example.com {
# 启用 HSTS,有效期 1 年(31536000 秒)
header {
Strict-Transport-Security max-age=31536000
}
# 其他配置...
reverse_proxy localhost:8080
}
标签: Caddy
-
Caddy配置sts(Strict-Transport-Security)
-
Caddy配置CloudBeaver使用Authelia认证
Cloudbeaver反向代理认证配置文档:https://github.com/dbeaver/cloudbeaver/wiki/Reverse-proxy-header-authentication
每个地方单独设置账号就太麻烦了,这里记录Caddy配置Cloudbeaver使用Authelia认证的方式。重点其实就是传递到后端时添加X-User和X-Team两个请求头,caddy推荐的authelia配置使用的是Remote-User和Remote-Groups。
forward_auth authelia:9091 { uri /api/authz/forward-auth ## The following commented line is for configuring the Authelia URL in the proxy. We strongly suggest ## this is configured in the Session Cookies section of the Authelia configuration. # uri /api/authz/forward-auth?authelia_url=https://auth.example.com/ copy_headers { # Remote-User Remote-Groups Remote-Email Remote-Name Remote-User>X-User Remote-Groups>X-Team } } -
使用Caddy反向代理WordPress
具体配置
xxx.xxxx.xxx { tls youremail@yourmailserver root * /path/to/wordpress # GZIP和FPM配置 encode gzip file_server php_fastcgi php:9000 # 静态文件配置 @static_files { path_regexp .(?:css|js|woff2?|svg|gif|map|png|jpg|webp|gif|jpeg|mp4|mp3|wav|mov|heic) } header @static_files { Cache-Control "public, max-age=15778463" X-Robots-Tag "none" X-Permitted-Cross-Domain-Policies "none" X-Frame-Options "SAMEORIGIN" X-Download-Options "noopen" X-Content-Type-Options "nosniff" # Referrer-Policy "no-referrer" } # 禁止访问的目录/文件 @disallowed { #path /wp-cron.php #path /xmlrpc.php path *.sql path /wp-content/uploads/*.php path /wp-content/uploads/*.html path /wp-content/debug.log } rewrite @disallowed =404 }