2024-04-30 22:58:09 +02:00
|
|
|
{
|
2024-05-13 21:04:10 +02:00
|
|
|
email {$ZROK_USER_EMAIL}
|
2024-04-30 22:58:09 +02:00
|
|
|
acme_ca {$CADDY_ACME_API}
|
|
|
|
|
admin 0.0.0.0:2019
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
http:// {
|
|
|
|
|
redir https://{host}{uri} permanent
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*.{$ZROK_DNS_ZONE} {
|
|
|
|
|
tls {
|
|
|
|
|
dns {$CADDY_DNS_PLUGIN} {$CADDY_DNS_PLUGIN_TOKEN}
|
2024-05-07 20:22:22 +02:00
|
|
|
propagation_timeout 60m
|
2024-04-30 22:58:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log {
|
|
|
|
|
output stdout
|
|
|
|
|
format console
|
2024-05-07 20:22:22 +02:00
|
|
|
level INFO
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# ziti administration console uses :443 for the benefit of a web UI cert and accesses the ziti edge-management API
|
|
|
|
|
@ziti host ziti.{$ZROK_DNS_ZONE}
|
|
|
|
|
reverse_proxy @ziti ziti-quickstart:{$ZITI_CTRL_ADVERTISED_PORT:1280} {
|
|
|
|
|
transport http {
|
|
|
|
|
tls_insecure_skip_verify
|
|
|
|
|
}
|
2024-04-30 22:58:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@oauth host oauth.{$ZROK_DNS_ZONE}
|
|
|
|
|
reverse_proxy @oauth zrok-frontend:{$ZROK_OAUTH_PORT}
|
|
|
|
|
|
|
|
|
|
@ctrl host zrok.{$ZROK_DNS_ZONE}
|
|
|
|
|
reverse_proxy @ctrl zrok-controller:{$ZROK_CTRL_PORT}
|
|
|
|
|
|
|
|
|
|
reverse_proxy zrok-frontend:{$ZROK_FRONTEND_PORT} {
|
|
|
|
|
header_up Host {http.request.host}
|
|
|
|
|
}
|
|
|
|
|
}
|
