privatecoffee-website/contrib/caddy/Caddyfile

private.coffee www.private.coffee {
	header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"

	header Access-Control-Allow-Origin https://element.private.coffee
	header Access-Control-Allow-Methods "GET"
	header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range"
	header Access-Control-Expose-Headers "Content-Length,Content-Range"

	@matrix {
		path matrix /.well-known/matrix/*
	}

	@assets {
		path assets /assets/*
	}

	@security {
		path security-well-known /.well-known/security.txt
		path security /security.txt
	}

	handle @matrix {
		header /.well-known/matrix/* Content-Type application/json
		header /.well-known/matrix/* Access-Control-Allow-Origin *
		respond /.well-known/matrix/server `{"m.server": "matrix.private.coffee:443"}`
		respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.private.coffee"}}`
	}

	handle @assets {
		file_server
		root * /srv/private.coffee
	}

	handle @security {
		redir https://security.private.coffee/security.txt
	}

	handle {
		reverse_proxy * unix//var/run/uwsgi/privatecoffee.sock
	}
}
Implement dynamic service rendering with Flask Refactored the website to serve dynamic content using Flask, replacing static HTML pages. This allows for the centralized management of service data through a JSON file. Optimizations include: - Added a .gitignore file to exclude Python and Flask-specific temporary files. - Migrated static assets into an organized directory structure to facilitate Flask's static file serving. - Removed redundant HTML files and created Flask template versions with dynamic content rendering. - Introduced Caddy server configuration for the new Flask architecture, including headers for security and CORS policy, and reverse proxy settings for route handling. With these changes, website maintenance and updates are simplified, allowing for service information to be updated in a single location (`services.json`), which then propagates to the user-facing pages automatically. 2023-12-31 12:59:13 +00:00			`private.coffee www.private.coffee {`
			`header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"`

			`header Access-Control-Allow-Origin https://element.private.coffee`
			`header Access-Control-Allow-Methods "GET"`
			`header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range"`
			`header Access-Control-Expose-Headers "Content-Length,Content-Range"`

Refactor matrix config in Caddyfile Grouped `.well-known/matrix` related configurations under a named matcher `@matrix` in the Caddyfile. This change encapsulates the headers and responses for matrix-specific paths, improving readability and maintainability. It aligns with best practices for Caddy configuration, making future updates to matrix-related rules more straightforward. 2024-01-07 10:22:38 +00:00			`@matrix {`
			`path matrix /.well-known/matrix/*`
			`}`
Implement dynamic service rendering with Flask Refactored the website to serve dynamic content using Flask, replacing static HTML pages. This allows for the centralized management of service data through a JSON file. Optimizations include: - Added a .gitignore file to exclude Python and Flask-specific temporary files. - Migrated static assets into an organized directory structure to facilitate Flask's static file serving. - Removed redundant HTML files and created Flask template versions with dynamic content rendering. - Introduced Caddy server configuration for the new Flask architecture, including headers for security and CORS policy, and reverse proxy settings for route handling. With these changes, website maintenance and updates are simplified, allowing for service information to be updated in a single location (`services.json`), which then propagates to the user-facing pages automatically. 2023-12-31 12:59:13 +00:00
			`@assets {`
			`path assets /assets/*`
			`}`

feat(Caddyfile): support security.txt redirection Introduced handling for security.txt requests in the Caddyfile configuration to redirect users to a dedicated security page. This change enables visitors to easily find security policy and vulnerability reporting information by redirecting requests for `/.well-known/security.txt` and `/security.txt` to `https://security.private.coffee/security.txt`. Implementing this standard practice improves transparency and security posture by facilitating clearer communication with security researchers and the public. 2024-03-15 09:55:50 +00:00			`@security {`
			`path security-well-known /.well-known/security.txt`
			`path security /security.txt`
			`}`

Refactor matrix config in Caddyfile Grouped `.well-known/matrix` related configurations under a named matcher `@matrix` in the Caddyfile. This change encapsulates the headers and responses for matrix-specific paths, improving readability and maintainability. It aligns with best practices for Caddy configuration, making future updates to matrix-related rules more straightforward. 2024-01-07 10:22:38 +00:00			`handle @matrix {`
			`header /.well-known/matrix/* Content-Type application/json`
			`header /.well-known/matrix/* Access-Control-Allow-Origin *`
			respond /.well-known/matrix/server `{"m.server": "matrix.private.coffee:443"}`
			respond /.well-known/matrix/client `{"m.homeserver":{"base_url":"https://matrix.private.coffee"}}`
			`}`

Refactor Caddyfile routing directives Simplified the routing and handling directives in the Caddyfile by removing explicit regular expressions for HTML files and reorganizing asset handling. All requests are now served with a more generalized approach, improving readability and potential maintainability of the server configuration. This change encapsulates asset file serving and reverse proxying under specific handles, ensuring a cleaner and more structured configuration. 2023-12-31 13:37:59 +00:00			`handle @assets {`
			`file_server`
			`root * /srv/private.coffee`
			`}`

feat(Caddyfile): support security.txt redirection Introduced handling for security.txt requests in the Caddyfile configuration to redirect users to a dedicated security page. This change enables visitors to easily find security policy and vulnerability reporting information by redirecting requests for `/.well-known/security.txt` and `/security.txt` to `https://security.private.coffee/security.txt`. Implementing this standard practice improves transparency and security posture by facilitating clearer communication with security researchers and the public. 2024-03-15 09:55:50 +00:00			`handle @security {`
			`redir https://security.private.coffee/security.txt`
			`}`

Refactor Caddyfile routing directives Simplified the routing and handling directives in the Caddyfile by removing explicit regular expressions for HTML files and reorganizing asset handling. All requests are now served with a more generalized approach, improving readability and potential maintainability of the server configuration. This change encapsulates asset file serving and reverse proxying under specific handles, ensuring a cleaner and more structured configuration. 2023-12-31 13:37:59 +00:00			`handle {`
			`reverse_proxy * unix//var/run/uwsgi/privatecoffee.sock`
			`}`
Implement dynamic service rendering with Flask Refactored the website to serve dynamic content using Flask, replacing static HTML pages. This allows for the centralized management of service data through a JSON file. Optimizations include: - Added a .gitignore file to exclude Python and Flask-specific temporary files. - Migrated static assets into an organized directory structure to facilitate Flask's static file serving. - Removed redundant HTML files and created Flask template versions with dynamic content rendering. - Introduced Caddy server configuration for the new Flask architecture, including headers for security and CORS policy, and reverse proxy settings for route handling. With these changes, website maintenance and updates are simplified, allowing for service information to be updated in a single location (`services.json`), which then propagates to the user-facing pages automatically. 2023-12-31 12:59:13 +00:00			`}`