netmaker/docker/Caddyfile

# Dashboard
https://dashboard.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
	# Apply basic security headers
	header {
		# Enable cross origin access to *.NETMAKER_BASE_DOMAIN
		Access-Control-Allow-Origin *.NETMAKER_BASE_DOMAIN
		# Enable HTTP Strict Transport Security (HSTS)
		Strict-Transport-Security "max-age=31536000;"
		# Enable cross-site filter (XSS) and tell browser to block detected attacks
		X-XSS-Protection "1; mode=block"
		# Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)
		X-Frame-Options "SAMEORIGIN"
		# Prevent search engines from indexing
		X-Robots-Tag "none"
		# Remove the server name
		-Server
	}

	reverse_proxy http://netmaker-ui
}

# API
https://api.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
	reverse_proxy http://netmaker:8081
}

# STUN
https://stun.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
	reverse_proxy netmaker:3478
}

# TURN
https://turn.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
	reverse_proxy host.docker.internal:3479
}

# TURN API
https://turnapi.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
    reverse_proxy http://host.docker.internal:8089
}

# MQ
wss://broker.NETMAKER_BASE_DOMAIN {
	tls /root/certs/fullchain.pem /root/certs/privkey.pem
	reverse_proxy ws://mq:8883 # For EMQX websockets use `reverse_proxy ws://mq:8083`
}
updating install docs and adding script 2021-10-04 03:50:22 +08:00			`# Dashboard`
			`https://dashboard.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
- request and mount certs - handle caddy challenge - docker fixes - pull nm-certs.sh 2023-05-05 23:17:39 +08:00			`# Apply basic security headers`
			`header {`
			`# Enable cross origin access to *.NETMAKER_BASE_DOMAIN`
			`Access-Control-Allow-Origin *.NETMAKER_BASE_DOMAIN`
			`# Enable HTTP Strict Transport Security (HSTS)`
			`Strict-Transport-Security "max-age=31536000;"`
			`# Enable cross-site filter (XSS) and tell browser to block detected attacks`
			`X-XSS-Protection "1; mode=block"`
			`# Disallow the site to be rendered within a frame on a foreign domain (clickjacking protection)`
			`X-Frame-Options "SAMEORIGIN"`
			`# Prevent search engines from indexing`
			`X-Robots-Tag "none"`
			`# Remove the server name`
			`-Server`
			`}`
Add basic security headers 2022-01-14 04:05:16 +08:00
- request and mount certs - handle caddy challenge - docker fixes - pull nm-certs.sh 2023-05-05 23:17:39 +08:00			`reverse_proxy http://netmaker-ui`
updating install docs and adding script 2021-10-04 03:50:22 +08:00			`}`

			`# API`
			`https://api.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
- request and mount certs - handle caddy challenge - docker fixes - pull nm-certs.sh 2023-05-05 23:17:39 +08:00			`reverse_proxy http://netmaker:8081`
updating install docs and adding script 2021-10-04 03:50:22 +08:00			`}`
updating compose, installers 2022-11-29 01:16:50 +08:00
docker compose update, add stun to caddyfile 2022-12-06 21:57:38 +08:00			`# STUN`
			`https://stun.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
docker compose update, add stun to caddyfile 2022-12-06 21:57:38 +08:00			`reverse_proxy netmaker:3478`
			`}`

turn server poc 2023-03-22 15:00:03 +08:00			`# TURN`
use public ip func from netmaker 2023-04-26 18:25:56 +08:00			`https://turn.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
use host.docker.internal for turn services 2023-04-26 21:28:30 +08:00			`reverse_proxy host.docker.internal:3479`
use public ip func from netmaker 2023-04-26 18:25:56 +08:00			`}`

nm-certs.sh - support EE and new domains - minor fixes 2023-05-08 16:50:30 +08:00			`# TURN API`
use public ip func from netmaker 2023-04-26 18:25:56 +08:00			`https://turnapi.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
Merge branch 'develop' into NET-39/nm-quick-refactor # Conflicts: # docker/Caddyfile # scripts/nm-quick.sh 2023-05-08 15:29:39 +08:00			`reverse_proxy http://host.docker.internal:8089`
turn server poc 2023-03-22 15:00:03 +08:00			`}`

updating compose, installers 2022-11-29 01:16:50 +08:00			`# MQ`
			`wss://broker.NETMAKER_BASE_DOMAIN {`
- fixed cert mounting - fixed caddy restart in nm-certs.sh - aligned all configs 2023-05-10 23:27:53 +08:00			`tls /root/certs/fullchain.pem /root/certs/privkey.pem`
- request and mount certs - handle caddy challenge - docker fixes - pull nm-certs.sh 2023-05-05 23:17:39 +08:00			reverse_proxy ws://mq:8883 # For EMQX websockets use `reverse_proxy ws://mq:8083`
updating compose, installers 2022-11-29 01:16:50 +08:00			`}`