
grafana.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.135:3000
}
}
influxdb.{env.DOMAIN} {
import local
import cloudflare
log
handle @allowed {
reverse_proxy 192.168.0.135:8086
}
}
ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅:: ΠΠ΅Π³ΠΊΠΈΠΉ ΡΠ΅Π²Π΅ΡΡ ΠΏΡΠΎΠΊΡΠΈ