52 lines
1.1 KiB
Caddyfile
52 lines
1.1 KiB
Caddyfile
# Caddyfile for HR AI with automatic HTTPS
|
|
|
|
{$DOMAIN:localhost} {
|
|
# Backend API routes
|
|
handle /api/* {
|
|
reverse_proxy backend:8000
|
|
}
|
|
|
|
# Health check endpoint
|
|
handle /health {
|
|
reverse_proxy backend:8000
|
|
}
|
|
|
|
# OpenAPI docs
|
|
handle /docs {
|
|
reverse_proxy backend:8000
|
|
}
|
|
|
|
handle /redoc {
|
|
reverse_proxy backend:8000
|
|
}
|
|
|
|
handle /openapi.json {
|
|
reverse_proxy backend:8000
|
|
}
|
|
|
|
# Frontend - proxy everything else to Next.js
|
|
handle {
|
|
reverse_proxy frontend:3000
|
|
}
|
|
|
|
# Enable gzip compression
|
|
encode gzip
|
|
|
|
# Security headers
|
|
header {
|
|
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "DENY"
|
|
X-XSS-Protection "1; mode=block"
|
|
Access-Control-Allow-Origin "*"
|
|
Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
|
|
Access-Control-Allow-Headers "Content-Type, Authorization"
|
|
}
|
|
|
|
# Logging
|
|
log {
|
|
output file /var/log/caddy/access.log
|
|
format json
|
|
}
|
|
}
|