Dustin C. Hatch
6c71d96f81
Deploying Caddy as a reverse proxy for Frigate enables HTTPS with a certificate issued by the internal CA (via ACME) and authentication via Authelia. Separating the installation and base configuratieon of Caddy into its own role will allow us to reuse that part for other sapplications that use Caddy for similar reasons.
24 lines
650 B
Django/Jinja
24 lines
650 B
Django/Jinja
{# vim: set sw=4 ts=4 sts=4 et : #}
|
|
{{ frigate_caddy_server_name }} {
|
|
{% if frigate_caddy_forward_auth|d %}
|
|
forward_auth {{ frigate_caddy_forward_auth.url }} {
|
|
uri {{ frigate_caddy_forward_auth.path }}
|
|
header_up Host {upstream_hostport}
|
|
|
|
@unauthorized status 401
|
|
handle_response @unauthorized {
|
|
respond "" 301
|
|
header Location {{ frigate_caddy_forward_auth.url}}{{ frigate_caddy_forward_auth.location }}
|
|
}
|
|
}
|
|
|
|
{% endif %}
|
|
reverse_proxy localhost:5000
|
|
{% if frigate_caddy_acme|d %}
|
|
|
|
tls {{ frigate_caddy_acme.email }} {
|
|
ca {{ frigate_caddy_acme.url }}
|
|
}
|
|
{% endif %}
|
|
}
|