e23a56049c
Add HTTP server for Synor Hosting with: - server/mod.rs: Gateway server using axum - server/handler.rs: Request routing to storage, content type detection - server/middleware.rs: Token bucket rate limiting, cache control, metrics - server/ssl.rs: Let's Encrypt auto-provisioning (stub) - bin/hosting-gateway.rs: CLI binary with env var config Docker deployment: - docker/hosting-gateway/Dockerfile: Multi-stage build - docker/hosting-gateway/Caddyfile: Wildcard HTTPS for *.synor.cc - docker-compose.hosting.yml: Full hosting stack with Caddy 37 tests passing.
64 lines
1.2 KiB
Caddyfile
64 lines
1.2 KiB
Caddyfile
# Synor Hosting - Caddy Configuration
|
|
# Automatic HTTPS with Let's Encrypt
|
|
|
|
# Global options
|
|
{
|
|
# Email for Let's Encrypt
|
|
email admin@synor.cc
|
|
|
|
# Use staging for testing (uncomment)
|
|
# acme_ca https://acme-staging-v02.api.letsencrypt.org/directory
|
|
}
|
|
|
|
# Wildcard certificate for *.synor.cc
|
|
*.synor.cc {
|
|
# Reverse proxy to hosting gateway
|
|
reverse_proxy hosting-gateway:8080
|
|
|
|
# Logging
|
|
log {
|
|
output stdout
|
|
format json
|
|
}
|
|
|
|
# Security headers
|
|
header {
|
|
X-Content-Type-Options nosniff
|
|
X-Frame-Options SAMEORIGIN
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
-Server
|
|
}
|
|
|
|
# Compression
|
|
encode gzip zstd
|
|
}
|
|
|
|
# Main domain
|
|
synor.cc {
|
|
# Redirect to www or serve landing page
|
|
reverse_proxy hosting-gateway:8080
|
|
|
|
log {
|
|
output stdout
|
|
format json
|
|
}
|
|
|
|
header {
|
|
X-Content-Type-Options nosniff
|
|
X-Frame-Options SAMEORIGIN
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
-Server
|
|
}
|
|
|
|
encode gzip zstd
|
|
}
|
|
|
|
# Health check endpoint (internal)
|
|
:80 {
|
|
respond /health 200
|
|
|
|
# Forward all other requests
|
|
handle {
|
|
reverse_proxy hosting-gateway:8080
|
|
}
|
|
}
|