Switch to https using Caddy proxy.

2026-01-12 12:06:43 +02:00 · 2026-01-12 12:06:43 +02:00 · f395e5ac6f
commit f395e5ac6f
parent 3f7a2d2d61
3 changed files with 43 additions and 10 deletions
--- a/passman-dev/Caddyfile
+++ b/passman-dev/Caddyfile
@ -0,0 +1,19 @@
+# HTTP site: redirect everything to HTTPS
+http://localhost {
+    redir https://{host}{uri} permanent
+}
+
+# HTTPS site
+https://localhost {
+    reverse_proxy web:80
+    tls internal
+
+    # Optional: security headers (defense-in-depth)
+    header {
+        X-Content-Type-Options "nosniff"
+        X-Frame-Options "DENY"
+        Referrer-Policy "no-referrer"
+    }
+}
+
+
--- a/passman-dev/docker-compose.yml
+++ b/passman-dev/docker-compose.yml
@ -2,8 +2,8 @@
 services:
  web:
    build: .
-    ports:
-      - "80:80"
+    # ports:
+    #   - "80:80"
    volumes:
      - ./php:/var/www/html
    environment:
@ -14,6 +14,18 @@ services:
    depends_on:
      - db

+  proxy:
+    image: caddy:2
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - ./Caddyfile:/etc/caddy/Caddyfile:ro
+      - caddy_data:/data
+      - caddy_config:/config
+    depends_on:
+      - web
+
  db:
    image: mariadb:11
    container_name: passman_db
@ -30,4 +42,6 @@ services:

 volumes:
  dbdata:
+  caddy_data:
+  caddy_config:

--- a/passman-dev/php/passman/index.html
+++ b/passman-dev/php/passman/index.html
@ -15,23 +15,23 @@
 	<br />
 	<ul>
 		<li>
-			<a href="http://localhost/passman/register.php">Registration Form</a>
+			<a href="/passman/register.php">Registration Form</a>
 		</li>
 		<br />
 		<li>
-			<a href="http://localhost/passman/login.php">Login Page</a>
+			<a href="/passman/login.php">Login Page</a>
 		</li>
 		<br />
 		<li>
-			<a href="http://localhost/passman/logout.php">Logout Page</a>
+			<a href="/passman/logout.php">Logout Page</a>
 		</li>
 		<br />
 		<li>
-			<a href="http://localhost/passman/dashboard.php">Dashboard</a> (display passwords for websites)
+			<a href="/passman/dashboard.php">Dashboard</a> (display passwords for websites)
 		</li>
 		<br />
 		<li>
-			<a href="http://localhost/passman/notes.php">Notes</a> (notes/comments/announcements)
+			<a href="/passman/notes.php">Notes</a> (notes/comments/announcements)
 		</li>
 		<br />
 	</ul>
@ -41,18 +41,18 @@
 	<br />
 	<ul>
 		<li>
-			Test <a href="http://localhost/passman/test_hash.php">hashing</a> functions in PHP (server side)
+			Test <a href="/passman/test_hash.php">hashing</a> functions in PHP (server side)
 		</li>
 		<br />
 		<li>
-			Test <a href="http://localhost/passman/test_encrypt.php">encrypting/decrypting</a> functions in PHP (server side)
+			Test <a href="/passman/test_encrypt.php">encrypting/decrypting</a> functions in PHP (server side)
 		</li>
 		<br />
 	</ul>

 	<br />
 	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Hacker's side (for using stealing cookies using XSS):
-	<a href="http://localhost/passman/xss">http://localhost/passman/xss</a>
+	<a href="/passman/xss">passman/xss</a>
 	<br />

 </body>