dustin/configpolicy
1
1
Fork 0
Code Issues Releases Activity

r/frigate-caddy: Deploy Caddy in front of Frigate

Browse Source 
Deploying Caddy as a reverse proxy for Frigate enables HTTPS with a
certificate issued by the internal CA (via ACME) and authentication via
Authelia.

Separating the installation and base configuratieon of Caddy into its
own role will allow us to reuse that part for other sapplications that
use Caddy for similar reasons.
This commit is contained in:
Dustin
2024-08-12 18:27:41 -05:00
parent 59be10a51c
commit 6c71d96f81
9 changed files with 101 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
roles/frigate-caddy/templates/Caddyfile.j2 Normal file
View File

@@ -0,0 +1,23 @@
{# vim: set sw=4 ts=4 sts=4 et : #}
{{ frigate_caddy_server_name }} {
{% if frigate_caddy_forward_auth|d %}
forward_auth {{ frigate_caddy_forward_auth.url }} {
uri {{ frigate_caddy_forward_auth.path }}
header_up Host {upstream_hostport}
@unauthorized status 401
handle_response @unauthorized {
respond "" 301
header Location {{ frigate_caddy_forward_auth.url}}{{ frigate_caddy_forward_auth.location }}
}
}
{% endif %}
reverse_proxy localhost:5000
{% if frigate_caddy_acme|d %}
tls {{ frigate_caddy_acme.email }} {
ca {{ frigate_caddy_acme.url }}
}
{% endif %}
}