{ auto_https disable_redirects storage file_system { root /mnt/data/caddy } servers { # trusted_proxies placeholder } log { level ERROR } } https://{$ADDITIONAL_TRUSTED_DOMAIN}:443, {$PROTOCOL}://{$NC_DOMAIN}:{$APACHE_PORT} { header -Server header -X-Powered-By # Collabora route /browser/* { reverse_proxy {$COLLABORA_HOST}:9980 } route /hosting/* { reverse_proxy {$COLLABORA_HOST}:9980 } route /cool/* { reverse_proxy {$COLLABORA_HOST}:9980 } # Notify Push route /push/* { uri strip_prefix /push reverse_proxy {$NOTIFY_PUSH_HOST}:7867 } # Onlyoffice route /onlyoffice/* { uri strip_prefix /onlyoffice reverse_proxy {$ONLYOFFICE_HOST}:80 { header_up X-Forwarded-Host {http.request.host}/onlyoffice header_up X-Forwarded-Proto https } } # Talk route /standalone-signaling/* { uri strip_prefix /standalone-signaling reverse_proxy {$TALK_HOST}:8081 } # Others import /mnt/data/caddy-imports/* # Nextcloud route { rewrite /.well-known/carddav /remote.php/dav rewrite /.well-known/caldav /remote.php/dav header Strict-Transport-Security max-age=31536000; reverse_proxy localhost:8000 } # TLS options tls { issuer acme { disable_http_challenge } } }