20 lines
365 B
Caddyfile
20 lines
365 B
Caddyfile
# HTTP site: redirect everything to HTTPS
|
|
http://localhost {
|
|
redir https://{host}{uri} permanent
|
|
}
|
|
|
|
# HTTPS site
|
|
https://localhost {
|
|
reverse_proxy web:80
|
|
tls internal
|
|
|
|
# Optional: security headers (defense-in-depth)
|
|
header {
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "DENY"
|
|
Referrer-Policy "no-referrer"
|
|
}
|
|
}
|
|
|
|
|