matrix-docker-ansible-deploy/examples/caddy/matrix-synapse
Slavi Pantaleev 63a49bb2dc Do not expose /_synapse/admin publicly by default
Fixes #685 (Github Issue).
2020-10-26 10:36:38 +02:00

32 lines
870 B
Plaintext

https://matrix.DOMAIN {
# If you use your own certificates, your path may differ
# If you wish to use Caddy's built-in Let's Encrypt support, you can also supply an email address here
tls /matrix/ssl/config/live/matrix.DOMAIN/fullchain.pem /matrix/ssl/config/live/matrix.DOMAIN/privkey.pem
root /matrix/static-files
header {
Access-Control-Allow-Origin *
Strict-Transport-Security "mag=age=31536000;"
X-Frame-Options "DENY"
X-XSS-Protection "1; mode=block"
}
# Identity server traffic
proxy /_matrix/identity matrix-msisd:8090 {
transparent
}
proxy /_matrix/client/r0/user_directory/search matrix-msisd:8090 {
transparent
}
# Synapse Client<>Server API
proxy /_matrix matrix-synapse:8008 {
transparent
except /_matrix/identity/ /_matrix/client/r0/user_directory/search
}
proxy /_synapse/client matrix-synapse:8008 {
transparent
}
}