serguzim/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Restrict access to caddy admin api

Browse source
This commit is contained in:
Tobias Reisinger 2025-05-06 16:23:32 +02:00
parent 4a853065db
commit 83749c4493
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
4 changed files with 11 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

7
playbooks/roles/caddy/vars/main.yml
View file

@ -4,13 +4,10 @@ caddy_acmedns_pass: "{{ vault_caddy.acmedns.pass }}"
caddy_acmedns_subd: "{{ vault_caddy.acmedns.subd }}"
caddy_acmedns_url: "https://{{ acme_dns.host }}"
caddy_ports_default:
- "{{ host_vpn.ip }}:2019:2019"
caddy_ports_extra: "{{ host_services | services_get_attr('ports') | flatten | services_ports_to_docker('reverse_proxy') }}"
caddy_ports: "{{ caddy_ports_default | union(caddy_ports_extra) }}"
caddy_ports: "{{ host_services | services_get_attr('ports') | flatten | services_ports_to_docker('reverse_proxy') }}"
caddy_env:
CADDY_ADMIN: 0.0.0.0:2019
CADDY_ADMIN: unix//run/caddy-admin.sock
ACMEDNS_USER: "{{ caddy_acmedns_user }}"
ACMEDNS_PASS: "{{ caddy_acmedns_pass }}"