46 lines
1.3 KiB
Django/Jinja
46 lines
1.3 KiB
Django/Jinja
{{ sigvild_gallery_api_domain }} {
|
|
reverse_proxy {{ sigvild_gallery_host }}:{{ sigvild_gallery_port }} {
|
|
header_up Host {upstream_hostport}
|
|
header_up X-Real-IP {remote_host}
|
|
header_up X-Forwarded-Proto https
|
|
|
|
# Health check
|
|
health_uri /api/health
|
|
health_timeout 5s
|
|
health_interval 30s
|
|
}
|
|
|
|
# CORS headers for frontend domain
|
|
@cors {
|
|
header Origin https://{{ sigvild_gallery_frontend_domain }}
|
|
}
|
|
header @cors {
|
|
Access-Control-Allow-Origin "https://{{ sigvild_gallery_frontend_domain }}"
|
|
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, PATCH, OPTIONS"
|
|
Access-Control-Allow-Headers "Content-Type, Authorization, X-Requested-With"
|
|
Access-Control-Allow-Credentials true
|
|
Access-Control-Max-Age 86400
|
|
}
|
|
|
|
# Handle preflight requests
|
|
@preflight {
|
|
method OPTIONS
|
|
}
|
|
respond @preflight 204
|
|
|
|
# Security headers for API
|
|
header {
|
|
X-Frame-Options DENY
|
|
X-Content-Type-Options nosniff
|
|
X-XSS-Protection "1; mode=block"
|
|
Referrer-Policy strict-origin-when-cross-origin
|
|
}
|
|
|
|
# API logging
|
|
log {
|
|
output file /var/log/caddy/sigvild-api.log
|
|
level INFO
|
|
format json
|
|
}
|
|
}
|