boma/roles/reverse_proxy/templates/Caddyfile.j2
sjat 1333ec181f feat(reverse_proxy): raw-directive route type; wire NetBird (gRPC/WS) route
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-15 17:55:05 +02:00

21 lines
720 B
Django/Jinja

# {{ ansible_managed }}
{
email {{ reverse_proxy__acme_email }}
{% if reverse_proxy__acme_dns_provider == 'gandi' %}
# ACME DNS-01 via Gandi (mesh/LAN-only hosts, incl. wildcard certs). Token is the
# Gandi PAT, injected from the env file as a Bearer token (ADR-024). Needs the custom
# caddy-gandi image — the upstream caddy:2 has no DNS provider modules.
acme_dns gandi {env.GANDI_BEARER_TOKEN}
{% endif %}
}
{% for r in reverse_proxy__routes %}
{{ r['host'] }} {
{% if r['caddy'] is defined %}
{{ r['caddy'] | trim | indent(2, first=true) }}
{% elif r['upstream'] is defined %}
reverse_proxy {{ r['upstream'] }}
{% else %}
respond "{{ r['respond'] | default('boma') }}" 200
{% endif %}
}
{% endfor %}