stacks/homelab/caddy/Caddyfile

{
  email neale@woozle.org
  #debug
}

(restricted-access) {
  forward_auth auth:4180 {
    uri /oauth2/auth
    copy_headers Authorization X-Auth-Request-Access-Token

    @bad status 4xx
    handle_response {
      redir https://auth.woozle.org/oauth2/start?rd={scheme}://{host}{uri}
    }
  }
}

(restricted-access-naiive) {
  forward_auth auth:4180 {
    uri /oauth2/auth
    # No copy-headers, so things don't get confused

    @bad status 4xx
    handle_response {
      redir https://auth.woozle.org/oauth2/start?rd={scheme}://{host}{uri}
    }
  }
}

auth.woozle.org {
  reverse_proxy auth:4180
}

git.woozle.org {
  reverse_proxy gitea:3000
}

drive.woozle.org {
  import restricted-access-naiive
  reverse_proxy webfs:5000
  #reverse_proxy filebrowser:80
  #reverse_proxy nextcloud:80
}

# XXX: have this use caddy auth
ancestry.woozle.org {
  reverse_proxy geneweb:2317
}

photos.woozle.org {
  import restricted-access
  reverse_proxy photos:8080  # photofield, photoprism, pigallery2
}

xfer.woozle.org {
  reverse_proxy picoshare:4001
}

irc.woozle.org, irc.entar.net {
  handle_path /socket {
    reverse_proxy ircd:8067
  }
  handle /imgme/* {
    reverse_proxy imgme:8080
  }
  root * /srv/sys/www/irc.woozle.org/
  file_server
}

##
## handle sends original path
## handle_path truncates path
##

deergrove.woozle.org {
  import restricted-access

  handle_path /ddns/* {
    reverse_proxy ddns:8000
  }

  handle /transmission/* {
    reverse_proxy transmission:9091
  }

  handle /nzbget/* {
    reverse_proxy nzbget:6789
  }

  handle /sonarr/* {
    reverse_proxy sonarr:8989
  }
  handle /radarr/* {
    reverse_proxy radarr:7878
  }
  handle /readarr/* {
    reverse_proxy readarr:8787
  }
  handle /lidarr/* {
    reverse_proxy lidarr:8686
  }
  handle /prowlarr/* {
    reverse_proxy prowlarr:9696
  }
  handle_path /sucker/* {
    reverse_proxy sucker:8080
  }

  handle_path /netdata/* {
    reverse_proxy netdata:19999
  }

  # Octoprint serves up broken webcam URLs
  uri replace /webcam/ /octoprint/webcam/
  handle_path /octoprint/* {
    reverse_proxy {
      to 192.168.86.20:80
      header_up X-Script-Name "/octoprint"
    }
  }

  handle {
    reverse_proxy portal:8080
  }
}