cal/claude-home
1
0
Fork 0
Code Issues 6 Pull Requests 4 Actions Packages Projects Releases Wiki Activity
c08e779e42
claude-home/server-configs/caddy-migration/Caddyfile
Cal Corum c08e779e42 docs: add caddy migration config, tdarr flow backup, and troubleshooting updates 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-08 13:13:21 -05:00

222 lines
4.2 KiB
Caddyfile
Raw Blame History

# ============================================================
# Caddy Reverse Proxy - manticorum.com homelab
# Replaces: Nginx Proxy Manager on 10.10.0.16
# ============================================================
# Global options
{
email admin@manticorum.com
# DNS-01 challenge via Cloudflare for automatic wildcard cert
acme_dns cloudflare {env.CF_API_TOKEN}
# Trust Cloudflare proxy IPs so {client_ip} reflects real visitor
servers {
trusted_proxies static \
173.245.48.0/20 \
103.21.244.0/22 \
103.22.200.0/22 \
103.31.4.0/22 \
141.101.64.0/18 \
108.162.192.0/18 \
190.93.240.0/20 \
188.114.96.0/20 \
197.234.240.0/22 \
198.41.128.0/17 \
162.158.0.0/15 \
104.16.0.0/13 \
104.24.0.0/14 \
172.64.0.0/13 \
131.0.72.0/22 \
10.0.0.0/8 \
172.16.0.0/12 \
192.168.0.0/16
client_ip_headers CF-Connecting-IP
}
}
# ============================================================
# Reusable snippets
# ============================================================
# Internal-only access list
# Allows: local subnets + home public IP
# Equivalent to NPM "Internal Only" access list (id=1)
(internal_only) {
@blocked not remote_ip 10.0.0.0/23 10.10.0.0/24 73.36.102.55/32
respond @blocked "Access denied" 403
}
# Standard proxy headers sent to backends
(proxy_headers) {
header_up X-Real-IP {client_ip}
header_up X-Forwarded-For {client_ip}
header_up X-Forwarded-Proto {scheme}
header_up X-Forwarded-Host {host}
}
# ============================================================
# Public services (no IP restriction)
# ============================================================
# SBA Dev Website
sbadev.manticorum.com {
reverse_proxy 10.10.0.33:801 {
import proxy_headers
}
header Access-Control-Allow-Origin *
}
# SBA News (Ghost blog)
sbanews.manticorum.com {
reverse_proxy 10.10.0.88:2368 {
import proxy_headers
}
}
# Paper Dynasty Dev
pddev.manticorum.com {
reverse_proxy 10.10.0.42:813 {
import proxy_headers
}
}
# Foundry VTT
foundry.manticorum.com {
reverse_proxy 10.10.0.223:30000 {
import proxy_headers
}
}
# Paper Dynasty Staging
pds.manticorum.com {
reverse_proxy 10.10.0.42:810 {
import proxy_headers
}
}
# n8n Automation (extended timeouts for long workflows)
n8n.manticorum.com {
reverse_proxy 10.10.0.210:5678 {
import proxy_headers
transport http {
read_timeout 300s
write_timeout 300s
dial_timeout 300s
}
}
}
# Gameplay Demo Frontend
gameplay-demo.manticorum.com {
reverse_proxy 10.0.0.206:3000 {
import proxy_headers
}
}
# Gameplay Demo API
gameplay-api-demo.manticorum.com {
reverse_proxy 10.0.0.206:8000 {
import proxy_headers
}
}
# Memos
memos.manticorum.com {
reverse_proxy 10.10.0.222:5230 {
import proxy_headers
}
}
# NoteDiscovery
notes.manticorum.com {
reverse_proxy 10.10.0.222:8000 {
import proxy_headers
}
}
# Vagabond (Foundry VTT - alternate world)
vagabond.manticorum.com {
reverse_proxy 10.10.0.223:30000 {
import proxy_headers
}
}
# Pocket
pocket.manticorum.com {
reverse_proxy 10.0.0.233:80 {
import proxy_headers
}
}
# Gitea
git.manticorum.com {
reverse_proxy 10.10.0.225:3000 {
import proxy_headers
}
}
# OmniTools
omnitools.manticorum.com {
reverse_proxy 10.10.0.210:8080 {
import proxy_headers
}
}
# Termix
termix.manticorum.com {
reverse_proxy 10.10.0.210:8180 {
import proxy_headers
}
}
# Uptime Kuma
status.manticorum.com {
reverse_proxy 10.10.0.227:3001 {
import proxy_headers
}
}
# Jellyfin Media Server
jellyfin.manticorum.com {
reverse_proxy 10.10.0.226:8096 {
import proxy_headers
}
}
# ============================================================
# Internal-only services (restricted to local network)
# ============================================================
# Radarr
radarr.manticorum.com {
import internal_only
reverse_proxy 10.10.0.221:7878 {
import proxy_headers
}
}
# Sonarr
sonarr.manticorum.com {
import internal_only
reverse_proxy 10.10.0.221:8989 {
import proxy_headers
}
}
# Jellyseerr
jellyseer.manticorum.com {
import internal_only
reverse_proxy 10.10.0.221:5055 {
import proxy_headers
}
}
# OpenClaw AI Assistant
openclaw.manticorum.com {
import internal_only
reverse_proxy 10.10.0.224:18789 {
import proxy_headers
}
}
Reference in New Issue View Git Blame Copy Permalink