digiformer/slimcore-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
slimcore-website/infra/marketing-vps/Caddyfile

113 lines
2.8 KiB
Text
Raw Normal View History

Initial Astro-Build, Deployment-Setup und Forgejo-Workflow - Astro 6 + React + Tailwind v4 Projekt-Skelett mit allen Marketing-Seiten (Home, Module, Tester, Souveränität, Roadmap, Kontakt, Impressum, Datenschutz) - Self-hosted Outfit + JetBrains Mono Fonts (DSGVO) - Marketing-Komponenten gemäss CLAUDE.md §5.6 (NumberedItem, ModuleCard, StatusDot, TechStrip, SovereigntyBlock, RoadmapTimeline, etc.) - Module-Daten in src/content/module.ts als Single Source of Truth - E2E Smoke-Tests via Playwright - OG-Image-Generator - Forgejo Workflow .forgejo/workflows/deploy.yml für Tier-2 Static Deploy - Infra-as-Code Snapshot in infra/marketing-vps/ - Brand-System Submodule auf Forgejo umgezogen (war GitHub) - Deployment- und Handoff-Dokumentation - .DS_Store aus Tracking entfernt, .gitignore um Test-Artefakte ergaenzt
2026-05-04 23:59:35 +00:00
# Marketing-VPS Caddyfile — wird auf marketing.digiformer.eu deployt
#
# Eine Caddy-Instanz hostet alle statischen Marken-Sites über file_server.
# Per-Marke ein Block. Jede Marke hat ihren eigenen Verzeichnis-Tree unter /var/www/<domain>/.
# Forgejo Actions rsync't den Astro-Build-Output dorthin.
{
# globale Optionen
email pascal.oelmann@digiformer.net
servers {
metrics # Prometheus-Endpoint :2019/metrics für späteres Monitoring
}
}
# — slimcore.io —
slimcore.io, www.slimcore.io {
root * /var/www/slimcore.io
encode zstd gzip
header {
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
X-Content-Type-Options nosniff
Referrer-Policy strict-origin-when-cross-origin
Permissions-Policy "interest-cohort=()"
-Server
}
# Astro generiert echte HTML-Files für jede Route, kein SPA-Fallback nötig
# /index.html, /en/index.html, /module/index.html, /en/module/index.html, etc.
file_server
# Sitemap, robots.txt, OG-Image direkt aus dem Root
@static_root path /sitemap-*.xml /robots.txt /favicon.svg /og-default.png
handle @static_root {
file_server
}
# Cache-Header pro Asset-Typ
@assets path /_astro/* /fonts/*
handle @assets {
header Cache-Control "public, max-age=31536000, immutable"
}
@html path *.html /
handle @html {
header Cache-Control "public, max-age=300, must-revalidate"
}
# Redirects — sollten in Astro-Site selbst leben, aber als Sicherheits-Netz hier
redir /home / permanent
redir /index / permanent
log {
output file /var/log/caddy/slimcore.io.log {
roll_size 100MiB
roll_keep 14
}
format json
}
}
# — digiformer.eu — (sobald migriert)
digiformer.eu, www.digiformer.eu {
root * /var/www/digiformer.eu
encode zstd gzip
header Strict-Transport-Security "max-age=31536000; includeSubDomains"
file_server
log {
output file /var/log/caddy/digiformer.eu.log
}
}
# — slimsafe.io — (sobald Marketing-Site existiert)
slimsafe.io, www.slimsafe.io {
root * /var/www/slimsafe.io
encode zstd gzip
header Strict-Transport-Security "max-age=31536000"
file_server
log {
output file /var/log/caddy/slimsafe.io.log
}
}
# — fonboard.io — (sobald Marketing-Site existiert)
fonboard.io, www.fonboard.io {
root * /var/www/fonboard.io
encode zstd gzip
header Strict-Transport-Security "max-age=31536000"
file_server
log {
output file /var/log/caddy/fonboard.io.log
}
}
# — Status-Page (intern, basicauth-geschützt) —
status.digiformer.eu {
reverse_proxy 127.0.0.1:3001
basicauth {
# caddy hash-password generiert den bcrypt-Hash
# echtes Passwort beim Setup setzen
pascal $2a$14$REPLACE_WITH_BCRYPT_HASH
}
}
# Catch-all — unbekannte Hostnames bekommen 404, kein Default-Server
:80 {
respond "Not Found" 404
}
:443 {
respond "Not Found" 404
}
Reference in a new issue Copy permalink