vielle.dev / server-config
this repo has no description
2
fork

Configure Feed

Select the types of activity you want to include in your feed.

format caddyfile

afterlifepro 09b0cf07 bd7421b2

+123 -123
+123 -123
caddy/Caddyfile
··· 1 1 { 2 - debug 3 - email {$ADMIN_EMAIL:404@vielle.dev} 4 - on_demand_tls { 5 - ask http://pi:8000/tls-check 6 - } 2 + debug 3 + email {$ADMIN_EMAIL:404@vielle.dev} 4 + on_demand_tls { 5 + ask http://pi:8000/tls-check 6 + } 7 7 } 8 8 9 9 (error) { 10 - handle_errors { 11 - @custom_err file /{err.status_code}.html 12 - handle @custom_err { 13 - rewrite * {file_match.relative} 14 - file_server 15 - } 16 - } 10 + handle_errors { 11 + @custom_err file /{err.status_code}.html 12 + handle @custom_err { 13 + rewrite * {file_match.relative} 14 + file_server 15 + } 16 + } 17 17 18 - handle_errors { 19 - respond "{err.status_code} {err.status_text}" 20 - } 18 + handle_errors { 19 + respond "{err.status_code} {err.status_text}" 20 + } 21 21 } 22 22 23 23 (did-web) { 24 - handle /.well-known/atproto-did { 25 - header Access-Control-Allow-Origin "*" 26 - respond "did:web:{args[0]}" 27 - } 24 + handle /.well-known/atproto-did { 25 + header Access-Control-Allow-Origin "*" 26 + respond "did:web:{args[0]}" 27 + } 28 28 29 - handle /.well-known/did.json { 30 - header Content-Type "application/json" 31 - header Access-Control-Allow-Origin "*" 32 - respond <<JSON 29 + handle /.well-known/did.json { 30 + header Content-Type "application/json" 31 + header Access-Control-Allow-Origin "*" 32 + respond <<JSON 33 33 { 34 34 "@context": [ 35 35 "https://www.w3.org/ns/did/v1", ··· 57 57 ] 58 58 } 59 59 JSON 200 60 - } 60 + } 61 61 } 62 62 63 63 (log) { 64 - log {args[0]} { 65 - output stdout 66 - format console 67 - } 64 + log {args[0]} { 65 + output stdout 66 + format console 67 + } 68 68 } 69 69 70 70 ## main site 71 71 www.{$HOST:vielle.dev} { 72 - redir https://{$HOST:vielle.dev}{uri} 72 + redir https://{$HOST:vielle.dev}{uri} 73 73 } 74 74 75 75 {$HOST:vielle.dev} { 76 - import log prs 77 - reverse_proxy prs:4321 76 + import log prs 77 + reverse_proxy prs:4321 78 78 } 79 79 80 80 ## dongs.zip 81 81 {$DONG_HOST:dongs.zip} { 82 - import log dong 83 - import did-web "{$DONG_HOST:dongs.zip}" "{$DONG_HOST:dongs.zip}" "zQ3sha8L4YgButkPAFtN4LB2cNai6bBbm7yFJ2kS5iG6KySxd", "pds.vielle.dev" 84 - import error 85 - 86 - encode 87 - root /srv/dong 88 - file_server 82 + import log dong 83 + import did-web "{$DONG_HOST:dongs.zip}" "{$DONG_HOST:dongs.zip}" "zQ3sha8L4YgButkPAFtN4LB2cNai6bBbm7yFJ2kS5iG6KySxd", "pds.vielle.dev" 84 + import error 85 + 86 + encode 87 + root /srv/dong 88 + file_server 89 89 } 90 90 91 91 ## misc did:web 92 92 alt.{$HOST:vielle.dev} { 93 - import did-web "alt.{$HOST:vielle.dev}" "alt.{$HOST:vielle.dev}" "zQ3shpgbkbxvf5UjBwQcnjf68rg2DKTRQSttBEGokZbx2BzxY" "pds.vielle.dev" 93 + import did-web "alt.{$HOST:vielle.dev}" "alt.{$HOST:vielle.dev}" "zQ3shpgbkbxvf5UjBwQcnjf68rg2DKTRQSttBEGokZbx2BzxY" "pds.vielle.dev" 94 94 } 95 95 96 96 ## send old dong.vielle.dev => dongs.zip 97 97 dong.