Last active
November 8, 2025 18:26
-
-
Save yukimochi/bb7c90cbe628f216f821e835df1aeac1 to your computer and use it in GitHub Desktop.
Revisions
-
yukimochi revised this gist
Mar 7, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,6 +5,7 @@ https://yourdomain.example.com { @local { file not path / } @local_media { path_regexp /system/(.*) -
Naoki Kosaka revised this gist
May 16, 2020 . No changes.There are no files selected for viewing
-
May 16, 2020 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ email [email protected] } https://yourdomain.example.com { @local { file } -
May 15, 2020 . No changes.There are no files selected for viewing
-
May 15, 2020 . 2 changed files with 69 additions and 6 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,9 +6,10 @@ https://yourdomain.example.com/ { gzip header / { Strict-Transport-Security "max-age=31536000" } header /sw.js Cache-Control "public, max-age=0" header /emoji Cache-Control "public, max-age=31536000, immutable" header /packs Cache-Control "public, max-age=31536000, immutable" header /system/accounts/avatars Cache-Control "public, max-age=31536000, immutable" @@ -19,8 +20,8 @@ https://yourdomain.example.com/ { } rewrite { if {path} is / to /proxy{path} } rewrite { @@ -40,7 +41,5 @@ https://yourdomain.example.com/ { websocket } tls [email protected] } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,64 @@ { email [email protected] } https://yourdomain.example.com/ { @local { file } @local_media { path_regexp /system/(.*) } @streaming { path /api/v1/streaming/* } @cache_control { path_regexp ^/(emoji|packs|/system/accounts/avatars|/system/media_attachments/files) } root * /home/mastodon/live/public log { output file /var/log/caddy/mastodon.log } encode zstd gzip handle_errors { rewrite 500.html file_server } header { Strict-Transport-Security "max-age=31536000" } header /sw.js Cache-Control "public, max-age=0" header @cache_control Cache-Control "public, max-age=31536000, immutable" handle @local { file_server } ## If you've been migrated media from local to object storage, this navigate old URL to new one. # redir @local_media https://yourobjectstorage.example.com/{http.regexp.1} permanent reverse_proxy @streaming { to http://localhost:4000 transport http { keepalive 5s keepalive_idle_conns 10 } } reverse_proxy { to http://localhost:3000 header_up X-Forwarded-Port 443 header_up X-Forwarded-Proto https transport http { keepalive 5s keepalive_idle_conns 10 } } } -
Sep 12, 2017 . 1 changed file with 6 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,17 +1,18 @@ https://yourdomain.example.com/ { log / /var/log/caddy/mastodon.log "{combined}" { rotate_age 90 } root /home/mastodon/live/public gzip header / { Strict-Transport-Security "max-age=31536000;" } header /emoji Cache-Control "public, max-age=31536000, immutable" header /packs Cache-Control "public, max-age=31536000, immutable" header /system/accounts/avatars Cache-Control "public, max-age=31536000, immutable" header /system/media_attachments/files Cache-Control "public, max-age=31536000, immutable" errors { * 500.html @@ -22,16 +23,11 @@ https://yourdomain.example.com/ { to /proxy{path} } rewrite { if {path} not_has /api/v1/streaming to {path} /proxy{path} } proxy /proxy localhost:3000 { without /proxy -
Sep 12, 2017 . 1 changed file with 7 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,16 +1,11 @@ https://yourdomain.example.com/ { root /home/mastodon/live/public gzip header / { Strict-Transport-Security "max-age=31536000;" Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://yourdomain.example.com; upgrade-insecure-requests" } header /assets Cache-Control "public, max-age=31536000, immutable" @@ -27,11 +22,16 @@ https://yourdomain.example.com/ { to /proxy{path} } rewrite / { if {path} not_has /api/v1/streaming to {path} /proxy{path} } rewrite / { if {path} has /api/v1/streaming to {path} } proxy /proxy localhost:3000 { without /proxy -
Aug 2, 2017 . 1 changed file with 7 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,11 +1,16 @@ https://yourdomain.example.com/ { log / /var/log/caddy/mastodon.log "{combined}" { rotate_age 90 } root /home/mastodon/live/public gzip header / { Strict-Transport-Security "max-age=31536000;" Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://yourdomain.example.com; upgrade-insecure-requests" X-Content-Type-Options "nosniff" X-Frame-Options "DENY" X-XSS-Protection "1; mode=block" } header /assets Cache-Control "public, max-age=31536000, immutable" @@ -22,16 +27,11 @@ https://yourdomain.example.com/ { to /proxy{path} } rewrite { if {path} not_has /api/v1/streaming to {path} /proxy{path} } proxy /proxy localhost:3000 { without /proxy -
May 4, 2017 . 1 changed file with 33 additions and 5 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,17 +1,45 @@ https://yourdomain.example.com/ { root /home/mastodon/live/public gzip header / { Strict-Transport-Security "max-age=31536000;" Content-Security-Policy "style-src 'self' 'unsafe-inline'; script-src 'self'; object-src 'self'; img-src data: https:; media-src data: https:; connect-src 'self' wss://yourdomain.example.com; upgrade-insecure-requests" } header /assets Cache-Control "public, max-age=31536000, immutable" header /packs Cache-Control "public, max-age=31536000, immutable" header /system/media_attachments/files Cache-Control "public, max-age=31536000, immutable" header /system/accounts/avatars Cache-Control "public, max-age=31536000, immutable" errors { * 500.html } rewrite { if {path} is / to /proxy{path} } rewrite / { if {path} not_has /api/v1/streaming to {path} /proxy{path} } rewrite / { if {path} has /api/v1/streaming to {path} } proxy /proxy localhost:3000 { without /proxy transparent websocket } proxy /api/v1/streaming localhost:4000 { transparent websocket } -
May 1, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,22 @@ https://yourdomain.example.com/ { root /home/mastodon/live/public header / Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" header / Referrer-Policy "no-referrer" header / Content-Security-Policy "default-src 'self'; img-src 'self' https://* data: ; connect-src wss://yourdomain.example.com 'self';script-src 'self'; style-src 'self' 'unsafe-inline'; media-src 'self' https://*; child-src https:; frame-ancestors 'none'" proxy / 127.0.0.1:3000 { transparent websocket } proxy /api/v1/streaming 127.0.0.1:4000 { transparent websocket } tls your@mail-address.example.com { protocols tls1.2 } }
Naoki Kosaka
revised
this gist