{$HOST:vielle.dev} { 98 - redir https://{$DONG_HOST:dongs.zip}{uri} 98 + redir https://{$DONG_HOST:dongs.zip}{uri} 99 99 } 100 100 101 101 ## toy projects 102 102 saltire-the-gays.{$HOST:vielle.dev} { 103 - import log saltire 104 - encode 105 - root /srv/saltire 106 - import error 107 - file_server 103 + import log saltire 104 + encode 105 + root /srv/saltire 106 + import error 107 + file_server 108 108 } 109 109 110 110 ## personal projects 111 111 dnd.{$HOST:vielle.dev} { 112 - import log dnd 113 - encode 114 - root /srv/dnd 115 - import error 116 - file_server 112 + import log dnd 113 + encode 114 + root /srv/dnd 115 + import error 116 + file_server 117 117 } 118 118 119 119 mc.{$HOST:vielle.dev} { 120 - import log mc 121 - encode 122 - root /srv/mc.vielle.dev 123 - import error 124 - file_server 120 + import log mc 121 + encode 122 + root /srv/mc.vielle.dev 123 + import error 124 + file_server 125 125 } 126 126 127 127 ## atproto services 128 128 ### pds 129 129 pds.{$HOST:vielle.dev}, *.pds.{$HOST:vielle.dev}, *.at.{$HOST:vielle.dev}, *.at.{$DONG_HOST:dongs.zip} { 130 - import log pds 131 - tls { 132 - on_demand 133 - } 130 + import log pds 131 + tls { 132 + on_demand 133 + } 134 134 135 - rewrite / /pds 136 - @landing path /pds /styles.css 137 - reverse_proxy @landing landing:8000 138 - 139 - # disable age assurance 140 - handle /xrpc/app.bsky.ageassurance.getState { 141 - header content-type "application/json" 142 - header access-control-allow-headers "authorization,dpop,atproto-accept-labelers,atproto-proxy" 143 - header access-control-allow-origin "*" 144 - respond `{"state":{"lastInitiatedAt":"2025-07-14T14:22:43.912Z","status":"assured","access":"full"},"metadata":{"accountCreatedAt":"2022-11-17T00:35:16.391Z"}}` 200 145 - } 135 + rewrite / /pds 136 + @landing path /pds /styles.css 137 + reverse_proxy @landing landing:8000 146 138 147 - # pds gatekeeper 148 - @gatekeeper { 149 - path /xrpc/com.atproto.server.getSession 150 - path /xrpc/com.atproto.server.describeServer 151 - path /xrpc/com.atproto.server.updateEmail 152 - path /xrpc/com.atproto.server.createSession 153 - path /xrpc/com.atproto.server.createAccount 154 - path /@atproto/oauth-provider/~api/sign-in 155 - path /gate/* 156 - } 139 + # disable age assurance 140 + handle /xrpc/app.bsky.ageassurance.getState { 141 + header content-type "application/json" 142 + header access-control-allow-headers "authorization,dpop,atproto-accept-labelers,atproto-proxy" 143 + header access-control-allow-origin "*" 144 + respond `{"state":{"lastInitiatedAt":"2025-07-14T14:22:43.912Z","status":"assured","access":"full"},"metadata":{"accountCreatedAt":"2022-11-17T00:35:16.391Z"}}` 200 145 + } 157 146 158 - handle @gatekeeper { 159 - reverse_proxy {$ADDR_PDS_GATEKEEPER} 160 - } 147 + # pds gatekeeper 148 + @gatekeeper { 149 + path /xrpc/com.atproto.server.getSession 150 + path /xrpc/com.atproto.server.describeServer 151 + path /xrpc/com.atproto.server.updateEmail 152 + path /xrpc/com.atproto.server.createSession 153 + path /xrpc/com.atproto.server.createAccount 154 + path /@atproto/oauth-provider/~api/sign-in 155 + path /gate/* 156 + } 161 157 162 - reverse_proxy {$ADDR_PDS} { 163 - transport http { 164 - dial_timeout 5s 165 - } 166 - } 158 + handle @gatekeeper { 159 + reverse_proxy {$ADDR_PDS_GATEKEEPER} 160 + } 161 + 162 + reverse_proxy {$ADDR_PDS} { 163 + transport http { 164 + dial_timeout 5s 165 + } 166 + } 167 167 } 168 168 169 169 ### tangled knot 170 170 # (see nginx.conf for ssh proxying) 171 171 knot.{$HOST:vielle.dev} { 172 - import log knot 173 - rewrite / /knot 174 - @landing path /knot /styles.css 175 - reverse_proxy @landing landing:8000 172 + import log knot 173 + rewrite / /knot 174 + @landing path /knot /styles.css 175 + reverse_proxy @landing landing:8000 176 176 177 - reverse_proxy {$ADDR_KNOT} 177 + reverse_proxy {$ADDR_KNOT} 178 178 } 179 179 180 180 ### piper instance 181 181 # technically publicly visible... its _fine_ (+ i cant do jack shit abt it rn so) 182 182 piper.{$HOST:vielle.dev} { 183 - import log piper 184 - reverse_proxy {$ADDR_PIPER} 183 + import log piper 184 + reverse_proxy {$ADDR_PIPER} 185 185 } 186 186 187 187 ##### tmp web dev telephone cimd 188 188 cimd.{$HOST:vielle.dev} { 189 - import log cimd 189 + import log cimd 190 190 191 - handle /oauth-client-metadata.json { 192 - header Content-Type "application/json" 193 - header Access-Control-Allow-Origin "*" 194 - respond <<JSON 195 - { 196 - "client_id": "https://cimd.{$HOST:vielle.dev}/oauth-client-metadata.json", 197 - "application_type": "web", 198 - "grant_types": ["authorization_code"], 199 - "scope": "atproto transition:generic", 200 - "response_types": ["code"], 201 - "redirect_uris": [ 202 - "https://cimd.{$HOST:vielle.dev}", 203 - "https://cimd.{$HOST:vielle.dev}/oauth/callback", 204 - "https://cimd.{$HOST:vielle.dev}/atproto/callback" 205 - ], 206 - "token_endpoint_auth_method": "none", 207 - "dpop_bound_access_tokens": true, 208 - "client_name": "cimd.{$HOST:vielle.dev}", 209 - "client_uri": "https://cimd.{$HOST:vielle.dev}" 210 - } 211 - JSON 200 212 - } 191 + handle /oauth-client-metadata.json { 192 + header Content-Type "application/json" 193 + header Access-Control-Allow-Origin "*" 194 + respond <<JSON 195 + { 196 + "client_id": "https://cimd.{$HOST:vielle.dev}/oauth-client-metadata.json", 197 + "application_type": "web", 198 + "grant_types": ["authorization_code"], 199 + "scope": "atproto transition:generic", 200 + "response_types": ["code"], 201 + "redirect_uris": [ 202 + "https://cimd.{$HOST:vielle.dev}", 203 + "https://cimd.{$HOST:vielle.dev}/oauth/callback", 204 + "https://cimd.{$HOST:vielle.dev}/atproto/callback" 205 + ], 206 + "token_endpoint_auth_method": "none", 207 + "dpop_bound_access_tokens": true, 208 + "client_name": "cimd.{$HOST:vielle.dev}", 209 + "client_uri": "https://cimd.{$HOST:vielle.dev}" 210 + } 211 + JSON 200 212 + } 213 213 214 - @not-oauth `{path} != "/oauth-client-metadata.json"` 215 - handle @not-oauth { 216 - redir http://localhost:3000{uri} 217 - } 218 - } 214 + @not-oauth `{path} != "/oauth-client-metadata.json"` 215 + handle @not-oauth { 216 + redir http://localhost:3000{uri} 217 + } 218 + }